Hi pgmigg,
I have done a complete Re-install for my computer and ran a fresh OTL scan. Would i be right in thinking my logs still show signs of the infection?
Thanks,
Wayne.
OTL logfile created on: 10/13/2012 11:02:43 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\wre\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.86 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 44.67% Memory free
7.73 Gb Paging File | 5.78 Gb Available in Paging File | 74.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 421.60 Gb Free Space | 93.48% Space Free | Partition Type: NTFS
Computer Name: WRE-PC | User Name: wre | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/10/13 11:01:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\wre\Desktop\OTL.exe
PRC - [2012/10/10 14:22:32 | 003,116,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2012/10/02 03:32:58 | 000,193,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/02 03:32:04 | 005,783,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2012/05/04 15:43:20 | 001,561,768 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/09/06 18:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 16:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/09/03 08:28:54 | 000,518,640 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010/07/01 21:10:26 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/07/01 21:10:22 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/12/29 21:19:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/06/24 23:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
========== Modules (No Company Name) ========== MOD - [2012/10/12 21:10:44 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\b1a619266964bede98b18ef83eb1c559\System.Core.ni.dll
MOD - [2010/12/23 16:18:56 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\598a9987f519acb9efe5372a2c556af6\PresentationFramework.Aero.ni.dll
MOD - [2010/12/23 16:18:48 | 014,318,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\eb5ff7b60b69cc300751f46c6af316ad\PresentationFramework.ni.dll
MOD - [2010/12/23 16:18:26 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a937151be4e65fd89c55b4c603f7d902\PresentationCore.ni.dll
MOD - [2010/12/23 16:18:15 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d80659eacd9554d9606881b0d35835cf\WindowsBase.ni.dll
MOD - [2010/12/23 16:17:55 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f92c882fd4e7005c005e208daa04c28d\System.Windows.Forms.ni.dll
MOD - [2010/12/23 16:14:18 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\fdeec42fa02f3d789c42be2e33b130eb\System.Drawing.ni.dll
MOD - [2010/12/23 16:14:04 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3060dfcdecbeb8ee65077fb29b217c3d\System.Xml.ni.dll
MOD - [2010/12/23 16:13:59 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4be2653d1c9804d2ff6e6b66d22764e1\System.Configuration.ni.dll
MOD - [2010/12/23 16:13:55 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\500ddd904b1099f95552a81b54223b7f\System.ni.dll
MOD - [2010/12/23 16:13:47 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f58ab951b57c8526430486dcf7ee38fd\mscorlib.ni.dll
MOD - [2010/09/03 08:28:54 | 000,518,640 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010/08/30 10:34:12 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
========== Services (SafeList) ========== SRV:
64bit: - [2010/09/23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:
64bit: - [2010/03/05 17:26:38 | 001,425,168 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:
64bit: - [2010/03/05 17:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:
64bit: - [2010/03/05 17:06:22 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:
64bit: - [2010/01/23 03:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\WINDOWS\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2009/12/29 21:19:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:
64bit: - [2009/11/18 03:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:
64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2012/10/02 03:32:58 | 000,193,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/10/02 03:32:04 | 005,783,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2011/08/18 16:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/12/23 16:39:43 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/09/04 08:15:22 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/09/04 08:14:26 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/08/26 03:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/07/01 21:10:26 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/07/01 21:10:22 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/06 01:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2012/10/05 03:26:22 | 000,111,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:
64bit: - [2012/10/02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:
64bit: - [2012/09/21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:
64bit: - [2012/09/21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:
64bit: - [2012/09/21 03:45:50 | 000,061,792 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:
64bit: - [2012/09/14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:
64bit: - [2012/09/13 03:11:18 | 000,151,904 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:
64bit: - [2010/12/23 17:58:45 | 000,107,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2010/12/23 17:58:45 | 000,027,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2010/07/31 13:36:38 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:
64bit: - [2010/05/07 20:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:
64bit: - [2010/05/07 11:44:32 | 000,321,584 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2010/04/08 21:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:
64bit: - [2010/03/31 04:58:06 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:
64bit: - [2010/03/31 04:58:06 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:
64bit: - [2010/03/31 04:58:06 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:
64bit: - [2010/03/31 04:58:06 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:
64bit: - [2010/03/31 04:58:06 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:
64bit: - [2010/03/19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2010/03/18 07:21:58 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:
64bit: - [2010/03/04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2010/01/23 03:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:
64bit: - [2010/01/23 02:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2009/12/22 18:18:50 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:
64bit: - [2009/09/17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:
64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/15 20:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:
64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2006/11/01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {F29800FF-99A2-4B70-847E-083AAE212520}
IE:
64bit: - HKLM\..\SearchScopes\{F29800FF-99A2-4B70-847E-083AAE212520}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {49B7F2CE-FDF9-41CA-9C51-A4D3F7E44427}
IE - HKLM\..\SearchScopes\{49B7F2CE-FDF9-41CA-9C51-A4D3F7E44427}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.uk.msn.com/USCON/2IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.uk.msn.com/USCON/2IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\..\SearchScopes,DefaultScope = {49B7F2CE-FDF9-41CA-9C51-A4D3F7E44427}
IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\..\SearchScopes\{E32B0D45-253A-4A95-A838-0366D6035A23}: "URL" =
http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_UK&apn_ptnrs=U3&apn_dtid=OSJ000YYGB&apn_uid=A13E5575-3F6B-4A34-9878-B081740F64F9&apn_sauid=05E4688B-3D31-4DC9-8205-65BB61142126
IE - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ========== CHR - homepage:
http://search.conduit.com/?ctid=CT27866 ... hSource=48CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage:
http://search.conduit.com/?ctid=CT27866 ... hSource=48CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U35 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Stark Tower Defense = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajloilcfnkkocanaalpkhegnnolidlkk\13.4772.3002_0\
CHR - Extension: Angry Birds = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Space Pirates Tower Defence = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnbijdfangicicfejdcfkgjmohndpmlm\1_0\
CHR - Extension: Christmas Mahjong = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmebaamjdfjkhaaifophgklodieiflm\1.0.0.1_0\
CHR - Extension: Halloween Mahjong = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ielpieklegnicibpoklcphmbonpbdknd\1.0.0.1_0\
CHR - Extension: Google Play = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0\
CHR - Extension: Warzone Tower Defense Exhended HD = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfdiebhgbafnfafnnbmdlkmphajbjmpe\2_0\
CHR - Extension: Mini Tower Defense HD = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfoflbgackckppbgjdppcgnfaldppeao\1.0_0\
CHR - Extension: Plants vs Zombies = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjojhkpjopafcfkkgnlfkandjklignon\1.2_0\
CHR - Extension: Plants vs Zombies = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjojhkpjopafcfkkgnlfkandjklignon\1.2_0\.bak
CHR - Extension: Angry Birds = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nllkkflncainlmehooebdaodggehpknh\1.0_0\
CHR - Extension: Kingdoms at War = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\olafoaghbgljknfhglfcaejleecjbchd\0.9_0\
CHR - Extension: Canyon Defense = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkegneoaojpndcfnnglnjcnflcmaegh\1.1_0\
CHR - Extension: Gmail = C:\Users\wre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1198342920-2546925730-1615197809-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:
64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:
64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\wre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:
64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:
64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:
64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:
64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:
64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16:
64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16:
64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADFB36DF-143C-4071-BE54-F19A29810210}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE7C89D3-FEE3-4D65-9CB4-BF6DA0479869}: DhcpNameServer = 18.0.0.1 18.0.0.3
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2012/10/13 11:01:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\wre\Desktop\OTL.exe
[2012/10/13 09:35:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/10/13 09:26:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/10/13 09:26:48 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Local\Google
[2012/10/13 09:23:53 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Local\Apps
[2012/10/13 09:23:52 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Local\Deployment
[2012/10/13 09:18:43 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Roaming\AVG2013
[2012/10/13 09:17:09 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Roaming\TuneUp Software
[2012/10/13 09:17:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/10/13 09:16:51 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/10/13 09:16:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012/10/13 09:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012/10/13 09:01:30 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Roaming\PCDr
[2012/10/13 09:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2012/10/13 08:55:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/10/13 08:55:40 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Local\MFAData
[2012/10/13 08:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/10/13 08:55:40 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Local\Avg2013
[2012/10/13 08:53:25 | 000,000,000 | ---D | C] -- C:\Firefox
[2012/10/13 08:53:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012/10/13 08:44:31 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Roaming\Macromedia
[2012/10/13 08:44:27 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Roaming\Adobe
[2012/10/13 08:41:45 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Roaming\Mozilla
[2012/10/13 08:39:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/10/13 08:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012/10/13 08:37:33 | 000,477,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012/10/13 08:37:32 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/10/13 08:37:32 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/10/13 08:37:32 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/10/13 08:37:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/10/13 08:17:39 | 000,000,000 | ---D | C] -- C:\Users\wre\My Backup Files
[2012/10/13 04:03:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/10/13 02:47:44 | 000,000,000 | ---D | C] -- C:\Windows\SMINST
[2012/10/12 21:17:36 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Roaming\Dell
[2012/10/12 21:17:26 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Local\Stardock_Corporation
[2012/10/12 21:17:21 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Local\Broadcom
[2012/10/12 21:17:21 | 000,000,000 | ---D | C] -- C:\Users\wre\Documents\Bluetooth Exchange Folder
[2012/10/12 21:17:20 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Roaming\Intel
[2012/10/12 21:17:18 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Roaming\Roxio
[2012/10/12 21:17:18 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Roaming\ATI
[2012/10/12 21:17:18 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Local\ATI
[2012/10/12 21:17:02 | 000,000,000 | R--D | C] -- C:\Users\wre\Searches
[2012/10/12 21:17:02 | 000,000,000 | R--D | C] -- C:\Users\wre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/10/12 21:17:02 | 000,000,000 | -H-D | C] -- C:\Users\wre\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/10/12 21:16:54 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Roaming\Identities
[2012/10/12 21:16:52 | 000,000,000 | R--D | C] -- C:\Users\wre\Contacts
[2012/10/12 21:16:51 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/10/12 21:16:42 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/10/12 21:16:42 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/10/12 21:14:45 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Local\VirtualStore
[2012/10/12 21:10:54 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/10/12 21:10:54 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/10/12 21:10:54 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/10/12 21:10:48 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/10/12 21:10:48 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/10/12 21:10:48 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/10/12 21:10:35 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/10/12 21:10:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/10/12 21:04:46 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Local\Dell Edoc Viewer
[2012/10/12 21:04:35 | 000,000,000 | --SD | C] -- C:\Users\wre\AppData\Roaming\Microsoft
[2012/10/12 21:04:35 | 000,000,000 | R--D | C] -- C:\Users\wre\Videos
[2012/10/12 21:04:35 | 000,000,000 | R--D | C] -- C:\Users\wre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/10/12 21:04:35 | 000,000,000 | R--D | C] -- C:\Users\wre\Saved Games
[2012/10/12 21:04:35 | 000,000,000 | R--D | C] -- C:\Users\wre\Pictures
[2012/10/12 21:04:35 | 000,000,000 | R--D | C] -- C:\Users\wre\Music
[2012/10/12 21:04:35 | 000,000,000 | R--D | C] -- C:\Users\wre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/10/12 21:04:35 | 000,000,000 | R--D | C] -- C:\Users\wre\Links
[2012/10/12 21:04:35 | 000,000,000 | R--D | C] -- C:\Users\wre\Favorites
[2012/10/12 21:04:35 | 000,000,000 | R--D | C] -- C:\Users\wre\Downloads
[2012/10/12 21:04:35 | 000,000,000 | R--D | C] -- C:\Users\wre\Documents
[2012/10/12 21:04:35 | 000,000,000 | R--D | C] -- C:\Users\wre\Desktop
[2012/10/12 21:04:35 | 000,000,000 | R--D | C] -- C:\Users\wre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\AppData\Local\Temporary Internet Files
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\Templates
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\Start Menu
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\SendTo
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\Recent
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\PrintHood
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\NetHood
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\Documents\My Videos
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\Documents\My Pictures
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\Documents\My Music
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\My Documents
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\Local Settings
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\AppData\Local\History
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\Cookies
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\Application Data
[2012/10/12 21:04:35 | 000,000,000 | -HSD | C] -- C:\Users\wre\AppData\Local\Application Data
[2012/10/12 21:04:35 | 000,000,000 | -H-D | C] -- C:\Users\wre\AppData
[2012/10/12 21:04:35 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Local\Temp
[2012/10/12 21:04:35 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Local\SoftThinks
[2012/10/12 21:04:35 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Local\Microsoft
[2012/10/12 21:04:35 | 000,000,000 | ---D | C] -- C:\Users\wre\AppData\Roaming\Media Center Programs
[2012/10/05 03:26:22 | 000,111,456 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2012/10/02 03:30:38 | 000,185,696 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2012/09/21 03:46:04 | 000,200,032 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2012/09/21 03:46:00 | 000,225,120 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2012/09/21 03:45:50 | 000,061,792 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2012/09/14 03:05:18 | 000,040,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
========== Files - Modified Within 30 Days ========== [2012/10/13 11:01:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\wre\Desktop\OTL.exe
[2012/10/13 10:47:02 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/13 10:47:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/13 09:27:16 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/13 09:27:16 | 000,619,642 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/13 09:27:16 | 000,107,792 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/13 09:27:16 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/13 09:27:16 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/13 09:19:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/13 09:19:39 | 3111,534,592 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/13 09:02:54 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/10/13 08:37:24 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012/10/13 08:37:24 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/10/13 08:37:24 | 000,157,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/10/13 08:37:24 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/10/13 08:37:24 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/10/13 08:29:06 | 000,001,443 | ---- | M] () -- C:\Users\wre\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/10/13 08:22:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/10/13 04:57:38 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/10/13 04:57:38 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/10/12 21:19:28 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/10/12 21:19:23 | 000,319,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/10/12 21:17:27 | 000,001,984 | ---- | M] () -- C:\Users\wre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2012/10/05 03:26:22 | 000,111,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2012/10/02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2012/09/21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2012/09/21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2012/09/21 03:45:50 | 000,061,792 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2012/09/14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
========== Files Created - No Company Name ========== [2012/10/13 09:26:55 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/13 09:26:54 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/13 08:29:06 | 000,001,443 | ---- | C] () -- C:\Users\wre\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/10/13 08:22:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/10/13 04:03:06 | 3111,534,592 | -HS- | C] () -- C:\hiberfil.sys
[2012/10/12 21:17:27 | 000,001,984 | ---- | C] () -- C:\Users\wre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2012/10/12 21:17:07 | 000,001,415 | ---- | C] () -- C:\Users\wre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/10/12 21:17:03 | 000,001,449 | ---- | C] () -- C:\Users\wre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/10/12 21:16:22 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/10/12 21:16:22 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/10/12 21:04:35 | 000,000,290 | ---- | C] () -- C:\Users\wre\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/10/12 21:04:35 | 000,000,272 | ---- | C] () -- C:\Users\wre\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/12/23 18:06:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/12/23 17:46:10 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/23 16:28:19 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
========== ZeroAccess Check ========== [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2010/12/23 17:58:48 | 014,162,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/12/23 17:58:48 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ========== [2012/10/13 09:18:43 | 000,000,000 | ---D | M] -- C:\Users\wre\AppData\Roaming\AVG2013
[2012/10/13 09:01:30 | 000,000,000 | ---D | M] -- C:\Users\wre\AppData\Roaming\PCDr
[2012/10/13 09:17:09 | 000,000,000 | ---D | M] -- C:\Users\wre\AppData\Roaming\TuneUp Software
========== Purity Check ========== < End of report >
OTL Extras logfile created on: 10/13/2012 11:02:43 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\wre\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.86 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 44.67% Memory free
7.73 Gb Paging File | 5.78 Gb Available in Paging File | 74.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.01 Gb Total Space | 421.60 Gb Free Space | 93.48% Space Free | Partition Type: NTFS
Computer Name: WRE-PC | User Name: wre | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1198342920-2546925730-1615197809-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{18277C95-ADFA-4739-8511-626FD211302F}" = lport=139 | protocol=6 | dir=in | app=system |
"{1F8327C7-A3C7-463C-85F2-31B55685E3FD}" = lport=137 | protocol=17 | dir=in | app=system |
"{351E01AC-73FB-4F72-BCB5-4C2B9E538491}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{38C0BB01-A155-43A2-816E-97BF61174D34}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3CF61CF4-FA2D-4EE7-A6FE-D5326D32ED22}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3D41B0AE-FD7B-44F9-8C76-71938B8D9ED3}" = lport=138 | protocol=17 | dir=in | app=system |
"{41C83425-C3E4-4CAB-9DB2-07EA57B57711}" = lport=445 | protocol=6 | dir=in | app=system |
"{4994D7BD-87E3-4B70-B0D5-21C1502E18CC}" = rport=445 | protocol=6 | dir=out | app=system |
"{4D93289B-0EB1-4511-A64B-E56CB2DDD664}" = lport=10243 | protocol=6 | dir=in | app=system |
"{50E066FA-4A1C-4294-A0B3-77141C789F4D}" = rport=139 | protocol=6 | dir=out | app=system |
"{558DF490-D17A-4671-89E8-E6A5168CB698}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5BBB76BA-8DC6-49AC-9EC7-248C89311A15}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{69BF66F8-430F-495F-B572-67E6334925C3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{728CC898-36CA-4DCE-A29C-A24BDD49B4E8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{72CAA649-0F62-40B4-862D-5AFB697074CF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AE5FE5EE-70F2-4B36-9F75-D0F4A096C8DC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BF974AD4-E19C-48EE-BA85-AEDB9C89FA68}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C04640A1-5708-46ED-A392-B0A7E9F655C9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DE7E4F1B-D390-405E-B2F1-7DE08103C084}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF59252D-D250-4F1F-B955-57E5C6F7BC04}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E50915DD-487B-49C7-9FD3-7B70F2A09046}" = rport=137 | protocol=17 | dir=out | app=system |
"{EAE7DC6A-83BC-44C5-98CD-16B686723912}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F067CD01-D35E-4CFB-8B2A-5652ED8A7D4B}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{031A4074-706A-45D5-B379-730CB8FD3226}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{04814503-3073-4E4B-8425-04881C759D40}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{06BAB036-6BD2-41FB-874D-09469C6AA97C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{20024F39-CCE5-4A8F-9DE1-6C56F7F43E44}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2D795BD6-D591-44F7-966B-E36CDCB69323}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{34EF1D0A-82E1-423D-9D6C-3567BA5AD750}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3EC037F5-2A3D-4168-9601-8DA23F33F282}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3EE17287-1C93-4B04-B206-1488342F5168}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{4A736440-2F87-410E-9834-D0098B9314F1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4C91B049-A7F6-4D18-B1C6-4723EF1B5E4D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{50A9A79F-E0C2-4561-A7AC-ECE64EC8D2A9}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{52BBB545-6EFA-4E51-9D78-3E5E32675C75}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{61E265D8-1E98-41C1-A9BB-F865E9A367AA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{636FC8D1-E50D-4EE9-9388-60355ABB4979}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{64655142-2AA1-4208-BCDC-76B6BE5285E4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{74354F6D-7B25-4E0B-B0D8-3BB1CC079106}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{76268BB9-03DC-419C-8C3A-E62C1BEECF30}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{7C47113E-3316-4581-BADC-2AF816EC5F7F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{84708D17-3DB5-4E49-8350-326429C4AF3D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{895A830D-395C-4766-BD9B-242A669FE9E6}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{90C10D02-87F0-4C37-9F76-2865C2AB49FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{960407AD-6D25-4DD8-B234-F0A03A22B972}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9E2E2B4E-2058-4491-AF94-3B2DCFA83D4C}" = protocol=6 | dir=out | app=system |
"{A47365E0-BEFC-433D-81FB-6ED752F99A6F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{A611D823-D916-4E0B-B79D-3C9E1F1EF5C9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B3299B98-15D9-4A6F-812B-8E80ECC28204}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{B4328A08-75E1-45BE-863C-A9D6ADE69CD1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B8AA689A-6A25-4159-8465-3408B784DD62}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C221B9F0-2A3D-4358-B088-B01B64A913A9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C2732B65-E1BA-4E5D-8B0F-5F6A14906A03}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{CDC937AF-FE69-480C-B7F7-A070D090C721}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{DAA22448-B910-4363-BACB-A0A5BF03A1BB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E52C2C83-72EA-4FC6-931E-B6B6104C70DA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{EC11D28C-03D9-4071-95F3-2B519480D410}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{1A8BA6CE-822D-4888-89E2-ACBF4308F271}" = Intel(R) PROSet/Wireless WiFi Software
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{36C5687D-AA79-4F32-B735-CCEBEC20371A}" = AVG 2013
"{3B6074E5-5823-9363-851C-25F9DDB1E477}" = ccc-utility64
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{92C0E71C-5917-4FF2-9A5E-8BB0E85E0625}" = AVG 2013
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"AVG" = AVG 2013
"Dell Support Center" = Dell Support Center
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1170BEDA-359C-4202-A5BF-CCA919E7B917}" = CCC Help Danish
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19DE6032-D3EE-D664-FA63-452431599161}" = CCC Help Norwegian
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{24BBD0E3-4579-9EF5-6081-DE56129D093A}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{39EFAC6A-639E-3CE3-2B62-EF8518AD8326}" = CCC Help Chinese Traditional
"{3ED3BC2E-141A-BFB0-D48C-E8DDA3A461E7}" = ccc-core-static
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{57B21E43-056F-9E58-8774-20E8A89B5347}" = CCC Help English
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65A30A52-B4CA-006E-8750-8366C9693C77}" = CCC Help Russian
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66C5E9B6-2D87-D7E8-9B8F-BFCAD7105AD1}" = Catalyst Control Center Graphics Previews Common
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{6F3AB64A-CC2D-C533-C5CD-30420E2DC578}" = Skins
"{71E015CC-52DA-4536-AF0C-C643BA1E45FB}" = Catalyst Control Center - Branding
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78AE5FAE-C641-311B-9CC8-CEBB87FAF795}" = CCC Help Japanese
"{7BCA9417-A611-CC28-9471-6250EC9666EB}" = Catalyst Control Center Graphics Full Existing
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C28F118-03B5-4756-F83C-C31C851D1FF3}" = CCC Help Chinese Standard
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9569E6BC-326A-432F-97AB-35263A327BF1}" = Roxio Burn
"{95E58BA1-2E10-B49E-283C-3C170C098149}" = CCC Help Dutch
"{9635D462-1B39-E171-BA1C-32A036572251}" = CCC Help Spanish
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A4147C0B-A939-B87E-A6AB-71837A52AFEC}" = Catalyst Control Center Core Implementation
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8ACDFFF-093C-8898-E1B8-9388277CD805}" = CCC Help Portuguese
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.2
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B47669BF-36B7-B33B-69C9-A2E7AAA36017}" = CCC Help German
"{C52D6FF6-308B-2395-72EE-CA72216F8618}" = CCC Help Korean
"{C5422D6A-6CC4-82CA-C28F-249DC0C846B5}" = Catalyst Control Center Graphics Full New
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEC73671-6AFB-CC2B-203B-2A00E8901755}" = Catalyst Control Center Graphics Previews Vista
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7058431-BC8D-71B7-136F-6FFA32C5C7C2}" = CCC Help Swedish
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECBA603F-259F-9C33-85DE-0D7E3FCAB407}" = CCC Help Finnish
"{EE14D3B8-D4A6-EEC6-A37E-FC77CBF6A5FE}" = CCC Help Italian
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26E3E58-D6E5-3C61-7A7C-20D61017C26A}" = CCC Help French
"{FB9F4BEA-283B-18FA-3DA4-B757214528F3}" = Catalyst Control Center Localization All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE6D5F28-4C11-4197-66CA-48AA4AECD833}" = Catalyst Control Center Graphics Light
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1198342920-2546925730-1615197809-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 10/13/2012 4:00:20 AM | Computer Name = wre-PC | Source = PC-Doctor | ID = 1
Description = (5036) Asapi: (09:00:20:0560)(5036) libAsapi.DynamicLoadedPlugin -
Error -- 64 Unable to load library 'S3LogPusher.dll'
Error - 10/13/2012 4:00:20 AM | Computer Name = wre-PC | Source = PC-Doctor | ID = 1
Description = (5036) Asapi: (09:00:20:2590)(5036) Asapi.State - Error -- 123 Plugin
S3LogPusher.dll failed to load.
Error - 10/13/2012 4:01:29 AM | Computer Name = wre-PC | Source = PC-Doctor | ID = 1
Description = (5036) Asapi: (09:01:29:7270)(5036) libMatrix.profiler.ProfilerSnapshots
- Error -- 348 getDirectoryContents(C:\ProgramData\PCDr/hardware) failed
Error - 10/13/2012 4:01:29 AM | Computer Name = wre-PC | Source = PC-Doctor | ID = 1
Description = (5036) Asapi: (09:01:29:7350)(5036) libMatrix.profiler.ProfilerSnapshots
- Error -- 439 getDirectoryContents(C:\ProgramData\PCDr/hardware) failed
Error - 10/13/2012 4:01:29 AM | Computer Name = wre-PC | Source = PC-Doctor | ID = 1
Description = (5036) Asapi: (09:01:29:8270)(5036) libMatrix.profiler.ProfilerSnapshots
- Error -- 348 getDirectoryContents(C:\ProgramData\PCDr/software) failed
Error - 10/13/2012 4:01:29 AM | Computer Name = wre-PC | Source = PC-Doctor | ID = 1
Description = (5036) Asapi: (09:01:29:8280)(5036) libMatrix.profiler.ProfilerSnapshots
- Error -- 439 getDirectoryContents(C:\ProgramData\PCDr/software) failed
Error - 10/13/2012 4:01:29 AM | Computer Name = wre-PC | Source = PC-Doctor | ID = 1
Description = (5036) Asapi: (09:01:29:8540)(5036) libMatrix.profiler.ProfilerSnapshots
- Error -- 348 getDirectoryContents(C:\ProgramData\PCDr/smartdata) failed
Error - 10/13/2012 4:01:29 AM | Computer Name = wre-PC | Source = PC-Doctor | ID = 1
Description = (5036) Asapi: (09:01:29:8540)(5036) libMatrix.profiler.ProfilerSnapshots
- Error -- 439 getDirectoryContents(C:\ProgramData\PCDr/smartdata) failed
Error - 10/13/2012 4:01:29 AM | Computer Name = wre-PC | Source = PC-Doctor | ID = 1
Description = (5036) Asapi: (09:01:29:8570)(5036) libMatrix.profiler.ProfilerSnapshots
- Error -- 348 getDirectoryContents(C:\ProgramData\PCDr/performance) failed
Error - 10/13/2012 4:01:29 AM | Computer Name = wre-PC | Source = PC-Doctor | ID = 1
Description = (5036) Asapi: (09:01:29:8580)(5036) libMatrix.profiler.ProfilerSnapshots
- Error -- 439 getDirectoryContents(C:\ProgramData\PCDr/performance) failed
[ Dell Events ]
Error - 10/13/2012 3:17:35 AM | Computer Name = wre-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
[ System Events ]
Error - 10/12/2012 5:22:19 PM | Computer Name = wre-PC | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.
Error - 10/13/2012 3:50:34 AM | Computer Name = wre-PC | Source = Service Control Manager | ID = 7034
Description = The SoftThinks Agent Service service terminated unexpectedly. It
has done this 1 time(s).
Error - 10/13/2012 4:18:57 AM | Computer Name = wre-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5
Error - 10/13/2012 4:19:55 AM | Computer Name = wre-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5
Error - 10/13/2012 4:20:02 AM | Computer Name = wre-PC | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5
< End of report >