OTL logfile created on: 9/4/2013 8:57:52 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Servpro\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.96 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 55.04% Memory free
3.93 Gb Paging File | 2.89 Gb Available in Paging File | 73.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134.32 Gb Total Space | 89.43 Gb Free Space | 66.58% Space Free | Partition Type: NTFS
Drive D: | 271.22 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 7.45 Gb Total Space | 6.98 Gb Free Space | 93.63% Space Free | Partition Type: FAT32
Computer Name: MARYS-PC | User Name: Mary's | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/09/03 09:25:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Servpro\Desktop\OTL.com
PRC - [2013/04/09 16:02:36 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013/03/13 06:26:52 | 003,845,464 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2tray.exe
PRC - [2013/03/13 06:26:52 | 001,319,768 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe
PRC - [2013/03/13 06:26:50 | 002,511,192 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2pre.exe
PRC - [2013/03/13 06:26:46 | 002,613,080 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToMyPC\g2comm.exe
PRC - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/09/06 21:11:30 | 001,327,104 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCcUxSys.exe
PRC - [2012/09/06 21:06:14 | 000,393,216 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCtrlCntr.exe
PRC - [2012/06/06 15:31:56 | 003,076,096 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe
PRC - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Browny02\BrYNSvc.exe
PRC - [2011/09/21 17:40:11 | 000,117,648 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.8.3.6\ccSvcHst.exe
PRC - [2011/09/07 10:59:00 | 000,569,072 | ---- | M] (CrossLoop) -- C:\Users\Mary's\AppData\Local\CrossLoop\CrossLoopService.exe
PRC - [2011/03/15 14:02:05 | 000,901,600 | ---- | M] () -- C:\Program Files\Business-in-a-Box\BIBLauncher.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 05:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/09/14 14:03:58 | 000,984,352 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2010/09/14 12:45:30 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2010/03/09 00:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\pptd40nt.exe
PRC - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2010/03/05 20:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
PRC - [2009/11/12 09:55:30 | 000,203,776 | ---- | M] (Microsoft) -- C:\dell\DBRM\Reminder\DbrmTrayicon.exe
PRC - [2009/08/26 15:49:00 | 002,691,072 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe
PRC - [2009/08/14 11:30:56 | 000,015,872 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
PRC - [2009/07/27 11:18:02 | 000,134,656 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2009/07/13 18:14:29 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationHost.exe
PRC - [2009/06/24 19:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/11 20:46:46 | 000,656,384 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
PRC - [2009/06/11 17:43:08 | 001,622,016 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2009/05/05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
========== Modules (No Company Name) ========== MOD - [2012/07/07 15:50:23 | 000,036,352 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2012/06/14 03:33:10 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:33:04 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/12 03:42:24 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/05/12 03:38:45 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/12 03:38:42 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/12 03:38:41 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/12 03:38:25 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/03/15 14:02:05 | 000,901,600 | ---- | M] () -- C:\Program Files\Business-in-a-Box\BIBLauncher.exe
MOD - [2010/02/11 13:04:45 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Status Lib\1.6.320.13950__f25c74fcad379103\Status Lib.dll
MOD - [2010/02/11 13:04:45 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\StatusInterfaces\1.6.320.13949__4ca2a925deedf37d\StatusInterfaces.dll
MOD - [2009/07/27 11:15:32 | 000,249,856 | ---- | M] () -- C:\Windows\System32\wxvault.dll
MOD - [2009/06/03 11:07:50 | 000,010,752 | ---- | M] () -- C:\Windows\System32\Wavx_ESC_Logging.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
MOD - [2008/11/12 12:24:40 | 000,004,608 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll
========== Services (SafeList) ========== SRV - [2013/08/20 12:30:09 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/13 06:26:52 | 001,319,768 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Auto | Running] -- C:\Program Files\Citrix\GoToMyPC\g2svc.exe -- (GoToMyPC)
SRV - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2011/09/21 17:40:11 | 000,117,648 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\3.8.3.6\ccSvcHst.exe -- (N360)
SRV - [2011/09/07 10:59:00 | 000,569,072 | ---- | M] (CrossLoop) [Auto | Running] -- C:\Users\Mary's\AppData\Local\CrossLoop\CrossLoopService.exe -- (CrossLoopService)
SRV - [2010/09/14 12:45:30 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2010/02/25 17:09:49 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 18:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/11 17:43:08 | 001,622,016 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2009/06/03 11:15:24 | 001,019,904 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2008/11/12 12:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2008/08/08 21:10:46 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
========== Driver Services (SafeList) ========== DRV - [2013/07/30 03:15:46 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130730.003\navex15.sys -- (NAVEX15)
DRV - [2013/07/30 03:15:46 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130730.003\naveng.sys -- (NAVENG)
DRV - [2013/07/19 17:13:40 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20130730.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/03/13 06:15:48 | 000,028,416 | ---- | M] (Citrix Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\monblanking.sys -- (monblanking)
DRV - [2012/07/31 17:34:46 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/07/31 17:34:45 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/09/21 17:40:13 | 000,467,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0308030.006\cchpx86.sys -- (ccHP)
DRV - [2011/09/21 17:40:13 | 000,217,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0308030.006\symtdi.sys -- (SYMTDI)
DRV - [2011/09/21 17:40:13 | 000,089,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\N360\0308030.006\symfw.sys -- (SYMFW)
DRV - [2011/09/21 17:40:13 | 000,048,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\N360\0308030.006\symndisv.sys -- (SYMNDISV)
DRV - [2010/11/20 05:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 05:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 05:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 02:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 02:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/02/24 12:43:49 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/02/24 12:43:42 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\0308030.006\SymEFA.sys -- (SymEFA)
DRV - [2010/02/24 12:43:42 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\N360\0308030.006\srtsp.sys -- (SRTSP)
DRV - [2010/02/24 12:43:42 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0308030.006\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/02/24 12:43:42 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0308030.006\srtspx.sys -- (SRTSPX)
DRV - [2010/02/24 12:43:42 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/09/04 10:35:00 | 002,747,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTDVHDA.sys -- (IntcAzAudAddService)
DRV - [2009/07/27 11:17:56 | 000,200,192 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2009/07/13 17:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/06/20 05:34:56 | 000,273,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2009/05/11 10:55:12 | 000,084,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\basp.sys -- (Blfp)
DRV - [2008/06/04 13:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2005/06/20 10:12:00 | 000,215,040 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sis163u.sys -- (SIS163u)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{0805CFF4-599A-4BF8-8FE9-608B2D364D7F}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKLM\..\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}: "URL" =
http://search.mywebs...r={searchTerms}IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/USREL/1IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
https://www.sso.serv...MTcyLjEuMS4xMjIIE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/10/11 10:24:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/04/09 16:03:26 | 000,000,000 | ---D | M]
[2012/09/26 10:58:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
http://www.google.com/CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\google\chrome\application\22.0.1229.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Mary's\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Mary's\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealDownloader = C:\Users\Mary's\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0\
CHR - Extension: Gmail = C:\Users\Mary's\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 14:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.8.3.6\IPSBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DBRMTray] C:\dell\DBRM\Reminder\DbrmTrayicon.exe (Microsoft)
O4 - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PPort12reminder] C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SelectRebates] C:\Program Files\SelectRebates\SelectRebates.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [BIBLauncher] C:\Program Files\Business-in-a-Box\BIBLauncher.exe ()
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKLM..\RunOnce: [DBRMTray] C:\dell\DBRM\Reminder\TrayApp.exe (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
http://l.yimg.com/jh...aploader_v6.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4EADCC00-63D2-4599-9C98-1BB5A1240CC5}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE20CC82-747C-4D7F-8B76-7BCE8C73CFAA}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Authentication Packages - (wvauth) - C:\Windows\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/03/28 07:50:44 | 000,000,000 | ---D | M] - D:\AUTORUN -- [ CDFS ]
O32 - AutoRun File - [2007/10/09 08:30:04 | 000,000,078 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2010/11/22 14:08:16 | 000,000,110 | -H-- | M] () - E:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{79508d84-1757-11df-ab73-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{79508d84-1757-11df-ab73-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun\ShelExec.exe index.html
O33 - MountPoints2\{aa1f35bc-30c4-11e1-b712-002564b7421a}\Shell - "" = AutoRun
O33 - MountPoints2\{aa1f35bc-30c4-11e1-b712-002564b7421a}\Shell\AutoRun\command - "" = E:\windows\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A10B02 PID_0083
O33 - MountPoints2\{aa1f35c8-30c4-11e1-b712-002564b7421a}\Shell - "" = AutoRun
O33 - MountPoints2\{aa1f35c8-30c4-11e1-b712-002564b7421a}\Shell\AutoRun\command - "" = E:\windows\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A10B02 PID_0083
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
========== Files/Folders - Created Within 30 Days ========== [2013/09/03 15:23:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/09/03 13:09:27 | 000,000,000 | ---D | C] -- C:\Users\Mary's\Desktop\AdwCleaner
[2013/09/03 09:19:06 | 000,000,000 | ---D | C] -- C:\Users\Mary's\Temp2
[2013/08/29 15:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SERVPRO Office Automation Software
[2013/08/29 15:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sagekey Software
[2013/08/29 15:26:41 | 000,000,000 | ---D | C] -- C:\Program Files\ManagER
[2013/08/19 15:43:57 | 000,000,000 | ---D | C] -- C:\Users\Mary's\AppData\Local\NPE
[2013/08/16 14:50:36 | 000,000,000 | ---D | C] -- C:\Users\Mary's\AppData\Local\Intel
[2012/09/06 14:15:16 | 000,693,648 | ---- | C] (MindSpark) -- C:\Program Files\12Uninstall My Scrap Nook.dll
========== Files - Modified Within 30 Days ========== [2013/09/04 08:58:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/04 08:55:20 | 000,000,000 | ---- | M] () -- C:\Users\Mary's\AppData\Local\WavXMapDrive.bat
[2013/09/04 08:55:16 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/04 08:55:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/04 08:54:57 | 1582,022,656 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/04 08:54:28 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/04 08:54:27 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/04 08:30:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/03 14:19:58 | 000,000,476 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2013/08/29 15:41:40 | 000,001,096 | ---- | M] () -- C:\Users\Mary's\Desktop\Servpro stuff.zip
[2013/08/29 15:35:06 | 000,002,038 | ---- | M] () -- C:\Users\Mary's\Desktop\Servpro stuff.lnk
[2013/08/29 13:30:52 | 000,002,227 | ---- | M] () -- C:\Users\Mary's\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/08/20 12:30:09 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/08/20 12:30:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/08/14 12:06:27 | 000,631,208 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/08/14 12:06:27 | 000,109,326 | ---- | M] () -- C:\Windows\System32\perfc009.dat
========== Files Created - No Company Name ========== [2013/08/29 15:41:40 | 000,001,096 | ---- | C] () -- C:\Users\Mary's\Desktop\Servpro stuff.zip
[2013/07/30 15:50:02 | 000,316,553 | ---- | C] () -- C:\Users\Mary's\AppData\Local\9f2c10a0-f56c-464d-b90f-23109eb5be53
[2013/07/23 14:55:30 | 000,000,248 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2013/07/23 14:55:30 | 000,000,064 | ---- | C] () -- C:\Windows\brpcfx.ini
[2013/07/23 14:54:17 | 000,002,944 | ---- | C] () -- C:\Windows\BRPARAM.INI
[2013/07/23 14:50:18 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2013/07/23 14:50:05 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2013/02/14 11:25:24 | 000,046,386 | ---- | C] () -- C:\Users\Mary's\AppData\Local\wethsqud
[2013/01/31 06:25:27 | 000,046,386 | ---- | C] () -- C:\Users\Mary's\AppData\Local\wctfsnkc
[2013/01/24 15:28:17 | 000,046,117 | ---- | C] () -- C:\Users\Mary's\AppData\Local\gexrfbnk
[2013/01/24 15:18:56 | 000,000,000 | ---- | C] () -- C:\Users\Mary's\AppData\Roaming\SharedSettings.ccs
[2012/09/06 14:15:16 | 000,174,016 | ---- | C] () -- C:\Program Files\12res.dll
[2012/05/07 10:33:25 | 000,000,476 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012/05/07 10:33:25 | 000,000,034 | ---- | C] () -- C:\Windows\System32\bd9440cn.dat
[2012/05/07 10:33:25 | 000,000,026 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012/05/07 10:33:15 | 000,000,000 | ---- | C] () -- C:\Program Files\error.dat
[2012/05/07 10:33:15 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2012/05/07 10:33:05 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2012/05/07 10:33:04 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2012/05/07 10:33:02 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BAOCH06A.DAT
[2012/03/01 12:36:19 | 000,072,080 | ---- | C] () -- C:\Users\Mary's\g2mdlhlpx.exe
[2011/10/10 12:40:01 | 000,000,000 | ---- | C] () -- C:\Users\Mary's\AppData\Roaming\bibstats
[2010/05/07 09:22:02 | 000,000,369 | ---- | C] () -- C:\Users\Mary's\Servpro of Grays Harbor & Pacific Counties 9762.QBW.ND
[2010/05/07 09:22:00 | 000,196,608 | R--- | C] () -- C:\Users\Mary's\Servpro of Grays Harbor & Pacific Counties 9762.QBW.TLG
[2010/05/07 09:21:38 | 000,000,465 | ---- | C] () -- C:\Users\Mary's\Servpro of Grays Harbor & Pacific Counties 9762.ND
[2010/05/07 09:21:37 | 009,977,856 | R--- | C] () -- C:\Users\Mary's\Servpro of Grays Harbor & Pacific Counties 9762.QBW
[2010/02/19 17:16:53 | 000,000,000 | ---- | C] () -- C:\Users\Mary's\AppData\Local\WavXMapDrive.bat
========== ZeroAccess Check ========== [2009/07/13 21:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/01/04 01:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
TL Extras logfile created on: 9/4/2013 8:57:52 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Servpro\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.96 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 55.04% Memory free
3.93 Gb Paging File | 2.89 Gb Available in Paging File | 73.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134.32 Gb Total Space | 89.43 Gb Free Space | 66.58% Space Free | Partition Type: NTFS
Drive D: | 271.22 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 7.45 Gb Total Space | 6.98 Gb Free Space | 93.63% Space Free | Partition Type: FAT32
Computer Name: MARYS-PC | User Name: Mary's | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- "%1" %*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15EC42CE-134B-41DA-81A5-DC85621F7E86}" = rport=445 | protocol=6 | dir=out | app=system |
"{1613C833-22CE-481F-9548-51390489BD9B}" = rport=139 | protocol=6 | dir=out | app=system |
"{1D0630CE-7955-40FF-9A47-10E711F7FE19}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{337C9F0D-35F3-401A-9A08-2E0EDEF81D94}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{35129F09-B6E3-439B-9594-0E5F498F19CB}" = lport=5910 | protocol=6 | dir=in | name=vnc5910 |
"{3911BAAD-9985-4818-B903-4292632E84CF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5100346B-35EE-49EC-BAFC-C74D1F9CF2E5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6569FA33-D05F-4479-BCE6-09C2D7CDAF35}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7AA3566B-EC5E-44BD-A9D8-9A1F05677AA3}" = lport=139 | protocol=6 | dir=in | app=system |
"{7DEBE913-0665-4F0B-9B3F-EBEF304566C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{824AA1A9-4A67-4ECF-BB72-83FF720B1E9B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{827666FD-A829-4EEA-957A-F54AA2ABE761}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{83F971A8-7ABE-460A-850C-282C9C6FB567}" = lport=138 | protocol=17 | dir=in | app=system |
"{8918CEC8-856E-4550-AA96-605F027E88D3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8D2935B6-5AB0-40F0-8C27-83369FDEEB5C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8EF92507-5613-493F-9E6D-43BDDCBC757B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{97775D74-A4ED-4C72-8B0B-9F597DAAAEA7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{A5196BA1-44C2-42D0-BE2B-CC917EA1A140}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AEA2E75E-FC66-4584-926C-5DD36564250F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{B1E7885E-596A-4EE8-BB09-AB87CB6E4D3A}" = rport=138 | protocol=17 | dir=out | app=system |
"{B41819B7-1440-49A2-85DE-F72A98D2A9BC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B421199C-3154-430C-BA98-EEDE58D74D24}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B863157B-0615-40D6-A549-CF79B203FADC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BC2024D0-766A-409C-AE6F-A056A26A537F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BE9501BE-0019-4507-8FB7-5D0291138A19}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C1A27972-921C-4950-80C3-5C2A5015A520}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CFC25A8C-85D9-4DC2-8416-001B457B962B}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{D1563B1F-9F52-48B7-84F8-230868AC10C6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D5F6AC01-B2B3-4567-AFC1-7D6641303EFB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D6717AFC-2418-4D2A-9CFB-A8097E65A435}" = lport=445 | protocol=6 | dir=in | app=system |
"{D9B20961-71F2-464A-9DE6-C69C5FAC299B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E2991B3B-3339-49BA-9C57-7ADC2A64F9FC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E64548BF-3210-4498-BC68-173B6ACDC1B8}" = rport=137 | protocol=17 | dir=out | app=system |
"{E9F3D5BF-8626-4FEA-A8B9-5A971F7DDF5E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FFA2E449-FB8D-4EF2-9229-E40AC3774950}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FFD280D6-195A-42C2-B193-CCB1F8B8B50A}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0391F635-1635-436F-87BD-3CAA96DEBE7D}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl11b\faxrx.exe |
"{0D6783F9-8073-4EFF-9706-B27E4C950262}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0EEBDE26-6DA3-474C-A700-6E944A4FB04E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{39A85FEB-981E-48D6-8B8B-6D8A842BC59E}" = protocol=1 | dir=in |
[email protected],-28543 |
"{46171C88-108B-48EF-8964-EB0148771546}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{594FFBD7-AF04-405F-8BFE-18A33E3CA8CD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F6E4C7D-5EFD-43B1-BE35-9E013275E5C4}" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{5FDA00CF-8E2B-48A0-A29A-FFA114831B85}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{64DEB59A-CF80-4D23-8903-680FA32045E1}" = protocol=58 | dir=in |
[email protected],-28545 |
"{65A5B15C-1241-4A8A-9786-5DCEDA4C90E0}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{66AC3B5F-98AC-4D29-B99E-9B4D63F6014E}" = protocol=6 | dir=out | app=system |
"{698A8FC6-C080-41D1-9CCE-6B38530E1BDE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6BAF1D5F-2FC2-4E64-B5C8-5CE889BE5B35}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{8152D204-EE06-42A7-A41E-C0647CDD7109}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8632E4A8-212F-40D8-9FA2-187B3343C8F1}" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"{8E00E0CC-6F1A-4929-A4C9-438798F8D4D4}" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{9BDC7503-353F-42B1-8C2D-33FC0177A64E}" = protocol=17 | dir=in | app=c:\users\mary's\appdata\local\crossloop\tvnserver.exe |
"{A240961B-544D-4D42-A0EE-8B4FACB3EFC0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A9732FBD-7F75-4E29-A760-10BE07D2F05E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ACF1FB7E-71DE-4C07-B6D1-B03943BAF610}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B63C955D-0DE3-4F79-94F2-EA4C3C3099AD}" = protocol=58 | dir=out |
[email protected],-28546 |
"{B8F4F8D2-668E-4780-8704-AFE0D604CF27}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BF158D2A-A833-4402-9DB2-DADBF1764A9D}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl11b\faxrx.exe |
"{C6AB5167-A0D8-449D-B469-A936B2F0517E}" = protocol=17 | dir=in | app=c:\users\mary's\appdata\local\crossloop\vncviewer.exe |
"{C9CE0070-A2C1-4439-BA8E-5B60E4A98500}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{CFB5F9BD-D1E8-48C9-9F5E-B0FE2115C478}" = protocol=1 | dir=out |
[email protected],-28544 |
"{D0F0DD30-FA8E-4847-8854-21F9A95B0B66}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D79295C4-9E2F-4C5E-9CAD-E5CFEB043745}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D9F2B28D-C385-4788-906D-7A635521F610}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DDFAADA6-29EE-49A0-93AA-954528C881C1}" = protocol=6 | dir=in | app=c:\users\mary's\appdata\local\crossloop\tvnserver.exe |
"{EE0A4DDC-D1DC-4595-A1BD-EB4A1AF82895}" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"{F2A2E955-546A-4B59-A2E7-A60532121965}" = protocol=6 | dir=in | app=c:\users\mary's\appdata\local\crossloop\vncviewer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE 10.3
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{11DB380B-48CF-46EA-8B03-51874E2733C9}" = Dell Control Point
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 26
"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2E98C5B7-D64C-4D7E-BFC3-A7D078569F28}" = Broadcom NetXtreme-I Netlink Driver and Management Installer
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{3237887D-8AC4-4C27-BDF4-57D7CB0351D6}" = SO32MMWrapper
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5A847475-157F-45AD-9919-CD40D344B8B1}" = QBFC3.0
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12
"{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}" = PaperPort Image Printer
"{71084075-ABA7-48BC-9733-F56A9ABD184D}" = DCP32MMWrapper
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{74EA06CC-9EFD-410D-88B4-CB5ABD2BE785}" = GoToMyPC
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{79B520D5-CE72-4661-A054-804BC3412516}" = Wave Infrastructure Installer
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{830F55B6-4398-4B72-A0D8-66397B902C0E}" = Brother MFL-Pro Suite MFC-J5910DW
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8DD67529-BA26-4D12-97A8-3853D0C4B67D}" = Dell Backup and Recovery Manager
"{8FC5E2A8-F0EA-48D1-BB21-67E89CB778E1}" = Brother MFC-9440CN
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{901C0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Access 2002 Runtime
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0137-0409-0000-0000000FF1CE}" = Microsoft Works 6-9 Converter
"{9A2F0810-3622-4E86-9072-973FBE1679C5}" = QuickBooks Pro 2009
"{9A2F0810-369F-4E86-9072-973FBE1679C5}" = QuickBooks
"{9ED7D6FD-1B8C-4D89-B970-CC119C05AE3A}" = Mastering Accounting Basics for QuickBooks 2010
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.4
"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack
"{BC52E419-B185-488F-9973-049A88E5DCBE}" = Gemalto
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3FA63E2-AFD3-41FD-B48F-1D942CC71943}" = UPEK TouchChip Fingerprint Reader
"{D0EA1D95-53E2-4094-B347-3EDC8AFC52C2}" = Mastering QuickBooks 2010 for Construction DVD
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}" = RealDownloader
"{EA85A846-62C3-499C-9E6E-FF738D7F40F6}" = SERVPRO Office Automation Software
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE 10.3
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"B55781558C6FAB4237DDEE317F2409086B83E855" = Windows Driver Package - Citrix Systems monblanking Citrix Driver (06/26/2012 6.3.0.48)
"Business-in-a-Box" = Business-in-a-Box
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"CrossLoop_is1" = CrossLoop 2.81
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HDMI" = Intel® Graphics Media Accelerator Driver
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"Mastering Accounting Basics for QuickBooks 2010" = Mastering Accounting Basics for QuickBooks 2010
"Mastering QuickBooks 2010 for Construction DVD" = Mastering QuickBooks 2010 for Construction DVD
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"N360" = Norton 360
"RealPlayer 16.0" = RealPlayer
"SelectRebatesUninstall" = ShopAtHome.com Toolbar
"SiS163u" = 802.11 USB Wireless LAN Adapter
"STANDARDR" = Microsoft Office Standard 2007
"TVWiz" = Intel® TV Wizard
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 4.8.0.723
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 11/18/2012 3:45:37 PM | Computer Name = Marys-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 11/18/2012 3:45:37 PM | Computer Name = Marys-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 11/18/2012 3:45:37 PM | Computer Name = Marys-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 11/18/2012 3:45:37 PM | Computer Name = Marys-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 11/18/2012 3:51:07 PM | Computer Name = Marys-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2009": An attempt
to LogOff without a logo
Error - 11/23/2012 7:28:15 PM | Computer Name = Marys-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 11/23/2012 7:28:15 PM | Computer Name = Marys-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 11/23/2012 7:28:15 PM | Computer Name = Marys-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 11/23/2012 7:28:15 PM | Computer Name = Marys-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
Hand
Error - 11/23/2012 7:28:51 PM | Computer Name = Marys-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2009": An attempt
to LogOff without a logo
[ Media Center Events ]
Error - 4/22/2010 2:12:31 PM | Computer Name = Marys-PC | Source = MCUpdate | ID = 0
Description = 11:12:30 AM - Failed to retrieve Broadband-2.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 4/22/2010 3:13:40 PM | Computer Name = Marys-PC | Source = MCUpdate | ID = 0
Description = 12:13:38 PM - Failed to retrieve Broadband-2.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 4/22/2010 4:14:00 PM | Computer Name = Marys-PC | Source = MCUpdate | ID = 0
Description = 1:13:58 PM - Failed to retrieve Broadband-2.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 4/22/2010 5:17:20 PM | Computer Name = Marys-PC | Source = MCUpdate | ID = 0
Description = 2:17:18 PM - Failed to retrieve Broadband-2.enc (Error: HTTP status
404: The requested URL does not exist on the server. )
Error - 1/11/2011 2:28:27 AM | Computer Name = Marys-PC | Source = MCUpdate | ID = 0
Description = 10:28:24 PM - Failed to retrieve SportsSchedule (Error: The remote
name could not be resolved: 'data.tvdownload.microsoft.com')
Error - 2/15/2011 12:15:29 PM | Computer Name = Marys-PC | Source = MCUpdate | ID = 0
Description = 8:15:25 AM - Failed to retrieve SportsSchedule (Error: The operation
has timed out)
Error - 3/29/2011 2:07:38 AM | Computer Name = Marys-PC | Source = MCUpdate | ID = 0
Description = 11:07:33 PM - Error connecting to the internet. 11:07:33 PM - Unable
to contact server..
Error - 3/29/2011 3:07:55 AM | Computer Name = Marys-PC | Source = MCUpdate | ID = 0
Description = 12:07:54 AM - Error connecting to the internet. 12:07:54 AM - Unable
to contact server..
Error - 3/29/2011 4:08:27 AM | Computer Name = Marys-PC | Source = MCUpdate | ID = 0
Description = 1:08:22 AM - Error connecting to the internet. 1:08:22 AM - Unable
to contact server..
Error - 3/29/2011 5:08:44 AM | Computer Name = Marys-PC | Source = MCUpdate | ID = 0
Description = 2:08:43 AM - Error connecting to the internet. 2:08:43 AM - Unable
to contact server..
[ OSession Events ]
Error - 7/1/2013 11:54:53 AM | Computer Name = Marys-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 516
seconds with 420 seconds of active time. This session ended with a crash.
Error - 7/3/2013 11:48:39 AM | Computer Name = Marys-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 115
seconds with 60 seconds of active time. This session ended with a crash.
Error - 7/17/2013 5:29:46 PM | Computer Name = Marys-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1274
seconds with 1140 seconds of active time. This session ended with a crash.
Error - 7/19/2013 11:09:22 AM | Computer Name = Marys-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 480
seconds with 180 seconds of active time. This session ended with a crash.
Error - 7/23/2013 7:02:07 PM | Computer Name = Marys-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 142
seconds with 120 seconds of active time. This session ended with a crash.
Error - 7/30/2013 6:10:33 PM | Computer Name = Marys-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2298
seconds with 660 seconds of active time. This session ended with a crash.
Error - 7/31/2013 1:59:36 PM | Computer Name = Marys-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 199
seconds with 180 seconds of active time. This session ended with a crash.
Error - 8/15/2013 11:17:51 AM | Computer Name = Marys-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 118
seconds with 60 seconds of active time. This session ended with a crash.
Error - 9/3/2013 11:17:39 AM | Computer Name = Marys-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 91
seconds with 60 seconds of active time. This session ended with a crash.
Error - 9/3/2013 11:21:44 AM | Computer Name = Marys-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 237
seconds with 120 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 9/4/2013 11:48:31 AM | Computer Name = Marys-PC | Source = DCOM | ID = 10005
Description =
Error - 9/4/2013 11:48:32 AM | Computer Name = Marys-PC | Source = DCOM | ID = 10005
Description =
Error - 9/4/2013 11:50:08 AM | Computer Name = Marys-PC | Source = Service Control Manager | ID = 7001
Description = The PnP-X IP Bus Enumerator service depends on the Function Discovery
Provider Host service which failed to start because of the following error: %%1068
Error - 9/4/2013 11:50:20 AM | Computer Name = Marys-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 9/4/2013 11:50:20 AM | Computer Name = Marys-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 9/4/2013 11:50:20 AM | Computer Name = Marys-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 9/4/2013 11:51:33 AM | Computer Name = Marys-PC | Source = Service Control Manager | ID = 7001
Description = The NTRU TSS v1.2.1.29 TCS service depends on the TPM Base Services
service which failed to start because of the following error: %%0
Error - 9/4/2013 11:52:37 AM | Computer Name = Marys-PC | Source = DCOM | ID = 10016
Description =
Error - 9/4/2013 11:55:08 AM | Computer Name = Marys-PC | Source = Service Control Manager | ID = 7001
Description = The NTRU TSS v1.2.1.29 TCS service depends on the TPM Base Services
service which failed to start because of the following error: %%0
Error - 9/4/2013 11:56:12 AM | Computer Name = Marys-PC | Source = DCOM | ID = 10016
Description =
< End of report >