Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Internet explorer running in background and high Rundll32 CPU


  • Please log in to reply

#1
Rachou

Rachou

    New Member

  • Member
  • Pip
  • 1 posts
Hi, my internet explorer is running by itself in the background, and I can't kill it. Whenever I try, it starts again, and also, for some reasons, it "actives" several Rundlll32 process, which have a high CPU usage and completely block my computer. I can't do anything until I start the computer in safe mode (But I still encountered a high Rundll32 CPU usage on safe mode). Any idea what it is? I'm not too good at computers, but it is a toshiba, running on windows vista. I attached a log from OTL, I ran it on safe mode with networking. Thank you for your help.



OTL logfile created on: 5/11/2013 12:44:43 AM - Run 1
OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\Rachel G\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19412)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.69 Mb Total Physical Memory | 111.61 Mb Available Physical Memory | 11.01% Memory free
2.25 Gb Paging File | 1.52 Gb Available in Paging File | 67.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110.32 Gb Total Space | 12.55 Gb Free Space | 11.38% Space Free | Partition Type: NTFS

Computer Name: RACHELG-PC | User Name: Rachel G | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/11 00:44:23 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Rachel G\Downloads\OTL.exe
PRC - [2013/04/12 14:50:14 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
PRC - [2013/04/04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013/03/12 14:34:56 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/12 14:50:12 | 016,032,648 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_169.dll
MOD - [2013/03/12 14:34:55 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll


========== Services (SafeList) ==========

SRV - [2013/04/12 14:50:15 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/11 10:28:08 | 000,093,984 | ---- | M] (Conduit) [Auto | Stopped] -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/29 16:20:38 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Stopped] -- C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe -- (VideoDownloadConverter_4zService)
SRV - [2012/12/23 23:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Norton Identity Safe\Engine\2013.3.3.19\ccSvcHst.exe -- (NCO)
SRV - [2012/12/23 23:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Norton AntiVirus\Engine\20.3.1.22\ccSvcHst.exe -- (NAV)
SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/08/21 15:43:58 | 000,794,272 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2012/08/03 17:22:18 | 000,352,248 | ---- | M] (Verizon) [Auto | Stopped] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2012/01/18 02:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/05/20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 03:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/19 03:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/09/19 15:01:12 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007/03/29 14:39:20 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/02/26 01:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/01/25 22:47:50 | 000,136,816 | ---- | M] () [Auto | Stopped] -- C:\TOSHIBA\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/11/15 00:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/05/25 22:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (Tosrfcom)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\sysprep\UP_date\PEDrv.sys -- (SVRPEDRV)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\rp_skt32.sys -- (RPSKT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\NPF.sys -- (NPF)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\SYSPREP\Drivers\ioport.sys -- (IO_Memory)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\coShared\CW\1.5\CO_Mon.sys -- (CWMonitor)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\RACHEL~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2013/05/10 23:39:16 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013/04/24 13:48:32 | 001,603,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\Definitions\VirusDefs\20130510.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/04/24 13:48:32 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/04/24 13:48:32 | 000,093,296 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\Definitions\VirusDefs\20130510.003\NAVENG.SYS -- (NAVENG)
DRV - [2013/04/12 19:53:06 | 001,000,024 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\Definitions\BASHDefs\20130502.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/03/11 12:52:17 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto)
DRV - [2013/01/30 23:18:18 | 000,350,368 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NAV\1403010.016\symtdiv.sys -- (SYMTDIv)
DRV - [2013/01/30 23:18:06 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NAV\1403010.016\symefa.sys -- (SymEFA)
DRV - [2013/01/28 21:45:18 | 000,602,712 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\NAV\1403010.016\srtsp.sys -- (SRTSP)
DRV - [2013/01/28 21:45:18 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NAV\1403010.016\srtspx.sys -- (SRTSPX)
DRV - [2013/01/21 22:15:32 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NAV\1403010.016\symds.sys -- (SymDS)
DRV - [2012/11/15 22:22:01 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NAV\1403010.016\ironx86.sys -- (SymIRON)
DRV - [2012/11/15 22:18:04 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NST\7DD03030.013\ccsetx86.sys -- (ccSet_NST)
DRV - [2012/11/15 22:18:04 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NAV\1403010.016\ccsetx86.sys -- (ccSet_NAV)
DRV - [2012/10/19 21:32:56 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/10/19 15:31:04 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\Definitions\IPSDefs\20130509.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012/10/19 01:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/01/18 02:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012/01/18 02:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/20 16:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/05/07 19:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/05/07 14:51:20 | 000,114,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009/04/11 00:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008/05/16 11:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic)
DRV - [2008/05/16 11:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5)
DRV - [2008/05/16 11:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 11:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 11:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV - [2008/05/16 11:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 11:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus)
DRV - [2008/01/09 13:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/09/19 14:59:12 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2007/06/01 17:07:48 | 000,252,416 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2007/04/03 14:59:38 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616mdm.sys -- (s616mdm)
DRV - [2007/04/03 14:59:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616mdfl.sys -- (s616mdfl)
DRV - [2007/04/03 13:59:42 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616unic.sys -- (s616unic)
DRV - [2007/04/03 13:59:42 | 000,098,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616obex.sys -- (s616obex)
DRV - [2007/04/03 13:59:42 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616nd5.sys -- (s616nd5)
DRV - [2007/04/03 13:59:40 | 000,100,360 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616mgmt.sys -- (s616mgmt)
DRV - [2007/04/03 13:59:30 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616bus.sys -- (s616bus)
DRV - [2007/01/24 18:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/11/28 19:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/20 02:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/09 02:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10I.sys -- (KR10I)
DRV - [2006/11/09 02:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\KR10N.sys -- (KR10N)
DRV - [2006/10/18 15:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/06 02:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2006/09/27 08:06:00 | 000,479,488 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\kr3npxp.sys -- (KR3NPXP)
DRV - [2002/07/17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
DRV - [2002/03/09 23:37:50 | 000,006,144 | ---- | M] (Elaborate Bytes) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RegKill.sys -- (RegKill)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKLM\..\SearchScopes,DefaultScope = {61A566B1-C38C-4511-8795-B3816F5F8D2F}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...q={searchTerms}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...nType=tb50trie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...050&SSPV=IEOB15
IE - HKLM\..\SearchScopes\{BC37B0C6-1699-454D-815B-74DB6873EE31}: "URL" = http://www.google.co...ge={startPage};

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperba...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperba...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3287375
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperba...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperba...q={searchTerms}
IE - HKCU\..\URLSearchHook: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No CLSID value found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {61A566B1-C38C-4511-8795-B3816F5F8D2F}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...q={searchTerms}
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...nType=tb50trie7
IE - HKCU\..\SearchScopes\{0F1B56B8-77C1-4B5E-AF46-DF92BE690CC7}: "URL" = http://us.yhs4.searc...p={searchTerms}
IE - HKCU\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcas...q={searchTerms}
IE - HKCU\..\SearchScopes\{4F11ACBB-393F-4c86-A214-FF3D0D155CC3}: "URL" = http://search.burn4f...rc=search-field
IE - HKCU\..\SearchScopes\{61A566B1-C38C-4511-8795-B3816F5F8D2F}: "URL" = http://search.condui...8957601369&UM=2
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.se...e=en_US&tpr=111
IE - HKCU\..\SearchScopes\{BC37B0C6-1699-454D-815B-74DB6873EE31}: "URL" = http://www.google.co...&rlz=1I7TSHB_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Vafmusic Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Vafmusic Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: {C66C2797-53EF-40BA-BB6A-10B8BDC297A8}:1.9.1
FF - prefs.js..extensions.enabledAddons: {E0FEDDBB-9513-4AB4-9E99-6B354A4E3B33}:1.9.1
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}:6.0.41
FF - prefs.js..extensions.enabledAddons: [email protected]:0.72.17
FF - prefs.js..extensions.enabledAddons: 4zffxtbr@VideoDownloadConverter_4z.com:2.71.0.61832
FF - prefs.js..extensions.enabledAddons: [email protected]:3.2
FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.3.0.9 - 5
FF - prefs.js..extensions.enabledItems: [email protected]:0.72.17
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 3
FF - prefs.js..extensions.enabledItems: 4zffxtbr@VideoDownloadConverter_4z.com:2.71.0.61832
FF - prefs.js..extensions.enabledItems: {C66C2797-53EF-40BA-BB6A-10B8BDC297A8}:1.9.1
FF - prefs.js..extensions.enabledItems: {E0FEDDBB-9513-4AB4-9E99-6B354A4E3B33}:1.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}:6.0.41
FF - prefs.js..keyword.URL: "http://search.condui...281258&UM=2&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Rachel G\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/12 21:13:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\CodecCheck\firefox [2011/08/13 22:08:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\IPSFFPlgn\ [2012/10/20 14:16:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.1.1.7\coFFPlgn\ [2013/05/10 22:07:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin [2012/12/29 16:21:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/10 14:44:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/16 16:44:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/12 21:13:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{C66C2797-53EF-40BA-BB6A-10B8BDC297A8}: C:\Users\Rachel G\AppData\Local\{C66C2797-53EF-40BA-BB6A-10B8BDC297A8} [2011/05/07 23:24:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{E0FEDDBB-9513-4AB4-9E99-6B354A4E3B33}: C:\Users\Rachel G\AppData\Local\{E0FEDDBB-9513-4AB4-9E99-6B354A4E3B33} [2011/08/29 20:11:28 | 000,000,000 | ---D | M]

[2013/02/27 00:32:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rachel G\AppData\Roaming\Mozilla\Extensions
[2010/06/11 11:14:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rachel G\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/05/10 22:41:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rachel G\AppData\Roaming\Mozilla\Firefox\Profiles\g45zdcnf.default\extensions
[2013/03/04 21:53:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Rachel G\AppData\Roaming\Mozilla\Firefox\Profiles\g45zdcnf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/01/19 01:49:12 | 000,005,100 | ---- | M] () (No name found) -- C:\Users\Rachel G\AppData\Roaming\Mozilla\Firefox\Profiles\g45zdcnf.default\extensions\[email protected]
[2013/05/10 22:38:28 | 000,000,993 | ---- | M] () -- C:\Users\Rachel G\AppData\Roaming\Mozilla\Firefox\Profiles\g45zdcnf.default\searchplugins\conduit.xml
[2013/03/11 13:16:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/02/27 01:30:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}
[2012/12/29 16:21:03 | 000,000,000 | ---D | M] (VideoDownloadConverter) -- C:\PROGRAM FILES\VIDEODOWNLOADCONVERTER_4Z\BAR\1.BIN
[2011/08/13 22:08:30 | 000,000,000 | ---D | M] ("Premiumplay Codec-C") -- C:\PROGRAMDATA\CODECCHECK\FIREFOX
[2012/10/20 14:16:51 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.1.5\IPSFFPLGN
[2011/05/07 23:24:37 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\RACHEL G\APPDATA\LOCAL\{C66C2797-53EF-40BA-BB6A-10B8BDC297A8}
[2011/08/29 20:11:28 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\RACHEL G\APPDATA\LOCAL\{E0FEDDBB-9513-4AB4-9E99-6B354A4E3B33}
[2013/03/12 14:34:57 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/11/06 12:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2009/11/06 12:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2013/03/12 14:34:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/03/12 14:34:48 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/02/28 16:04:46 | 000,020,569 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\xfinity.xml

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files\Norton Identity Safe\Engine\2013.3.3.19\coieplg.dll (Symantec Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {C90DBB52-46E0-4E65-92BC-799ADEE54C86} - C:\Program Files\Flash2X\Flash Player\FlashPlayer.dll ()
O2 - BHO: (getsav-in 5.0) - {FE78FDD5-BE5A-47A2-B772-2BFE82630C17} - C:\Users\Rachel G\AppData\Local\getsav-in\ie\getsav-in_1368239101.dll ()
O3 - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2013.3.3.19\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2013.3.3.19\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [SDVDC] C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SearchProtect] C:\Users\Rachel G\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_41)
O16 - DPF: {CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_41)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_41)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BCB3EAE-FB8F-4141-8934-8A0E11E5B570}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBCEC8C8-8DDA-4014-B428-FED0EEFC40F8}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8fe4e8b0-022c-11df-be0f-00a0d19c6fd9}\Shell\AutoRun\command - "" = E:\rcaDVM_setup.exe
O33 - MountPoints2\{8fe4e8b0-022c-11df-be0f-00a0d19c6fd9}\Shell\install\command - "" = E:\rcaDVM_setup.exe
O33 - MountPoints2\{aa539072-e2cd-11df-b311-00a0d19c6fd9}\Shell - "" = AutoRun
O33 - MountPoints2\{aa539072-e2cd-11df-b311-00a0d19c6fd9}\Shell\AutoRun\command - "" = F:\MediaManager.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\MediaManager.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/10 23:23:14 | 000,000,000 | ---D | C] -- C:\Users\Rachel G\Desktop\RK_Quarantine
[2013/05/10 22:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/05/10 22:41:54 | 000,000,000 | ---D | C] -- C:\Program Files\DomaIQ Uninstaller
[2013/05/10 22:40:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/05/10 22:40:27 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/05/10 22:40:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/05/10 22:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\PC Optimizer Pro
[2013/05/10 22:32:32 | 000,000,000 | ---D | C] -- C:\Users\Rachel G\AppData\Local\getsav-in
[2013/05/10 22:15:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
[2013/05/10 14:50:12 | 000,000,000 | ---D | C] -- C:\Users\Rachel G\AppData\Local\VisualBeeClient
[2013/05/10 14:48:36 | 000,000,000 | ---D | C] -- C:\Users\Rachel G\AppData\Local\VisualBeeExe
[2013/05/10 14:44:16 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect
[2013/05/10 14:44:12 | 000,000,000 | ---D | C] -- C:\Users\Rachel G\AppData\Roaming\SearchProtect
[2013/05/10 14:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\VisualBee
[2013/05/08 17:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/05/08 17:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/05/08 15:17:50 | 000,000,000 | ---D | C] -- C:\Users\Rachel G\AppData\Local\SDVDC
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Rachel G\Documents\*.tmp files -> C:\Users\Rachel G\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/05/10 23:39:16 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/05/10 23:18:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/10 22:44:31 | 000,000,775 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/05/10 22:41:44 | 000,000,895 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/05/10 22:38:56 | 000,000,009 | ---- | M] () -- C:\END
[2013/05/10 22:06:15 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2013/05/10 22:05:35 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/10 22:05:18 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/10 22:05:17 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/10 22:05:12 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/10 22:05:12 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/10 14:40:55 | 001,149,932 | ---- | M] () -- C:\Users\Rachel G\Desktop\ProcessExplorer.zip
[2013/05/10 14:33:35 | 000,006,540 | ---- | M] () -- C:\Users\Rachel G\AppData\Local\d3d9caps.dat
[2013/05/09 18:03:39 | 000,604,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/09 18:03:39 | 000,104,420 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/08 17:05:24 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/05/05 23:28:57 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2013/04/19 00:21:21 | 000,000,980 | ---- | M] () -- C:\Users\Rachel G\Desktop\Dropbox.lnk
[2013/04/14 14:46:41 | 000,179,006 | ---- | M] () -- C:\Users\Rachel G\.TransferManager.db
[2013/04/12 14:34:33 | 002,428,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Rachel G\Documents\*.tmp files -> C:\Users\Rachel G\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/05/10 22:40:29 | 000,000,895 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/05/10 14:41:19 | 000,000,009 | ---- | C] () -- C:\END
[2013/05/10 14:40:44 | 001,149,932 | ---- | C] () -- C:\Users\Rachel G\Desktop\ProcessExplorer.zip
[2013/05/08 17:05:24 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/01/10 00:42:26 | 000,179,006 | ---- | C] () -- C:\Users\Rachel G\.TransferManager.db
[2013/01/06 02:00:12 | 000,021,494 | ---- | C] () -- C:\Program Files\0x0409.ini
[2013/01/06 02:00:12 | 000,003,584 | ---- | C] () -- C:\Program Files\1033.MST
[2012/11/05 14:18:18 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2012/11/05 14:18:18 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2012/10/28 17:53:01 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
[2012/06/14 16:00:38 | 000,000,132 | ---- | C] () -- C:\Users\Rachel G\webct_upload_applet.properties
[2012/06/06 12:57:08 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2012/02/24 00:49:07 | 000,264,044 | ---- | C] () -- C:\Users\Rachel G\HP_192.168.2.2_CN08IM22Z105J7
[2012/01/18 02:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012/01/18 02:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012/01/18 02:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2012/01/17 01:44:38 | 000,008,192 | -H-- | C] () -- C:\Users\Rachel G\photothumb.db
[2011/12/26 17:35:35 | 000,055,020 | ---- | C] () -- C:\Users\Rachel G\startupreport.htm
[2011/11/16 21:40:38 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/08/12 13:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011/05/20 19:02:54 | 000,001,940 | ---- | C] () -- C:\Users\Rachel G\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/07 23:25:08 | 000,000,000 | ---- | C] () -- C:\Users\Rachel G\AppData\Local\Qpuxogodobuvog.bin
[2011/05/07 23:25:04 | 000,000,120 | ---- | C] () -- C:\Users\Rachel G\AppData\Local\Whufunajaz.dat
[2011/02/09 19:12:54 | 000,051,985 | ---- | C] () -- C:\Users\Rachel G\IE9_BlockerHelp.htm
[2011/01/25 17:20:45 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/05 23:00:38 | 000,001,820 | ---- | C] () -- C:\Users\Rachel G\IE9_Blocker.cmd
[2011/01/05 23:00:38 | 000,001,764 | ---- | C] () -- C:\Users\Rachel G\IE9_Blocker.adm
[2010/12/31 17:51:18 | 000,036,816 | ---- | C] () -- C:\Users\Rachel G\IE9_BlockerHelp-GPFilteringDialog.jpg
[2009/08/12 13:15:06 | 000,006,540 | ---- | C] () -- C:\Users\Rachel G\AppData\Local\d3d9caps.dat
[2008/12/21 12:54:01 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/05/19 04:11:17 | 000,032,506 | ---- | C] () -- C:\Users\Rachel G\AppData\Roaming\wklnhst.dat
[2008/04/05 19:56:11 | 000,071,168 | ---- | C] () -- C:\Users\Rachel G\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/03/11 13:14:35 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Ad-Aware Antivirus
[2010/06/21 11:53:32 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Amazon
[2012/12/14 18:25:31 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\AnvSoft
[2012/11/17 17:14:57 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Audacity
[2011/09/12 15:12:14 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Auslogics
[2011/10/23 11:15:44 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Avery
[2012/01/20 18:04:53 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\cacaoweb
[2013/05/09 18:21:41 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Dropbox
[2012/11/24 13:54:02 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\DVDVideoSoft
[2012/11/05 11:46:55 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\e-academy Inc
[2010/04/25 16:40:11 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Facebook
[2009/05/18 22:04:54 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\KNVB
[2010/11/26 14:11:30 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Leadertech
[2012/09/29 12:30:43 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\OpenCandy
[2009/05/17 22:52:52 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\OpenOffice.org
[2009/11/26 12:44:07 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\OxelonMC
[2012/07/20 03:08:01 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\PhotoScape
[2012/06/06 12:54:18 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Product_RM
[2012/06/06 18:39:15 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Registry Mechanic
[2011/09/05 00:18:04 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\RegistryKeys
[2012/01/02 00:27:18 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Samsung
[2013/05/10 22:38:28 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\SearchProtect
[2009/08/22 23:02:25 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\SecondLife
[2012/01/01 23:45:44 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\SoftGrid Client
[2012/11/22 15:14:48 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\SPSSInc
[2008/05/19 04:11:21 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Template
[2010/05/14 16:56:42 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Tific
[2008/05/10 15:45:02 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\TOSHIBA
[2011/12/28 20:40:45 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\TP
[2011/09/12 15:37:15 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\TuneUp Software
[2008/04/05 19:53:45 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\WinBatch
[2011/12/25 11:08:48 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\Youtube Downloader HD
[2012/12/29 14:37:40 | 000,000,000 | ---D | M] -- C:\Users\Rachel G\AppData\Roaming\ZiggyTV

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:C096C7C88C3BB3E6
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

OTL Extras logfile created on: 5/11/2013 12:44:43 AM - Run 1
OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\Rachel G\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19412)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.69 Mb Total Physical Memory | 111.61 Mb Available Physical Memory | 11.01% Memory free
2.25 Gb Paging File | 1.52 Gb Available in Paging File | 67.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110.32 Gb Total Space | 12.55 Gb Free Space | 11.38% Space Free | Partition Type: NTFS

Computer Name: RACHELG-PC | User Name: Rachel G | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Unable to open value key
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine -- (TOSHIBA Corporation)
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D9FD86-4466-4372-9063-064DCA085CA4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{081EE217-3BDB-476A-8FB4-B84DCE638219}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{215F9B89-654D-4183-94FB-7B3DFF7F24F7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7771A35D-2852-4294-BFF9-3D6EA5FC0684}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{802A09C1-8CD6-450B-BB51-C829BB35C1C7}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{8AFEA8FE-5F86-4EDC-94AF-CA767AEFE3AE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{90776BB1-D607-490A-A83F-9B75DB42D396}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ABE9AC58-ED16-4FE2-B832-602CB47A9F7B}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{B2A1B584-19B9-4F5D-8CA3-C15510CF537B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CEDE74E6-DDE0-4E88-822B-A471B74F569E}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{D448B026-B4C7-449A-B70B-8EBAE92FB5B7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DBC79259-188A-468D-AA3F-D72F0F0530EC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{ECFD8E50-3009-44C1-AB5C-43C4CA8CFAA2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0303E8AF-EEE4-4E83-BC8D-5A72CB94262E}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{0450256C-D970-4A84-9CB7-69BD817C80B5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{0C00356D-A869-4549-A19C-8486F0C5F3CD}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{0F7C2767-CB53-49DB-8CBA-6EBFF22980DA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{110C692D-BF16-4301-A732-4EABD4926E4B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{13AEF7EF-A511-4979-83E2-D06EC438FC40}" = protocol=6 | dir=in | app=c:\users\rachel g\appdata\roaming\dropbox\bin\dropbox.exe |
"{18FB68F6-985C-4F75-8351-B5F6C54A82B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1C14B42E-D4C9-4562-82C2-DCB18DA83C29}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{241FC71A-852C-4D30-ADE3-84C632E2F765}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{269857A3-E690-4751-B318-363C91DD5F8A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{269FABC5-703A-4263-8B30-F49C04EE67B6}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{28581E55-3881-439E-A93A-DD2DBC3BF6A8}" = protocol=6 | dir=out | app=system |
"{297E6D14-7A3E-4001-86FC-3E553D126CAD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{2CCE7654-A491-40AA-90B4-B8429BD18D22}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3484AC85-9B1F-4D43-B560-9D2FE0A2CCEA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{3D074F73-B2EE-4F66-AC56-0DB7260AB636}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3E3B34D3-EBAC-4BF5-9F60-9D07231C9AE2}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{44E0F086-C17D-48D8-BCCE-4A1BFDD9369D}" = protocol=17 | dir=in | app=c:\users\rachel g\appdata\roaming\dropbox\bin\dropbox.exe |
"{5AE1386E-D82B-4DBE-A02E-3D500FF59C29}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{6857677C-CB35-4173-85DE-D34B9D37897A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{69CCEAB6-74B0-428F-8B25-F954AE83794B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{723610A2-29A2-4CD7-8EEE-3613A2AC8C0C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8A49513D-0D84-41A3-9472-B5A142BE3D1E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8CD8A269-D6A3-4549-9EFB-D2D204876881}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9ABFB799-2631-40CB-9745-2F61D9BCBFF1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{9CAD18B6-2F56-407B-A68E-124E2CF9780B}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{A0AB1043-4009-4FBB-941A-E1E8178F581A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B72B913A-A750-48C0-84F4-4F9FDFE6E544}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BB81982A-A8B6-4875-90C3-CFA605C17FD3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BBEC62FF-8319-4B39-97D6-1860492E2540}" = dir=in | app=d:\setup\hpznui01.exe |
"{C5AC94EE-ADFC-4273-A7C9-9EF1DCD83779}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{C76C94EA-8F10-44CE-A516-3C799185D09E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C9D580BC-6BD5-4D6A-BCD0-850957534D90}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{CA29CB7F-37C6-481B-8A31-5E8BB4AD4673}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{D11D742A-CC34-4ACD-9018-F78C0E861CA0}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{D45CBA6C-2CD8-423E-9A8B-72AB8DBC4140}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D52FBB9E-AD8B-48F7-BF64-5A31432F89CF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{D6BDCFDE-B19D-4D99-8E8C-75BC87D725EA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6D73C57-2EA7-4D9F-89C7-8F6D50C83464}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"TCP Query User{0E96A95A-FD88-47DE-BFB3-68E4BB5689CB}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{29CC6AEF-79F8-488E-AD34-4A5B9EC414B0}C:\users\rachel g\appdata\roaming\cacaoweb\cacaoweb.exe" = protocol=6 | dir=in | app=c:\users\rachel g\appdata\roaming\cacaoweb\cacaoweb.exe |
"UDP Query User{6E4543D1-5EB6-4D6E-85B2-0CA0DBE5C6F0}C:\users\rachel g\appdata\roaming\cacaoweb\cacaoweb.exe" = protocol=17 | dir=in | app=c:\users\rachel g\appdata\roaming\cacaoweb\cacaoweb.exe |
"UDP Query User{C23EEF2E-D56B-4DB0-8415-D935958C5BDB}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{011A2240-08DF-45BB-AA4E-1A78637CCF80}" = RPS CRT
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216041FF}" = Java™ 6 Update 41
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2BDF38E0-1A7F-4220-B4B7-118DD45E5E13}" = TOSHIBA Supervisor Password
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{32821558-2C36-4FD0-A891-CA65360B0EC7}" = DesignPro 5
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5667B2-5D13-46C2-85B5-9D46A6096F61}" = Secure Download Manager
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}" = PS_AIO_06_C4700_SW_Min
"{546A2519-87BD-4E23-B35F-43EF9EB82D9C}" = NCLEX-RN 4000 - Individual Version
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68550918-63B5-4762-85CB-3C160AA4B213}" = HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{7095FD27-37F0-4750-9DE8-D37DC0043706}" = REALTEK RTL8187B Wireless LAN Driver
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{890EF3F8-742F-46BD-9E8E-084B3A1F4364}" = QuickBooks Financial Center
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B5978DF3-8A04-4F22-AF67-8CCE52E04B13}" = C4700
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFC85CDC-BD7C-4FDD-9507-8D74B5A79404}" = TOSHIBA Hardware Setup
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"AnmanieSMP_is1" = AnmanieSMP 2.4 i
"CCleaner" = CCleaner
"DVD Region Killer" = DVD Region Killer
"Free DVD Ripper 2.25_is1" = Free DVD Ripper Version 2.25
"getsav-in" = getsav-in
"Google Desktop" = Google Desktop
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}" = DesignPro 5
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"KNVB" = KNVB Version 4.5.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"NAV" = Norton AntiVirus
"NST" = Norton Identity Safe
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PhotoPad" = PhotoPad Image Editor
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"RCA Digital Voice Manager_is1" = RCA Digital Voice Manager 5.0.3.1
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.1
"SearchProtect" = Search Protect by conduit
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Uninstall_is1" = Uninstall 1.0.0.1
"VDC_is1" = Video Download Converter version 1.0.0.0
"VideoDownloadConverter_4zbar Uninstall" = VideoDownloadConverter Toolbar
"VLC media player" = VLC media player 2.0.5
"Windows Media Encoder 9" = Windows Media Encoder 9 Series

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Facebook Plug-In" = Facebook Plug-In
"Kies Air Discovery Service" = Kies Air Discovery Service

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/8/2013 2:16:29 PM | Computer Name = RachelG-PC | Source = Windows Search Service | ID = 3038
Description =

Error - 5/8/2013 2:17:27 PM | Computer Name = RachelG-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 5/8/2013 2:17:27 PM | Computer Name = RachelG-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 5/8/2013 2:17:35 PM | Computer Name = RachelG-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 5/9/2013 8:28:06 PM | Computer Name = RachelG-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19412, time stamp
0x51306ca3, faulting module kernel32.dll, version 6.0.6002.18704, time stamp 0x5065ccb6,
exception code 0xc0000005, fault offset 0x000495fd, process id 0x1698, application
start time 0x01ce4d14d91f0e0c.

Error - 5/10/2013 2:32:25 PM | Computer Name = RachelG-PC | Source = EventSystem | ID = 4609
Description =

Error - 5/10/2013 2:44:32 PM | Computer Name = RachelG-PC | Source = CltMngSvc | ID = 1000
Description =

Error - 5/10/2013 10:20:35 PM | Computer Name = RachelG-PC | Source = EventSystem | ID = 4609
Description =

Error - 5/10/2013 10:38:55 PM | Computer Name = RachelG-PC | Source = CltMngSvc | ID = 1000
Description =

Error - 5/10/2013 11:19:35 PM | Computer Name = RachelG-PC | Source = EventSystem | ID = 4609
Description =

[ Media Center Events ]
Error - 4/4/2010 12:18:26 AM | Computer Name = RachelG-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

Error - 4/20/2010 12:25:04 PM | Computer Name = RachelG-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

[ System Events ]
Error - 5/10/2013 10:20:40 PM | Computer Name = RachelG-PC | Source = DCOM | ID = 10005
Description =

Error - 5/10/2013 10:20:55 PM | Computer Name = RachelG-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 5/10/2013 10:20:55 PM | Computer Name = RachelG-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 5/10/2013 10:33:15 PM | Computer Name = RachelG-PC | Source = DCOM | ID = 10005
Description =

Error - 5/10/2013 10:40:10 PM | Computer Name = RachelG-PC | Source = DCOM | ID = 10005
Description =

Error - 5/10/2013 11:18:57 PM | Computer Name = RachelG-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:17:14 PM on 5/10/2013 was unexpected.

Error - 5/10/2013 11:19:35 PM | Computer Name = RachelG-PC | Source = DCOM | ID = 10005
Description =

Error - 5/10/2013 11:19:43 PM | Computer Name = RachelG-PC | Source = DCOM | ID = 10005
Description =

Error - 5/10/2013 11:20:17 PM | Computer Name = RachelG-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 5/10/2013 11:20:17 PM | Computer Name = RachelG-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP