Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cannot connect to VPN (" not a valid Win32 application" error)


  • Please log in to reply

#1
treestump

treestump

    New Member

  • Member
  • Pip
  • 2 posts
I rebooted my computer this morning, due to poor performance. When it came back, I could no longer connect to my work's VPN.
For years, I've used ShrewSoft VPN dialer and it's worked like a charm. (My backup would be the Cisco dialer).
Today, in the dialer it puts out a message "failed to attach to key daemon". This program uses services ("ShrewSoft IKE Daemon" and "ShrewSoft IPSEC Daemon"). Neither of these services were started, and when I try to start them I get the following error:
---------------------------
Services
---------------------------
Windows could not start the ShrewSoft IKE Daemon service on Local Computer.



Error 193: 0xc1
---------------------------
OK
---------------------------
I tried my Cisco dialer and it wouldn't even start, throwing the following error:
---------------------------
Error
---------------------------
Unable to launch the VPN GUI. Error Code: -1
---------------------------
OK
---------------------------

I have uninstalled and re-installed (with reboots in the middle) the dialers multiple times today with no luck. I have tried the system restore to a day ago and a week ago, with no luck.

When browsing through the event logs, I found this entry, which ultimately lead me to you guys:
The ShrewSoft IKE Daemon service failed to start due to the following error:
ShrewSoft IKE Daemon is not a valid Win32 application.

I still have full access to my task manager, etc. But so far, the only issues I've really noticed is my inability to connect to the VPN.


Any help would be greatly appreciated. The following is the OTL quickscan output.

OTL logfile created on: 12/20/2012 4:44:51 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\brent.warner\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 44.19% Memory free
7.83 Gb Paging File | 5.01 Gb Available in Paging File | 64.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 441.57 Gb Total Space | 334.59 Gb Free Space | 75.77% Space Free | Partition Type: NTFS
Drive F: | 4.20 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: HALLIGAN | User Name: brent.warner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/20 16:44:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\brent.warner\Downloads\OTL.exe
PRC - [2012/12/20 14:35:52 | 001,020,512 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe
PRC - [2012/12/20 14:35:52 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/12/20 14:35:52 | 000,970,696 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\13.2.0\ScriptHelper.exe
PRC - [2012/11/06 16:53:02 | 000,040,960 | ---- | M] () -- B:\dev\code\AtcoGas\Giv\Trunk\AtcoGas.Giv.ApplicationService\bin\x86\Debug\AtcoGas.Giv.ApplicationService.exe
PRC - [2012/10/26 14:24:12 | 001,017,184 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2012/10/15 10:16:14 | 000,423,576 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
PRC - [2012/10/15 10:13:26 | 000,423,576 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
PRC - [2012/09/04 23:00:00 | 003,284,992 | ---- | M] () -- c:\Program Files (x86)\Trillian\plugins\skypekit.exe
PRC - [2012/09/04 23:00:00 | 002,429,904 | ---- | M] (Cerulean Studios) -- C:\Program Files (x86)\Trillian\trillian.exe
PRC - [2012/08/15 14:18:40 | 000,357,016 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2012/08/15 14:17:26 | 000,435,864 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/07/25 14:06:06 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mstart.exe
PRC - [2012/07/25 14:06:06 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mlauncher.exe
PRC - [2012/07/25 14:06:06 | 000,039,816 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mcomm.exe
PRC - [2012/07/02 20:21:38 | 026,868,192 | ---- | M] (Dropbox, Inc.) -- C:\Users\brent.warner\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/04/03 21:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/16 12:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/10/05 17:35:44 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Talkswitch\UDPLogger\UDPLogger.exe
PRC - [2011/04/08 07:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2011/03/04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/02/23 18:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/20 14:35:52 | 001,020,512 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe
MOD - [2012/12/20 14:35:52 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/12/20 14:35:52 | 000,970,696 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\13.2.0\ScriptHelper.exe
MOD - [2012/12/20 14:35:52 | 000,566,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll
MOD - [2012/12/20 14:35:52 | 000,134,600 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll
MOD - [2012/11/27 22:43:17 | 000,460,904 | ---- | M] () -- C:\Users\brent.warner\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppgooglenaclpluginchrome.dll
MOD - [2012/11/27 22:43:16 | 012,456,040 | ---- | M] () -- C:\Users\brent.warner\AppData\Local\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
MOD - [2012/11/27 22:43:15 | 004,008,040 | ---- | M] () -- C:\Users\brent.warner\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
MOD - [2012/11/27 22:42:30 | 000,587,880 | ---- | M] () -- C:\Users\brent.warner\AppData\Local\Google\Chrome\Application\23.0.1271.95\libglesv2.dll
MOD - [2012/11/27 22:42:29 | 000,124,520 | ---- | M] () -- C:\Users\brent.warner\AppData\Local\Google\Chrome\Application\23.0.1271.95\libegl.dll
MOD - [2012/11/27 22:42:22 | 000,157,304 | ---- | M] () -- C:\Users\brent.warner\AppData\Local\Google\Chrome\Application\23.0.1271.95\avutil-51.dll
MOD - [2012/11/27 22:42:21 | 002,168,952 | ---- | M] () -- C:\Users\brent.warner\AppData\Local\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll
MOD - [2012/11/27 22:42:21 | 000,275,576 | ---- | M] () -- C:\Users\brent.warner\AppData\Local\Google\Chrome\Application\23.0.1271.95\avformat-54.dll
MOD - [2012/09/08 12:16:30 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012/09/08 12:16:20 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2012/09/04 23:00:00 | 003,284,992 | ---- | M] () -- c:\Program Files (x86)\Trillian\plugins\skypekit.exe
MOD - [2012/09/04 23:00:00 | 000,187,392 | ---- | M] () -- C:\Program Files (x86)\Trillian\libpng15.dll
MOD - [2012/09/04 23:00:00 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Trillian\libungif.dll
MOD - [2012/09/04 23:00:00 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Trillian\zlib1.dll
MOD - [2012/09/04 23:00:00 | 000,011,264 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\buddy.dll
MOD - [2012/09/04 23:00:00 | 000,007,168 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\talk.dll
MOD - [2012/09/04 23:00:00 | 000,006,656 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\trillian.dll
MOD - [2012/09/04 23:00:00 | 000,006,656 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\events.dll
MOD - [2012/09/04 23:00:00 | 000,003,584 | ---- | M] () -- c:\Program Files (x86)\Trillian\languages\en\toolkit.dll
MOD - [2012/05/15 11:54:16 | 000,070,536 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2012/01/08 08:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011/10/05 02:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2011/06/22 10:46:12 | 000,434,016 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2010/11/24 22:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010/11/17 10:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009/02/26 12:46:56 | 000,064,344 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV:64bit: - [2012/07/30 12:00:04 | 000,422,472 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Synergy\synergyd.exe -- (Synergy)
SRV:64bit: - [2010/11/20 22:24:38 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 20:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
SRV:64bit: - [2009/07/13 20:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2008/07/29 12:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2012/12/20 14:35:52 | 000,711,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012/11/06 16:53:02 | 000,040,960 | ---- | M] () [Auto | Running] -- B:\dev\code\AtcoGas\Giv\Trunk\AtcoGas.Giv.ApplicationService\bin\x86\Debug\AtcoGas.Giv.ApplicationService.exe -- (ATCO Gas DRiV)
SRV - [2012/10/15 10:16:14 | 000,423,576 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe -- (vmware-converter-worker)
SRV - [2012/10/15 10:16:14 | 000,423,576 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe -- (vmware-converter-server)
SRV - [2012/10/15 10:13:26 | 000,423,576 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe -- (vmware-converter-agent)
SRV - [2012/08/15 14:18:40 | 000,357,016 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2012/08/15 14:17:26 | 000,435,864 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2012/08/15 12:19:58 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/08/01 16:10:32 | 000,917,656 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2012/04/03 21:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/19 22:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/02/16 12:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/10/26 08:58:10 | 000,162,816 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2011/10/05 17:35:44 | 000,188,416 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Talkswitch\UDPLogger\UDPLogger.exe -- (TSUDPLogger)
SRV - [2011/03/04 12:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/11/20 22:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 22:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 22:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/08/25 20:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/20 14:35:52 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/08/24 15:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/08/15 14:18:16 | 000,067,224 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2012/08/15 14:18:08 | 000,030,360 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2012/08/15 14:16:52 | 000,045,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2012/08/15 14:16:50 | 000,020,120 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2012/08/15 14:16:16 | 000,032,920 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2012/08/01 16:10:36 | 000,052,376 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2012/07/26 03:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/07/06 11:29:52 | 000,085,104 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2012/07/06 11:29:52 | 000,070,256 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2012/06/26 20:38:30 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012/06/24 21:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/05/23 03:49:22 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2012/05/23 03:49:19 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2012/05/23 03:49:15 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2012/05/23 03:49:15 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2012/05/23 03:49:02 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/05/23 03:49:02 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/19 22:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/06/10 17:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/10 18:27:32 | 001,576,576 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/03/04 12:51:50 | 000,306,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc60.sys -- (netvsc)
DRV:64bit: - [2010/11/20 22:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 22:23:48 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusVideoM.sys -- (SynthVid)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 03:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/02 02:18:46 | 000,021,504 | ---- | M] (Shrew Soft Inc) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vfilter.sys -- (vflt)
DRV:64bit: - [2010/09/02 02:18:46 | 000,017,408 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\virtualnet.sys -- (vnet)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/08 07:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009/10/05 09:08:44 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 19:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008/11/16 17:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2006/11/01 04:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D38423B2-6824-4041-B7E0-39A96993CCC0}
IE:64bit: - HKLM\..\SearchScopes\{D38423B2-6824-4041-B7E0-39A96993CCC0}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {D38423B2-6824-4041-B7E0-39A96993CCC0}
IE - HKLM\..\SearchScopes\{D38423B2-6824-4041-B7E0-39A96993CCC0}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USSMB/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USSMB/1
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...pr&d=2012-12-20 14:36:00&v=13.2.0.4&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@vmware.com/vmrc,version=2.5.0.00000: C:\Program Files (x86)\Common Files\VMware\VMware VMRC Plug-in\Firefox\np-vmware-vmrc.dll (VMware, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\brent.warner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\brent.warner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\firefoxextension\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.4 [2012/12/20 14:36:04 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\brent.warner\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\brent.warner\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\brent.warner\AppData\Local\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\brent.warner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\brent.warner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\brent.warner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: AVG Secure Search = C:\Users\brent.warner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.4_0\
CHR - Extension: AVG Secure Search = C:\Users\brent.warner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.4_0\.bak
CHR - Extension: ChromeIPass = C:\Users\brent.warner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae\1.0.7_0\
CHR - Extension: Gmail = C:\Users\brent.warner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/09/12 08:21:16 | 000,000,886 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 192.168.123.32 www.wayto.com #temporary wayto.com rollover
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\TmIEPlg.dll File not found
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll File not found
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\TmIEPlg32.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll ()
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [GoToMeeting] C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mstart.exe (Citrix Online, a division of Citrix Systems, Inc.)
O4 - HKCU..\Run: [HP Deskjet 3050A J611 series (NET)] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [KeePass Password Safe 2] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - Startup: C:\Users\brent.warner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox - WayTo.lnk = C:\Windows\SysWOW64\runas.exe (Microsoft Corporation)
O4 - Startup: C:\Users\brent.warner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\brent.warner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\brent.warner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Users\brent.warner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\brent.warner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9:64bit: - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.2.cab (DLM Control)
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds...ransferCtrl.cab (DLC Class)
O16 - DPF: {9AD9B5EB-F9E0-47D4-B20F-C29D58C6F5E1} http://srv3.wayto.co.../WayToIndex.CAB (IndeXMap Class)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...xControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53BDCF10-D2A0-4CAE-83D8-E983DEFF0E21}: Domain = wayto.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53BDCF10-D2A0-4CAE-83D8-E983DEFF0E21}: NameServer = 192.168.123.10,4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9000755C-3AEC-4BEE-9726-528878D087F9}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll File not found
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\TmIEPlg.dll File not found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll File not found
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\TmIEPlg32.dll File not found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/02/10 20:29:03 | 000,000,045 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{d80cf839-d75d-11e1-9fc9-7845c40604d6}\Shell - "" = AutoRun
O33 - MountPoints2\{d80cf839-d75d-11e1-9fc9-7845c40604d6}\Shell\AutoRun\command - "" = F:\setup.exe -- [2012/02/11 13:13:59 | 000,200,792 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/20 16:22:16 | 000,000,000 | ---D | C] -- C:\Users\brent.warner\AppData\Local\AVG Secure Search
[2012/12/20 16:17:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
[2012/12/20 16:17:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Deterministic Networks
[2012/12/20 14:36:53 | 000,000,000 | ---D | C] -- C:\Users\brent.warner\AppData\Roaming\AVG2012
[2012/12/20 14:36:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/12/20 14:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/12/20 14:35:59 | 000,030,568 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012/12/20 14:35:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012/12/20 14:35:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/12/20 14:35:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012/12/20 14:35:11 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/12/20 14:35:11 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/12/20 14:35:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2012/12/20 14:34:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012/12/20 14:29:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/12/20 14:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/12/20 14:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\ShrewSoft
[2012/12/20 14:08:10 | 000,000,000 | ---D | C] -- C:\Users\brent.warner\AppData\Local\Shrew Soft VPN
[2012/12/20 14:08:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Shrew Soft VPN
[2012/12/20 14:00:26 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/12/20 12:55:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/12/11 14:43:47 | 000,000,000 | ---D | C] -- C:\Users\brent.warner\AppData\Roaming\DiagViewer
[2012/12/10 22:11:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intergraph
[2012/12/10 21:57:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intergraph
[2012/11/29 09:31:42 | 000,000,000 | ---D | C] -- C:\Users\brent.warner\Documents\MDLProjects V8i (SELECTseries)
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/20 16:30:38 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/20 16:30:38 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/20 16:20:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/20 16:20:53 | 3152,510,976 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/20 16:18:23 | 000,001,594 | ---- | M] () -- C:\Windows\VPNInstall.MIF
[2012/12/20 16:17:25 | 000,002,653 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
[2012/12/20 16:01:20 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2922705048-2099060489-549988293-1000UA.job
[2012/12/20 15:23:23 | 000,001,594 | ---- | M] () -- C:\Windows\VPNUnInstall.MIF
[2012/12/20 14:38:12 | 103,902,607 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/12/20 14:36:06 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/12/20 14:35:52 | 000,030,568 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012/12/20 14:35:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/12/20 14:35:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/12/20 14:01:31 | 000,054,234 | ---- | M] () -- C:\Users\brent.warner\Documents\cc_20121220_140125.reg
[2012/12/20 12:40:58 | 000,002,058 | -H-- | M] () -- C:\Users\brent.warner\Documents\Default.rdp
[2012/12/17 23:47:57 | 000,000,759 | ---- | M] () -- C:\Program
[2012/12/10 19:01:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2922705048-2099060489-549988293-1000Core.job
[2012/12/02 09:03:43 | 000,000,216 | ---- | M] () -- C:\Users\brent.warner\copytog.bat
[2012/11/30 12:00:33 | 000,000,411 | ---- | M] () -- C:\Users\brent.warner\Documents\ChatLog Daily Scrum _WayTo Internal_ 2012_11_30 12_00.rtf
[2012/11/30 10:41:44 | 000,001,302 | ---- | M] () -- C:\Users\Public\Desktop\VMware vCenter Converter Standalone Client.lnk
[2012/11/30 10:41:44 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012/11/30 09:28:28 | 000,966,896 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/30 09:28:28 | 000,795,374 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/30 09:28:28 | 000,170,286 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/28 10:08:59 | 000,001,141 | ---- | M] () -- C:\Users\brent.warner\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2012/11/28 09:50:02 | 000,467,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/20 16:17:25 | 000,002,653 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
[2012/12/20 15:21:51 | 000,001,594 | ---- | C] () -- C:\Windows\VPNUnInstall.MIF
[2012/12/20 14:38:12 | 103,902,607 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/12/20 14:36:06 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/12/20 14:35:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/12/20 14:35:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/12/20 14:01:28 | 000,054,234 | ---- | C] () -- C:\Users\brent.warner\Documents\cc_20121220_140125.reg
[2012/12/17 09:39:45 | 000,000,759 | ---- | C] () -- C:\Program
[2012/12/02 09:03:43 | 000,000,216 | ---- | C] () -- C:\Users\brent.warner\copytog.bat
[2012/11/30 12:00:33 | 000,000,411 | ---- | C] () -- C:\Users\brent.warner\Documents\ChatLog Daily Scrum _WayTo Internal_ 2012_11_30 12_00.rtf
[2012/11/30 10:41:44 | 000,001,302 | ---- | C] () -- C:\Users\Public\Desktop\VMware vCenter Converter Standalone Client.lnk
[2012/11/30 10:41:34 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012/11/28 09:31:56 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/28 09:18:03 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/10/31 00:32:09 | 000,001,658 | ---- | C] () -- C:\Users\brent.warner\AppData\Roaming\SvcTraceViewer.exe.settings
[2012/10/04 16:00:36 | 000,005,806 | ---- | C] () -- C:\Users\brent.warner\advanced_ip_scanner_MAC.bin
[2012/08/22 14:34:10 | 000,198,211 | ---- | C] () -- C:\Users\brent.warner\AppData\Local\debuggee.mdmp
[2012/08/09 09:15:47 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/07/24 07:54:41 | 000,000,286 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/07/24 07:20:15 | 000,180,000 | ---- | C] () -- C:\Windows\aaRemove.exe
[2012/05/23 03:37:25 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/03/19 22:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/19 22:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/19 22:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/03/19 21:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/02/10 09:33:46 | 000,982,012 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/12/20 14:36:53 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\AVG2012
[2012/10/18 08:46:05 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\Bentley
[2012/12/11 15:51:08 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\DiagViewer
[2012/12/20 16:50:24 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\Dropbox
[2012/10/30 14:29:39 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\FileZilla
[2012/11/02 09:47:10 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\Garmin
[2012/09/24 14:26:19 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\ICAClient
[2012/12/20 16:22:19 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\KeePass
[2012/07/25 10:39:23 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\KeePassX
[2012/07/23 15:56:37 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\Notepad++
[2012/07/23 14:03:33 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\PCDr
[2012/08/22 11:17:30 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\PLSQL Developer
[2012/07/23 01:53:42 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\Subversion
[2012/07/24 10:25:51 | 000,000,000 | ---D | M] -- C:\Users\brent.warner\AppData\Roaming\Trillian

========== Purity Check ==========



< End of report >

Edited by treestump, 20 December 2012 - 08:38 PM.

  • 0

Advertisements


#2
treestump

treestump

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I just noticed an extras.txt. Is that part of this run?
OTL Extras logfile created on: 12/20/2012 4:44:51 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\brent.warner\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 44.19% Memory free
7.83 Gb Paging File | 5.01 Gb Available in Paging File | 64.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 441.57 Gb Total Space | 334.59 Gb Free Space | 75.77% Space Free | Partition Type: NTFS
Drive F: | 4.20 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: HALLIGAN | User Name: brent.warner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07597941-AA8D-440F-A7A5-24AF57EB6DA3}" = lport=445 | protocol=6 | dir=in | app=system |
"{0A72F6EC-CE6D-4290-856F-0C0C95DCA0AE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1E5FEB63-C04F-4591-98DF-E10D5B7F8264}" = rport=137 | protocol=17 | dir=out | app=system |
"{221798EA-C46E-45F3-89D2-9613207C39FA}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{30F1F749-A4E0-4097-8E1C-29116A3B0E93}" = lport=2869 | protocol=6 | dir=in | app=system |
"{384F4535-13C3-4CDD-91C9-465D38CAD668}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{390E763D-78CF-4825-984C-55340CDDFEF3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{433E8179-2F2C-464A-8D99-F463AE9E6EB2}" = lport=138 | protocol=17 | dir=in | app=system |
"{628F1774-76BE-4CD7-B6BA-6627CFC73481}" = lport=9089 | protocol=6 | dir=in | name=vmware vcenter converter standalone - agent |
"{6CFAF066-4411-4644-A826-7FAF699DF960}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6EAEB911-39AD-4A20-85C2-8385A9BBDC90}" = rport=139 | protocol=6 | dir=out | app=system |
"{899E3797-9DF0-4DDE-8355-6456E695DB4A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8FB1209C-7ECA-4147-8205-777CB5B966FD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{9A94B245-291B-47A5-BA13-0C4A35816143}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{9F8A10BD-E336-4757-B721-9B7789EEE66F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A106660F-CE01-4093-A685-70F180449E6B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BFEAA212-8868-4614-A23B-482E0F49BD39}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CEB186E6-D80D-4BA4-AEC9-38ED80B76B91}" = rport=445 | protocol=6 | dir=out | app=system |
"{D9FF443A-2316-401F-A002-1829F5C8367A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{DD7AFB6D-5E93-4BBA-956A-81E13058CD1F}" = lport=3389 | protocol=6 | dir=in | app=system |
"{E3B3D2F7-FC21-41CE-B811-B78E09E980F8}" = lport=137 | protocol=17 | dir=in | app=system |
"{EB8ACA12-85FE-4551-BEAA-74092E3D172B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EBE52AF6-10B1-46D8-9100-66271221267A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EE5D277C-5BFF-41BF-982E-B12B217FA724}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F9E10095-B8F8-4C21-A088-40D27AECC3B9}" = lport=139 | protocol=6 | dir=in | app=system |
"{FC473EBB-C428-42F5-849B-1B2D57424D1C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC7D091A-9631-4E3B-92CC-3DA5A756604F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FF98DF5D-345B-41DF-A513-22B3F359A30C}" = rport=138 | protocol=17 | dir=out | app=system |
"{FFED2747-3CA2-400C-BE6D-4FA77217D6CA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02134594-3398-4785-8751-58145BB3A366}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{098015BF-4564-417E-BF50-846FC5A33857}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0AB08162-8820-4380-8805-2B496585472A}" = protocol=58 | dir=in | [email protected],-28545 |
"{0BD80C3D-ABF2-4503-910A-455C5E623B8B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{11A88567-1A54-40C2-BA8D-948110871A90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{11CF8490-7C76-4166-9BF8-E10CC6F614CE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{132047F8-5F72-4563-9584-08C49E8FC81B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1998FC9C-FA51-4DFF-A261-CC833322E0BD}" = protocol=17 | dir=in | app=c:\users\wayto\appdata\roaming\dropbox\bin\dropbox.exe |
"{1E20865A-3763-4D93-9C0E-FD9F157DCD7B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2063953E-F535-4CE4-8055-DF23F62351E1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{288607EA-A277-4839-90C7-BEE8223A01F2}" = protocol=58 | dir=out | [email protected],-28546 |
"{28ED1BAC-ABF2-4EBE-A8F5-AEF965C1A27D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2F56BCD9-6BE5-4C99-B7FD-43658927EED8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{31E85A64-8475-4A99-91F3-AFAB1F728160}" = protocol=6 | dir=out | app=system |
"{3314B445-40F7-4B43-AA56-789B2EB335ED}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{373B9B6E-5F69-4057-9E72-64297EC42BEF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3ECA4E68-E297-4F30-85DB-999604E22A60}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{40EBAECD-56AE-4ADE-BBDF-7B317BCFAEC1}" = protocol=17 | dir=in | app=c:\program files\synergy\synergys.exe |
"{4629D2BC-6441-4546-B423-F021307FA050}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4B0F31B6-7626-45CC-96D3-75CA36E2F8B2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{540D78EA-CB2D-4020-9BCC-9602432AD428}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5AD52227-7253-436A-922B-CB73A174D2CF}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
"{5DE697D3-55AF-49B8-84C5-3184321740CB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{5FB19AA6-F6F0-49A9-BABA-DE91E70FEC26}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgwdsvc.exe |
"{62BEC422-A4D7-4518-8395-41EF86C7D158}" = protocol=1 | dir=out | [email protected],-28544 |
"{65130C67-25FF-4CF5-8538-153AE3E98533}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgwdsvc.exe |
"{6637E7FB-C66A-40B4-8CE7-5E6DB6DE3097}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{6D5F1EB1-33A1-496D-A52B-2413464EF921}" = protocol=6 | dir=in | app=c:\users\wayto\appdata\roaming\dropbox\bin\dropbox.exe |
"{751CDC19-F8A6-411D-A7C2-E9BF6402340A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8950CDF3-6670-4400-BE50-F0F5B4036A53}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8D2B2100-65C1-4959-9518-9913FDDE14CC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{994B3C2B-1C1B-48B7-8CA0-1BB9D2271819}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{9C296954-3FCE-4F81-A595-077201476858}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{9E0B4F0B-6AAF-4399-8C70-0BED020F02F3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A2273DFA-0DBD-4B3B-BFF9-0D6E9A37C507}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{A241072C-DC16-45DA-B97D-115942E1C442}" = protocol=1 | dir=in | [email protected],-28543 |
"{B4B7464E-CEE0-49A5-B748-C781309D85E5}" = protocol=6 | dir=in | app=c:\users\brent.warner\appdata\roaming\dropbox\bin\dropbox.exe |
"{B88D9509-E3AE-43ED-9ABC-771B19583BB8}" = protocol=6 | dir=in | app=c:\program files\synergy\synergys.exe |
"{D148D506-CCEE-4F29-B5F7-5F6EFBED5DCF}" = protocol=17 | dir=in | app=c:\users\wayto\appdata\roaming\dropbox\bin\dropbox.exe |
"{D17E250D-A84D-4318-A913-990ABF92BE6E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{DB3D81CB-A747-4DCA-811B-26BE5B444D7F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E02BC5C9-65E9-45E2-AEE1-B67F31EA43EF}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\devicesetup.exe |
"{E120D480-262E-4B0B-A603-BA8467131CF0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EAA4FC95-AD29-4A03-9162-76B2C0B2FCDF}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{F93F5467-75F6-45B2-969C-888ECA5F1D37}" = protocol=17 | dir=in | app=c:\users\brent.warner\appdata\roaming\dropbox\bin\dropbox.exe |
"{FA49A0BB-5D6C-4ABE-B8FD-64B22B20F44A}" = protocol=6 | dir=in | app=c:\users\wayto\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{0EB229A8-9475-4DA0-8F94-4FB95EEC442E}C:\program files\synergy\synergys.exe" = protocol=6 | dir=in | app=c:\program files\synergy\synergys.exe |
"TCP Query User{13C45A3F-A24F-4DD0-9A0C-31895B7CB2A6}C:\program files (x86)\trillian\plugins\skypekit.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\plugins\skypekit.exe |
"TCP Query User{15E00867-68A8-4C0D-8F52-279F71675755}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe |
"TCP Query User{21DE2935-1986-4906-8608-9486C8847A91}C:\program files (x86)\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |
"UDP Query User{8EE99DED-CF71-4034-B5F1-0B562C96C1FC}C:\program files\synergy\synergys.exe" = protocol=17 | dir=in | app=c:\program files\synergy\synergys.exe |
"UDP Query User{994907BC-A6E5-4C01-AE18-1E46D657F408}C:\program files (x86)\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |
"UDP Query User{A41EE6D3-F8D7-4547-8FB3-9C211FB988AF}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe |
"UDP Query User{F839B0A5-7276-4510-9C29-8A2EA77D6B9D}C:\program files (x86)\trillian\plugins\skypekit.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\plugins\skypekit.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E8670B8-3965-4930-ADA6-570348B67153}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D411379-9CE0-4B13-A19B-72D3222DD620}" = SQL Server 2012 Common Files
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}" = SQL Server 2012 Common Files
"{22BCA430-2A68-4678-9824-184F3839948F}" = SQL Server 2012 Integration Services
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26BFF1F1-5C03-4C55-9C7C-FD65889AFA70}" = SQL Server 2012 Management Studio
"{29C93182-34F6-3275-A18D-59326851CD57}" = Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools - enu
"{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}" = Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
"{2E873893-A883-4C06-8308-7B491D58F3D6}" = Bentley DGN IFilter
"{36BF5D42-BF68-4E0C-A165-A4C6E9841F4A}" = SQL Server 2012 Integration Services
"{4371D69B-FB6A-4A61-8477-C1B919FB2311}" = TortoiseSVN 1.7.7.22907 (64 bit)
"{49D665A2-4C2A-476E-9AB8-FCC425F526FC}" = Microsoft SQL Server 2012 Native Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5DDC2234-4B37-45BC-AD33-41F1469B4D83}" = Microsoft SQL Server 2012 Setup (English)
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}" = Cisco Systems VPN Client 5.0.07.0440
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{62EED300-E841-4083-A1D6-60B906271804}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Tools
"{64D5BBC6-5270-3711-AA39-31C1087AF4E6}" = Microsoft Visual Studio 2008 Remote Debugger - ENU
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{656E214E-B73F-458C-AD64-ED316F008207}" = SQL Server 2012 BI Development Studio
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{6B3840D6-4B8F-4E74-9202-9CE36DA94E99}" = SQL Server 2012 Client Tools
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{710D4D91-1924-4A6B-8659-9CDE02DC7207}" = HP Deskjet 3050A J611 series Product Improvement Study
"{7272DF1C-2F88-43AC-A481-84DD67DF9746}" = SQL Server 2012 Documentation Components
"{74A8C1AF-75E5-4653-95AF-222725B7D877}" = Bentley DGN Thumbnail Provider
"{7842C220-6E9A-4D5A-AE70-0E138271F883}" = SQL Server 2012 Client Tools
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9aa5f39c-a8de-46b0-919a-0248f8bc8490}" = Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{A007BD05-ECFD-4F64-89F6-7E95F91F0DFB}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{A7037EB2-F953-4B12-B843-195F4D988DA1}" = SQL Server 2012 Management Studio
"{A992BBAA-723D-4574-A07F-983BF8FAA3E1}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Win32 Tools
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AEF6C676-D7A2-4487-BD4B-1BED17B229B5}" = Microsoft Mouse and Keyboard Center
"{B0A5A6EE-F8BA-48B1-BB32-BAC17E96C2B4}" = Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
"{B3192F55-2CE8-4C8E-9E40-D3B4998276B2}" = SQL Server 2012 Documentation Components
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{BF46C84D-1AC3-4CC3-A45C-EF6257B80984}" = AVG 2012
"{CC8B009A-98C9-497F-99AF-CEBE35D8C0CF}" = Microsoft SQL Server 2012 T-SQL Language Service
"{CECA0188-BD7A-43EF-B1F7-DDF719099C46}" = SQL Server 2012 Documentation Components
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D307B5CF-D1F0-48A4-8DA3-54765F535208}" = SQL Server 2012 SQL Data Quality Common
"{D3E39E77-0EB4-36FB-B97A-8C8AB21B9A45}" = Visual Studio .NET Prerequisites - English
"{D9D2CAB2-C726-4372-9F05-51B906C802B5}" = AVG 2012
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMwarePlayer_x64
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{EE1B54D1-BFBC-4C19-8D66-E0AF3E967896}" = SQL Server 2012 BI Development Studio
"{EF8B1A2E-9CCB-3AB2-91E3-4EEDAB1294E1}" = Microsoft Device Emulator (64 bit) version 3.0 - ENU
"{F14401A9-F0A0-33CC-8444-F60823A60DEB}" = Microsoft Visual Studio Tools for Applications x64 Runtime 3.0
"{F1949145-EB64-4DE7-9D81-E6D27937146C}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA0A244E-F3C2-4589-B42A-3D522DE79A42}" = Microsoft SQL Server 2012 Management Objects (x64)
"{FB555BCF-9202-4886-9203-88C9A210D727}" = HP Deskjet 3050A J611 series Basic Device Software
"AVG" = AVG 2012
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"Microsoft SQL Server 11" = Microsoft SQL Server 2012 (64-bit)
"Microsoft SQL Server SQLServer2012" = Microsoft SQL Server 2012 (64-bit)
"Microsoft Visual J# 2.0 Redistributable Package - SE (x64)" = Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
"Microsoft Visual Studio 2008 Remote Debugger - ENU" = Microsoft Visual Studio 2008 Remote Debugger - ENU
"PC-Doctor for Windows" = Dell Support Center
"Shrew Soft VPN Client" = Shrew Soft VPN Client

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{012D26C3-E12A-3BDA-8ECE-DF14E721A507}" = Microsoft Visual Studio 2010 Shell (Integrated) - ENU
"{023D64D7-E7B4-47C7-BE6E-B7C2E8960D08}" = Citrix online plug-in (Web)
"{04805AB6-F757-496A-8D56-37A0FC5FF6F3}" = VMware vSphere Client 5.0
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0DF3AE91-E533-3960-8516-B23737F8B7A2}" = Visual C++ 2008 x64 Runtime - (v9.0.30729)
"{0DF3AE91-E533-3960-8516-B23737F8B7A2}.vc_x64runtime_30729_01" = Visual C++ 2008 x64 Runtime - v9.0.30729.01
"{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{107C666F-63C5-4263-8D40-8B9CFB5FED08}" = Microsoft Robocopy GUI
"{191A6F65-6878-398D-A272-EF011B80F371}" = Microsoft Visual Studio Tools for Applications x86 Runtime 3.0
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B6B2817-89AF-4947-A768-0766D7906BCB}" = AnkhSVN 2.4.11610.27
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22E23C71-C27A-3F30-8849-BB6129E50679}" = Visual C++ 2008 IA64 Runtime - (v9.0.30729)
"{22E23C71-C27A-3F30-8849-BB6129E50679}.vc_i64runtime_30729_01" = Visual C++ 2008 IA64 Runtime - v9.0.30729.01
"{22FF90AE-764C-3490-8912-246A60F7FF57}" = MSDN Library for Visual Studio 2008 SP1 - ENU
"{241F2BF7-69EB-42A4-9156-96B2426C7504}" = Microsoft SQL Server Compact 3.5 for Devices ENU
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5
"{2A5395D2-F7A7-4606-8A7C-4F56183D21F6}" = MicroStation V8i (SELECTseries 3) SDK
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3C11D2DA-6802-3F66-BE6B-B2C046AFE866}" = Visual C++ 2008 x64 Runtime - (v9.0.30729.4148)
"{3C11D2DA-6802-3F66-BE6B-B2C046AFE866}.vc_x64runtime_30729_4148" = Visual C++ 2008 x64 Runtime - v9.0.30729.4148
"{3F8D9A47-9C50-3F46-8F12-B92DD5CA0A2E}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.6161)
"{3F8D9A47-9C50-3F46-8F12-B92DD5CA0A2E}.vc_x86runtime_30729_6161" = Visual C++ 2008 x86 Runtime - v9.0.30729.6161
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{477F115E-D48E-4D9D-B839-2AF37CA2987B}" = Bentley V8i (SELECTseries 2) - Autodesk® RealDWG™ 2010
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}" = Microsoft Visual Studio Tools for Applications Design-Time 3.0
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM Beta2
"{66332652-9C28-58B1-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL.Policy (x86) WinSXS MSM Beta2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68B7C6D9-1DF2-54C1-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 MFC.Policy (x86) WinSXS MSM Beta2
"{6C9F6D23-E9AD-43C9-B43A-011562AAF876}" = Windows Mobile 5.0 SDK R2 for Pocket PC
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{6F8EAC65-314D-4D86-9557-BC9312AACCB0}" = Citrix online plug-in (USB)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{774D4A29-321A-4F75-ABE3-1425516A663A}" = ATCO Gas DRiV
"{7774E6AB-D658-40A2-B9FA-7136FA917BAE}" = Advanced IP Scanner
"{7B33F480-496D-334A-BAC2-205DEC0CBC2D}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.4148)
"{7B33F480-496D-334A-BAC2-205DEC0CBC2D}.vc_x86runtime_30729_4148" = Visual C++ 2008 x86 Runtime - v9.0.30729.4148
"{7E9B0F70-EEF6-41E1-BF89-FDC4B9EDBD9C}" = MicroStation V8i (SELECTseries 2) 08.11.07.443
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{80938DE2-0954-11E0-A370-45DBDFD72085}" = TalkSwitch 6.50
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8144262B-25B4-44F6-8204-FCC8EF50179F}" = Citrix online plug-in (DV)
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}" = Microsoft SQL Server 2008 R2 Management Objects
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007
"{90120000-0021-0409-0000-0000000FF1CE}_VisualWebDeveloper_{C00A9857-850C-4C68-A583-2EF4F24706F5}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9169C939-ED01-446A-BD0C-29873BAF4E48}" = Prerequisites for SSDT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}" = Windows Mobile 5.0 SDK R2 for Smartphone
"{97DDCAB8-B770-4089-A10F-67568069D78A}" = HP Deskjet 3050A J611 series Help
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM Beta2
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM Beta2
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.3
"{9BAE13A2-E7AF-D6C3-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 MFC (x86) WinSXS MSM Beta2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCE40CE-A9E6-4916-8729-B008558EEF3F}" = Microsoft Report Viewer 2012 Runtime
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A13D16C5-38A9-4D96-9647-59FCCAB12A85}" = Visual Basic for Applications ® Core - English
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA467959-A1D6-4F45-90CD-11DC57733F32}" = Crystal Reports Basic for Visual Studio 2008
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}" = Dell Digital Delivery
"{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}" = Microsoft SQL Server System CLR Types
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D64B6984-242F-32BC-B008-752806E5FC44}" = Microsoft Visual Studio 2010 Shell (Isolated) - ENU
"{D7DAD1E4-45F4-3B2B-899A-EA728167EC4F}" = Microsoft Visual Studio 2008 Professional Edition - ENU
"{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}" = Microsoft SQL Server 2012 Management Objects
"{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}" = Microsoft SQL Server 2012 Policies
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECA1342-0C9A-4AB1-B796-B1478A3A93D7}" = MicroStation V8i (SELECTseries 2) SDK
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E7E58A3A-D9BD-3D4B-9475-AE757454AD82}" = Visual C++ 2008 x64 Runtime - (v9.0.30729.6161)
"{E7E58A3A-D9BD-3D4B-9475-AE757454AD82}.vc_x64runtime_30729_6161" = Visual C++ 2008 x64 Runtime - v9.0.30729.6161
"{E95D9D0D-7C7F-48DC-B8FD-A52B862FAFA8}" = ODAC Documentation for Visual Studio 2010
"{EA74A293-3FAC-4D1B-AE3A-3BD47FADDC20}" = Citrix online plug-in (HDX)
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
"{EDE9119C-9D98-4866-9227-F00A2F441BD2}" = ODAC Documentation for Visual Studio 2008
"{EDF0C1D5-D980-48F9-BA19-0ECEDEF8C5D4}" = VMware vCenter Converter Standalone
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{EF7E46B8-1FB7-11E2-B6B3-984BE15F174E}" = Evernote v. 4.5.10
"{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3BBC56F-2282-4464-952F-A89772181F30}" = Microsoft SQL Server Data Tools – Database Projects – Web installer entry point
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{FB97C283-1F3C-42D4-AE01-ADC1DC12F774}" = Visual Basic for Applications ® Core
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"FastStone Image Viewer" = FastStone Image Viewer 4.6
"FileZilla Client" = FileZilla Client 3.5.3
"Google Calendar Sync" = Google Calendar Sync
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.20.1
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Microsoft Visual Studio 2008 Professional Edition - ENU" = Microsoft Visual Studio 2008 Professional Edition - ENU
"MSDN Library for Visual Studio 2008 SP1" = MSDN Library for Visual Studio 2008 SP1
"Notepad++" = Notepad++
"PL/SQL Developer [C4587181]" = PL/SQL Developer 9.0.6.1665
"PROHYBRIDR" = 2007 Microsoft Office system
"Synergy" = Synergy
"Trillian" = Trillian
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"VMware_Player" = VMware Player
"WinLiveSuite" = Windows Live Essentials
"WinMerge_is1" = WinMerge 2.12.4

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 5.1.0.880

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/12/2012 9:26:26 AM | Computer Name = HALLIGAN | Source = WinMgmt | ID = 10
Description =

Error - 11/17/2012 9:41:23 PM | Computer Name = HALLIGAN | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: WayToIndex.dll_unloaded, version: 0.0.0.0,
time stamp: 0x506f16d0 Exception code: 0xc0000005 Fault offset: 0x0ae81757 Faulting
process id: 0x1948 Faulting application start time: 0x01cdc34b99ce2281 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
WayToIndex.dll Report Id: 0ea82858-3121-11e2-8c8a-005056c00008

Error - 11/18/2012 11:43:47 PM | Computer Name = HALLIGAN | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: WayToIndex.dll_unloaded, version: 0.0.0.0,
time stamp: 0x506f16d0 Exception code: 0xc0000005 Fault offset: 0x0ae51757 Faulting
process id: 0x1314 Faulting application start time: 0x01cdc52dd8c00a5c Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
WayToIndex.dll Report Id: 52930fa3-31fb-11e2-8c8a-005056c00008

Error - 11/21/2012 12:40:06 AM | Computer Name = HALLIGAN | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: WayToIndex.dll_unloaded, version: 0.0.0.0,
time stamp: 0x506f16d0 Exception code: 0xc0000005 Fault offset: 0x0a121757 Faulting
process id: 0x247c Faulting application start time: 0x01cdc78c183da9c3 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
WayToIndex.dll Report Id: 85826782-3395-11e2-8c8a-005056c00008

Error - 11/21/2012 12:42:38 AM | Computer Name = HALLIGAN | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: WayToIndex.dll, version: 3.2.0.5, time
stamp: 0x506f16d0 Exception code: 0xc0000005 Fault offset: 0x00001fd9 Faulting process
id: 0x18c4 Faulting application start time: 0x01cdc7a262b43ef0 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\Downloaded Program Files\WayToIndex.dll Report Id: dfea6da4-3395-11e2-8c8a-005056c00008

Error - 11/21/2012 12:49:02 AM | Computer Name = HALLIGAN | Source = Application Error | ID = 1000
Description = Faulting application name: AtcoGas.RuralAttributes.Queue.exe, version:
1.0.0.0, time stamp: 0x50abdcd7 Faulting module name: wtbSpinii.dll, version: 1.0.6.175,
time stamp: 0x4fdf61d1 Exception code: 0xc0000005 Fault offset: 0x0004b802 Faulting
process id: 0x22d0 Faulting application start time: 0x01cdc756fe867198 Faulting application
path: B:\dev\code\AtcoGas\AtcoGas.RuralAttributes.Queue\AtcoGas.RuralAttributes.Queue\bin\Debug\AtcoGas.RuralAttributes.Queue.exe
Faulting
module path: C:\Program Files (x86)\WayTo Integration\ATCO Gas DRiV\wtbSpinii.dll
Report
Id: c4e273ab-3396-11e2-8c8a-005056c00008

Error - 11/21/2012 10:17:44 AM | Computer Name = HALLIGAN | Source = Application Error | ID = 1000
Description = Faulting application name: AtcoGas.RuralAttributes.Queue.exe, version:
1.0.0.0, time stamp: 0x50acdfe6 Faulting module name: wtbSpinii.dll, version: 1.0.6.175,
time stamp: 0x4fdf61d1 Exception code: 0xc0000005 Fault offset: 0x0004b802 Faulting
process id: 0x460 Faulting application start time: 0x01cdc7f168760880 Faulting application
path: B:\dev\code\AtcoGas\AtcoGas.RuralAttributes.Queue\AtcoGas.RuralAttributes.Queue\bin\Debug\AtcoGas.RuralAttributes.Queue.exe
Faulting
module path: C:\Program Files (x86)\WayTo Integration\ATCO Gas DRiV\wtbSpinii.dll
Report
Id: 372bcf8c-33e6-11e2-8c8a-005056c00008

Error - 11/21/2012 1:51:12 PM | Computer Name = HALLIGAN | Source = Application Error | ID = 1000
Description = Faulting application name: AtcoGas.RuralAttributes.Queue.exe, version:
1.0.0.0, time stamp: 0x50ad121f Faulting module name: wtbspinii.dll, version: 1.0.6.187,
time stamp: 0x50acf920 Exception code: 0xc0000005 Fault offset: 0x00089433 Faulting
process id: 0x13e0 Faulting application start time: 0x01cdc80f574bb8b7 Faulting application
path: B:\dev\code\AtcoGas\AtcoGas.RuralAttributes.Queue\AtcoGas.RuralAttributes.Queue\bin\Debug\AtcoGas.RuralAttributes.Queue.exe
Faulting
module path: C:\Program Files (x86)\WayTo Integration\ATCO Gas DRiV\wtbspinii.dll
Report
Id: 095cc614-3404-11e2-8c8a-005056c00008

Error - 11/27/2012 10:19:47 AM | Computer Name = HALLIGAN | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16450,
time stamp: 0x503723f6 Faulting module name: WayToIndex.dll_unloaded, version: 0.0.0.0,
time stamp: 0x506f16d0 Exception code: 0xc0000005 Fault offset: 0x0d5b1757 Faulting
process id: 0xa5cc Faulting application start time: 0x01cdc9f518b8a59a Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
WayToIndex.dll Report Id: 7f062896-389d-11e2-8c8a-005056c00008

Error - 11/28/2012 10:51:23 AM | Computer Name = HALLIGAN | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 9/4/2012 10:15:53 AM | Computer Name = HALLIGAN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 309667
seconds with 1080 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 12/20/2012 1:00:41 PM | Computer Name = HALLIGAN | Source = Service Control Manager | ID = 7000
Description = The OracleMTSRecoveryService service failed to start due to the following
error: %%2

Error - 12/20/2012 1:00:43 PM | Computer Name = HALLIGAN | Source = Service Control Manager | ID = 7000
Description = The Synergy service failed to start due to the following error: %%193

Error - 12/20/2012 1:00:43 PM | Computer Name = HALLIGAN | Source = Service Control Manager | ID = 7000
Description = The TiMiniService service failed to start due to the following error:
%%193

Error - 12/20/2012 1:01:15 PM | Computer Name = HALLIGAN | Source = DCOM | ID = 10000
Description =

Error - 12/20/2012 1:02:52 PM | Computer Name = HALLIGAN | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Hard Drive Watcher 12 service to connect.

Error - 12/20/2012 1:02:57 PM | Computer Name = HALLIGAN | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 12/20/2012 1:05:37 PM | Computer Name = HALLIGAN | Source = Service Control Manager | ID = 7000
Description = The ShrewSoft DNS Proxy Daemon service failed to start due to the
following error: %%193

Error - 12/20/2012 1:07:54 PM | Computer Name = HALLIGAN | Source = Service Control Manager | ID = 7000
Description = The ShrewSoft IPSEC Daemon service failed to start due to the following
error: %%193

Error - 12/20/2012 1:07:58 PM | Computer Name = HALLIGAN | Source = Service Control Manager | ID = 7000
Description = The ShrewSoft IKE Daemon service failed to start due to the following
error: %%193

Error - 12/20/2012 1:08:02 PM | Computer Name = HALLIGAN | Source = Service Control Manager | ID = 7000
Description = The ShrewSoft DNS Proxy Daemon service failed to start due to the
following error: %%193


< End of report >
  • 1






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP