Hi again. OK here are the logs ... and i also posted a copy of my usage showing that things seem to be back to normal
OTL logfile created on: 15/03/2014 1:58:52 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\George\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.87 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 55.08% Memory free
5.95 Gb Paging File | 3.90 Gb Available in Paging File | 65.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 214.29 Gb Total Space | 126.51 Gb Free Space | 59.04% Space Free | Partition Type: NTFS
Drive D: | 8.65 Gb Total Space | 8.55 Gb Free Space | 98.80% Space Free | Partition Type: NTFS
Computer Name: GEORGE-PC | User Name: George | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2014/03/15 13:54:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\George\Desktop\OTL.exe
PRC - [2013/12/12 18:36:27 | 000,707,472 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2013/12/12 18:36:11 | 000,560,528 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2013/10/15 12:27:38 | 003,921,880 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/09/20 10:57:26 | 001,042,272 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013/09/13 10:38:30 | 000,171,416 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/07/25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2011/01/06 15:56:50 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files (x86)\Bell\Internet Service Advisor\ServicepointService.exe
PRC - [2011/01/06 15:56:46 | 004,318,520 | ---- | M] (Bell) -- C:\Program Files (x86)\Bell\Internet Service Advisor\BISA.exe
PRC - [2010/02/01 22:55:06 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/02/01 22:55:04 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/04/17 03:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2008/04/04 00:01:28 | 000,036,864 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
PRC - [2007/01/09 02:23:04 | 000,191,552 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
PRC - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ========== MOD - [2013/12/12 18:36:58 | 000,063,376 | ---- | M] () -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
MOD - [2013/05/16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013/05/16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/06 15:47:38 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\Bell\Internet Service Advisor\Windows7Features.dll
MOD - [2010/04/30 10:08:42 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2010/04/30 10:08:42 | 000,166,400 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
========== Services (SafeList) ========== SRV:
64bit: - [2013/10/23 18:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:
64bit: - [2013/10/23 18:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:
64bit: - [2008/08/25 09:58:12 | 000,089,600 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV:
64bit: - [2008/02/06 13:50:18 | 000,434,016 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:
64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2007/12/10 23:11:30 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV:
64bit: - [2007/12/03 17:04:48 | 000,175,104 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV:
64bit: - [2007/11/21 19:53:16 | 000,135,168 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2014/03/12 08:48:06 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/14 21:13:24 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/12 18:36:11 | 000,560,528 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/15 19:08:43 | 000,000,000 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\TODDSrv.exe -- (TODDSrv)
SRV - [2013/10/15 19:08:43 | 000,000,000 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\agr64svc.exe -- (AgereModemAudio)
SRV - [2013/10/15 19:08:41 | 000,000,000 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\spoolsv.exe -- (Spooler)
SRV - [2013/10/15 19:08:41 | 000,000,000 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\SLsvc.exe -- (slsvc)
SRV - [2013/10/15 19:08:24 | 000,000,000 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\lsass.exe -- (SamSs)
SRV - [2013/10/15 19:08:24 | 000,000,000 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\lsass.exe -- (ProtectedStorage)
SRV - [2013/10/15 19:08:24 | 000,000,000 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\lsass.exe -- (Netlogon)
SRV - [2013/10/15 19:08:24 | 000,000,000 | ---- | M] () [On_Demand | Running] -- C:\Windows\SysWOW64\lsass.exe -- (KeyIso)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/04/06 17:53:36 | 001,117,144 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2011/02/18 12:14:04 | 000,371,472 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2011/01/06 15:56:50 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files (x86)\Bell\Internet Service Advisor\ServicepointService.exe -- (ServicepointService)
SRV - [2009/10/20 14:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/18 20:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/05/28 19:20:16 | 000,164,600 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/04/17 03:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/04 00:01:28 | 000,036,864 | ---- | M] (TOSHIBA Corporation.) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2006/08/23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2013/12/12 18:18:30 | 000,027,048 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vpnva64.sys -- (vpnva)
DRV:
64bit: - [2013/12/12 18:14:30 | 000,073,584 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\acsmux64.sys -- (acsmux)
DRV:
64bit: - [2013/12/12 18:14:30 | 000,049,520 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\acsint64.sys -- (acsint)
DRV:
64bit: - [2013/09/27 10:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:
64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2012/02/29 09:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011/05/11 10:55:10 | 000,282,440 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:
64bit: - [2011/03/10 10:08:22 | 000,279,344 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\PCTSD64.sys -- (PCTSD)
DRV:
64bit: - [2010/07/16 15:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:
64bit: - [2010/06/29 11:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:
64bit: - [2009/10/20 14:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:
64bit: - [2008/07/18 18:52:16 | 000,504,912 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\tos_sps64.sys -- (tos_sps64)
DRV:
64bit: - [2008/06/26 16:24:18 | 000,020,520 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:
64bit: - [2008/06/12 06:51:36 | 007,911,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2008/04/27 18:38:12 | 004,730,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64)
DRV:
64bit: - [2008/04/15 20:54:16 | 000,388,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:
64bit: - [2008/04/14 22:05:42 | 000,161,792 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:
64bit: - [2008/04/02 20:27:18 | 000,065,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:
64bit: - [2008/02/29 02:59:32 | 001,252,352 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:
64bit: - [2007/12/11 17:03:36 | 000,027,272 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tdcmdpst.sys -- (tdcmdpst)
DRV:
64bit: - [2007/12/06 06:12:56 | 000,320,048 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:
64bit: - [2007/11/09 14:00:30 | 000,026,968 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV:
64bit: - [2006/11/20 01:11:06 | 000,008,704 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\FwLnk.sys -- (FwLnk)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.shoptoshiba.ca/welcomeIE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.shoptoshiba.ca/welcomeIE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {87394793-8317-426A-A380-443282519A7D}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE:
64bit: - HKLM\..\SearchScopes\{87394793-8317-426A-A380-443282519A7D}: "URL" =
http://www.google.ca...ie7&rlz=1I7TSHCIE - HKLM\..\SearchScopes,DefaultScope = {5E472926-EBA1-4FB7-B5C5-78AFE818BB8D}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{87394793-8317-426A-A380-443282519A7D}: "URL" =
http://www.google.ca...ie7&rlz=1I7TSHC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-981261398-3402016905-1835471290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-981261398-3402016905-1835471290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-981261398-3402016905-1835471290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKU\S-1-5-21-981261398-3402016905-1835471290-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-981261398-3402016905-1835471290-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-981261398-3402016905-1835471290-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.lo
========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Bell\Internet Service Advisor\nprpspa.dll (Bell)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Bell\Internet Service Advisor\nprpspa.dll (Bell)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/02/14 21:12:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/02/14 21:12:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/02/14 21:12:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/02/14 21:12:41 | 000,000,000 | ---D | M]
[2009/08/21 21:00:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\George\AppData\Roaming\Mozilla\Extensions
[2013/10/15 20:29:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\rtqjzf96.default-1381882977084\extensions
[2014/03/14 18:35:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/02/14 21:12:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014/02/14 21:12:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014/02/14 21:12:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2014/03/14 18:35:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/02/14 21:13:26 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
O1 HOSTS File: ([2011/10/24 19:05:51 | 000,000,036 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:
64bit: - HKU\S-1-5-21-981261398-3402016905-1835471290-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:
64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4:
64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4:
64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BISA.exe] C:\Program Files (x86)\Bell\Internet Service Advisor\BISA.exe (Bell)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-981261398-3402016905-1835471290-1000..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-981261398-3402016905-1835471290-1000..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Greenshot.lnk = C:\Program Files (x86)\Greenshot\Greenshot.exe ()
O4 - Startup: C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-981261398-3402016905-1835471290-1000\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-981261398-3402016905-1835471290-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-981261398-3402016905-1835471290-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll ()
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13
64bit: - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79D9CC79-0B7C-4AFE-88E9-154ADA208EDB}: DhcpNameServer = 192.168.2.1
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\syswow64\userinit.exe) - c:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O24 - Desktop WallPaper: C:\TOSHIBA\wallpapers\wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\TOSHIBA\wallpapers\wallpaper1.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2014/03/15 13:55:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\George\Desktop\OTL.exe
[2014/03/14 19:14:47 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\George\Desktop\aswmbr.exe
[2014/03/14 18:50:17 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/03/14 18:45:46 | 001,037,734 | ---- | C] (Thisisu) -- C:\Users\George\Desktop\JRT.exe
[2014/03/13 21:26:36 | 002,157,056 | ---- | C] (Farbar) -- C:\Users\George\Desktop\FRST64.exe
[2014/03/13 21:23:59 | 000,000,000 | ---D | C] -- C:\FRST
[2014/03/13 19:29:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/03/13 19:28:50 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014/03/13 19:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/03/13 19:28:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/03/13 07:13:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/03/13 07:13:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/03/13 07:13:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/03/13 07:13:32 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/03/13 07:13:32 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/03/13 07:13:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/03/13 07:13:31 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/03/13 07:13:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/03/13 07:13:26 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/03/13 07:13:25 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/03/13 07:13:25 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/03/13 07:13:22 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/03/13 07:13:21 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/03/13 07:13:20 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/03/13 07:13:20 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/03/12 07:00:22 | 001,111,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/03/12 07:00:21 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/03/12 07:00:21 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/03/12 07:00:20 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/03/06 09:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
[2014/03/05 07:48:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/03/05 07:48:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/02/26 04:04:56 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/02/14 21:12:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2014/03/15 13:54:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\George\Desktop\OTL.exe
[2014/03/15 13:47:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/15 13:35:01 | 000,052,376 | ---- | M] () -- C:\Users\George\Documents\my usage picture.jpg
[2014/03/15 13:27:25 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/15 13:27:25 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/15 13:26:00 | 000,214,947 | ---- | M] () -- C:\Users\George\Documents\george resource monitor - saturday 15mar2014 after various cleanings and whatnot.odt
[2014/03/15 13:21:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/15 00:21:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/14 19:34:36 | 000,759,582 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/03/14 19:34:36 | 000,647,880 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/03/14 19:34:36 | 000,124,848 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/03/14 19:29:33 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2014/03/14 19:27:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/14 19:27:17 | 3082,809,344 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/14 19:19:45 | 000,000,512 | ---- | M] () -- C:\Users\George\Desktop\MBR.dat
[2014/03/14 19:14:15 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\George\Desktop\aswmbr.exe
[2014/03/14 18:44:50 | 001,037,734 | ---- | M] (Thisisu) -- C:\Users\George\Desktop\JRT.exe
[2014/03/14 06:45:58 | 000,000,628 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/03/14 06:45:58 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2014/03/13 23:20:24 | 000,713,819 | ---- | M] () -- C:\Users\George\Documents\9032 test strat doc.odt
[2014/03/13 21:23:26 | 002,157,056 | ---- | M] (Farbar) -- C:\Users\George\Desktop\FRST64.exe
[2014/03/13 21:00:15 | 000,000,509 | ---- | M] () -- C:\Windows\wininit.ini
[2014/03/13 19:36:20 | 000,188,212 | ---- | M] () -- C:\Users\George\Documents\george resource monitor.odt
[2014/03/13 19:29:06 | 000,001,229 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/03/13 07:39:42 | 000,346,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/03/13 07:15:30 | 003,415,218 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2014/03/12 08:48:05 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/03/12 08:48:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/03/12 08:47:32 | 005,777,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2014/03/12 06:25:04 | 000,000,905 | ---- | M] () -- C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Greenshot.lnk
[2014/03/08 12:03:30 | 000,001,718 | -H-- | M] () -- C:\Users\George\Documents\Default.rdp
[2014/03/06 18:16:15 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/03/05 07:48:26 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/04 07:29:10 | 000,002,036 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/03 20:00:45 | 000,100,532 | ---- | M] () -- C:\Users\George\Documents\rbc group rsp 28feb2014.jpg
[2014/03/03 19:59:29 | 000,134,972 | ---- | M] () -- C:\Users\George\Documents\rbc rsp 28feb2014.jpg
[2014/02/27 07:56:39 | 000,744,780 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/23 02:54:58 | 002,334,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/23 02:46:42 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/23 02:46:20 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/02/23 02:45:36 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/23 02:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/02/23 02:45:27 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/23 02:44:57 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/23 02:44:14 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/02/23 02:43:22 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/23 01:39:28 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/23 01:38:15 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/02/23 01:38:08 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/23 01:37:28 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/02/23 01:36:31 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/02/23 01:35:49 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2014/03/15 13:35:01 | 000,052,376 | ---- | C] () -- C:\Users\George\Documents\my usage picture.jpg
[2014/03/15 13:25:57 | 000,214,947 | ---- | C] () -- C:\Users\George\Documents\george resource monitor - saturday 15mar2014 after various cleanings and whatnot.odt
[2014/03/14 19:19:45 | 000,000,512 | ---- | C] () -- C:\Users\George\Desktop\MBR.dat
[2014/03/13 21:00:14 | 000,000,509 | ---- | C] () -- C:\Windows\wininit.ini
[2014/03/13 19:48:50 | 000,713,819 | ---- | C] () -- C:\Users\George\Documents\9032 test strat doc.odt
[2014/03/13 19:36:20 | 000,188,212 | ---- | C] () -- C:\Users\George\Documents\george resource monitor.odt
[2014/03/13 19:29:23 | 000,000,628 | ---- | C] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/03/13 19:29:23 | 000,000,458 | ---- | C] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2014/03/13 19:29:21 | 000,000,656 | ---- | C] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2014/03/13 19:29:06 | 000,001,241 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/03/13 19:29:06 | 000,001,229 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/03/12 07:57:25 | 000,000,426 | ---- | C] () -- C:\AVScanner.ini
[2014/03/05 07:48:26 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/03/03 20:00:45 | 000,100,532 | ---- | C] () -- C:\Users\George\Documents\rbc group rsp 28feb2014.jpg
[2014/03/03 19:59:29 | 000,134,972 | ---- | C] () -- C:\Users\George\Documents\rbc rsp 28feb2014.jpg
[2013/10/15 19:08:45 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\igfxext.exe
[2013/10/15 19:08:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\wuauclt.exe
[2013/10/15 19:08:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\TODDSrv.exe
[2013/10/15 19:08:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\igfxsrvc.exe
[2013/10/15 19:08:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\igfxpers.exe
[2013/10/15 19:08:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\hkcmd.exe
[2013/10/15 19:08:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dwm.exe
[2013/10/15 19:08:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\agr64svc.exe
[2013/10/15 19:08:41 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\spoolsv.exe
[2013/10/15 19:08:41 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\SLsvc.exe
[2013/10/15 19:08:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\smss.exe
[2013/10/15 19:08:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\lsass.exe
[2013/10/15 19:08:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\csrss.exe
[2013/10/15 18:53:28 | 000,000,036 | ---- | C] () -- C:\Users\George\AppData\Local\housecall.guid.cache
[2012/12/23 16:12:08 | 000,020,436 | ---- | C] () -- C:\Users\George\bpass.png
[2012/01/07 09:32:44 | 000,011,742 | -HS- | C] () -- C:\Users\George\AppData\Local\63ycxx83j164lu7wm8whe31o3b3c10535yge4608f0ye76
[2012/01/07 09:32:44 | 000,011,742 | -HS- | C] () -- C:\ProgramData\63ycxx83j164lu7wm8whe31o3b3c10535yge4608f0ye76
[2011/05/08 15:31:43 | 000,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2009/10/31 14:19:52 | 000,000,680 | ---- | C] () -- C:\Users\George\AppData\Local\d3d9caps.dat
[2009/09/28 21:53:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/07/03 18:23:17 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/06/29 18:31:56 | 000,100,352 | ---- | C] () -- C:\Users\George\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/29 03:50:15 | 000,001,460 | ---- | C] () -- C:\Users\George\AppData\Local\d3d9caps64.dat
========== ZeroAccess Check ========== [2006/11/02 11:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 13:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 03:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 22:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ========== @Alternate Data Stream - 167 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
OTL Extras logfile created on: 15/03/2014 1:58:52 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\George\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.87 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 55.08% Memory free
5.95 Gb Paging File | 3.90 Gb Available in Paging File | 65.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 214.29 Gb Total Space | 126.51 Gb Free Space | 59.04% Space Free | Partition Type: NTFS
Drive D: | 8.65 Gb Total Space | 8.55 Gb Free Space | 98.80% Space Free | Partition Type: NTFS
Computer Name: GEORGE-PC | User Name: George | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-981261398-3402016905-1835471290-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = BD 78 74 69 1D 7C CB 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4099243D-6583-4886-B14B-6968E317644E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4171B362-9719-4C26-AAFE-A06EA18C83DF}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{498D110E-36D2-4654-B635-A376E1B6B71B}" = protocol=17 | dir=in | app=c:\program files (x86)\bell\internet service advisor\servicepointservice.exe |
"{5A70C367-DA36-4EB7-87A0-1389F149C4A4}" = protocol=6 | dir=in | app=c:\users\george\appdata\local\temp\~ose452.tmp\pmropn.exe |
"{6BA45C89-826A-4D0D-B21B-B43274D848AD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{7CD5A382-9BC7-4C23-8A93-DA7B8CADC5CB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{8BB55989-85DF-40AA-8109-A975E32B8DF0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{96C1BFB2-AA61-4290-876A-EEC3C7A4ABEC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9B0CC6C2-D83B-4756-8420-3D5AB2F6E30D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A64D5733-B9FA-4BF8-9B4C-473A0F3FC321}" = protocol=6 | dir=in | app=c:\program files (x86)\bell\internet service advisor\servicepointservice.exe |
"{C71CACDB-8267-4A54-861D-AF2CBEEF62E4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E12B361A-B6C5-41D6-8F54-8A77284927C0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"TCP Query User{8399B44D-8C9F-4B99-B7C3-C21FBE3A0691}C:\users\george\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\george\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"TCP Query User{939F71EF-1DC3-4098-9D1C-F242F07702B7}C:\windows\syswow64\explorer.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\explorer.exe |
"TCP Query User{FC41B0EB-1726-42E8-BB8E-C57DFFAD6A16}C:\program files (x86)\premieropinion\pmropn.exe" = protocol=6 | dir=in | app=c:\program files (x86)\premieropinion\pmropn.exe |
"UDP Query User{5409132E-9BA6-4CD4-AF9D-3242B33F9C3D}C:\program files (x86)\premieropinion\pmropn.exe" = protocol=17 | dir=in | app=c:\program files (x86)\premieropinion\pmropn.exe |
"UDP Query User{AB3A582B-EA27-495D-95DE-AA771A864465}C:\users\george\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\george\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{CE144B77-2473-42AD-9181-8CB3AD8BC7A0}C:\windows\syswow64\explorer.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\explorer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{584B7A79-1262-4424-BB2E-21D8EF10DFB4}" = HP Photosmart C4340 All-In-One Driver Software 10.0 Rel .3
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{F73A118B-8271-47E2-8790-0C636B2539C5}" = iTunes
"D27D7E9318CFA89EDDE8D448B507A8EB725F5A52" = Windows Driver Package - TOSHIBA (FwLnk) System (11/19/2006 1.0.0.3)
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0B42C574-468D-4D88-8126-39BFCB6DFBD9}" = GenuTax Standard
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java 6 Update 6
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{4C3F3228-13BE-41D0-A782-3DDE7CB2479A}" = CD/DVD Drive Acoustic Silencer
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A11409F1-CD33-4076-85CB-4EE4A8439BFE}" = Scan
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A62892A7-9D90-4A58-8FFF-78FC5A2BC3C5}" = OpenOffice.org 3.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAAB700A-DDB7-4298-AB4B-B6E9F785059C}" = Cisco AnyConnect Secure Mobility Client
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{bb06d04a-9871-4a6b-a668-2ef483b5c2b5}" = PS_AIO_03_C4340_Software_Min
"{BFFB6CFD-13E8-4967-AA6D-A57E7280FFDA}_is1" = FreeSmith version 1.2.3
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{ed8fcd31-e06b-4103-b4f7-657b9a82e29f}" = PS_AIO_03_C4340_Software
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{FE4270D7-A642-49C1-9A40-854DA3F13FB2}_is1" = Moyea FLV Player version: 2.0.2.94
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Applian FLV and Media Player" = Applian FLV and Media Player 3.1.1.12
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"Google Chrome" = Google Chrome
"Greenshot_is1" = Greenshot
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 27.0.1 (x86 en-US)" = Mozilla Firefox 27.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"My PCBackup Removal Tool_is1" = My PCBackup Removal Tool
"OnlinePlay" = OnlinePlay 1.0
"RadialpointClientGateway_is1" = Bell Internet Service Advisor 3.7.44
"Spyware Doctor" = Spyware Doctor 8.0
"WildTangent toshiba Master Uninstall" = WildTangent Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinPcapInst" = WinPcap 4.1.1
"WM Recorder" = WM Recorder
"WM Recorder 14" = WM Recorder 14
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-981261398-3402016905-1835471290-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"WM Capture" = WM Capture
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 14/03/2014 7:27:56 PM | Computer Name = George-PC | Source = WinMgmt | ID = 10
Description =
Error - 14/03/2014 7:31:45 PM | Computer Name = George-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 14/03/2014 7:31:45 PM | Computer Name = George-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 14/03/2014 7:31:47 PM | Computer Name = George-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 14/03/2014 7:31:48 PM | Computer Name = George-PC | Source = Windows Search Service | ID = 3013
Description =
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 15/03/2014 8:08:38 AM | Computer Name = George-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
777 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
Error - 15/03/2014 8:08:38 AM | Computer Name = George-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestNetEnv File: .\NetEnvironment.cpp Line:
230 Invoked Function: CNetEnvironment::testNetwork Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
Error - 15/03/2014 8:08:58 AM | Computer Name = George-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::analyzeHttpResponse File: .\NetEnvironment.cpp
Line:
1576 Invoked Function: CCertHelper::VerifyServerCertificate Return Code: -31391704
(0xFE210028) Description: CERTIFICATE_ERROR_VERIFY_SERVERCERT_FAILED_ASKUSER:Server
certificate verification failed, and the error was an askuser error server name:
asa.rpmtec.com
Error - 15/03/2014 8:09:00 AM | Computer Name = George-PC | Source = acvpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
303 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31588307
(0xFE1E002D) Description: SOCKETTRANSPORT_ERROR_CONNECT_CANCELED:An asynchronous
connection has been canceled during its initiation.
Error - 15/03/2014 8:09:00 AM | Computer Name = George-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
1385 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28966899
(0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
not contact target
Error - 15/03/2014 8:09:00 AM | Computer Name = George-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
777 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
Error - 15/03/2014 8:09:30 AM | Computer Name = George-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::analyzeHttpResponse File: .\NetEnvironment.cpp
Line:
1576 Invoked Function: CCertHelper::VerifyServerCertificate Return Code: -31391704
(0xFE210028) Description: CERTIFICATE_ERROR_VERIFY_SERVERCERT_FAILED_ASKUSER:Server
certificate verification failed, and the error was an askuser error server name:
asa.rpmtec.com
Error - 15/03/2014 8:09:32 AM | Computer Name = George-PC | Source = acvpnagent | ID = 67108866
Description = Function: CHttpProbeAsync::OnOpenRequestComplete File: .\IP\HttpProbeAsync.cpp
Line:
303 Invoked Function: CHttpSessionAsync::OnOpenRequestComplete Return Code: -31588307
(0xFE1E002D) Description: SOCKETTRANSPORT_ERROR_CONNECT_CANCELED:An asynchronous
connection has been canceled during its initiation.
Error - 15/03/2014 8:09:32 AM | Computer Name = George-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
1385 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28966899
(0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
not contact target
Error - 15/03/2014 8:09:32 AM | Computer Name = George-PC | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
777 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
[ Spybot - Search and Destroy Events ]
Error - 13/03/2014 9:00:36 PM | Computer Name = George-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
[ System Events ]
Error - 14/03/2014 7:29:19 PM | Computer Name = George-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 14/03/2014 7:29:19 PM | Computer Name = George-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
Hi again. I also checked out my usage and it's waaaaaaaaaaaaaaaay down today and yesterday. I was avoiding going on the internet from the 6th march because it was using tonnes of usage just doing nothing, reading email or whatnot only,and it was still spiking just doing that.
Today, i've had the internet on for awhile because i had to run out and forgot to unplug my modem and computer, but returned to find that nothing's eating up usage anymore, no more downloads into the billions.
Reset
Date Downloads (GB) Uploads (GB) Daily total (GB)
Total for the period 88.300 2.889 91.189
March 15, 2014 0.311 0.039 0.350
March 14, 2014 0.271 0.028 0.299
March 13, 2014 5.492 0.100 5.592
March 12, 2014 11.549 0.217 11.766
March 11, 2014 16.959 0.287 17.246
March 10, 2014 5.245 0.098 5.343
March 09, 2014 1.168 0.125 1.293
March 08, 2014 1.689 0.169 1.858
March 07, 2014 7.166 0.156 7.322
March 06, 2014 12.922 0.275 13.197
March 05, 2014 16.965 0.329 17.294
March 04, 2014 0.710 0.040 0.750
March 03, 2014 0.572 0.035 0.607
March 02, 2014 0.584 0.139 0.723
March 01, 2014 1.154 0.135 1.289
February 28, 2014 0.536 0.071 0.607