Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
FBI ransomeware help
Message
<blockquote data-quote="mmaikeru" data-source="post: 124154" data-attributes="member: 8869"><p>OTL Extras logfile created on: 6/7/2013 11:51:59 AM - Run 1</p><p>OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Upstairs computer\Downloads</p><p>Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation</p><p>Internet Explorer (Version = 8.0.6001.18999)</p><p>Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy</p><p> </p><p>3.00 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 66.32% Memory free</p><p>6.20 Gb Paging File | 5.16 Gb Available in Paging File | 83.27% Paging File free</p><p>Paging file location(s): ?:\pagefile.sys [binary data]</p><p> </p><p>%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files</p><p>Drive C: | 136.05 Gb Total Space | 57.35 Gb Free Space | 42.15% Space Free | Partition Type: NTFS</p><p>Drive D: | 583.05 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS</p><p> </p><p>Computer Name: UPSTAIRS | User Name: WALL_E_Machine | Logged in as Administrator.</p><p>Boot Mode: Normal | Scan Mode: Current user</p><p>Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days</p><p> </p><p><span style="color: #E56717">========== Extra Registry (SafeList) ==========</span></p><p> </p><p> </p><p><span style="color: #E56717">========== File Associations ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]</p><p>.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)</p><p>.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)</p><p> </p><p><span style="color: #E56717">========== Shell Spawning ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]</p><p>batfile [open] -- "%1" %*</p><p>cmdfile [open] -- "%1" %*</p><p>comfile [open] -- "%1" %*</p><p>cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)</p><p>exefile [open] -- "%1" %*</p><p>helpfile [open] -- Reg Error: Key error.</p><p>hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)</p><p>inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)</p><p>piffile [open] -- "%1" %*</p><p>regfile [merge] -- Reg Error: Key error.</p><p>scrfile [config] -- "%1"</p><p>scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l</p><p>scrfile [open] -- "%1" /S</p><p>txtfile [edit] -- Reg Error: Key error.</p><p>Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1</p><p>Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)</p><p>Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)</p><p>Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)</p><p>Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)</p><p>Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)</p><p> </p><p><span style="color: #E56717">========== Security Center Settings ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]</p><p>"cval" = 1</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]</p><p>"AntiVirusOverride" = 0</p><p>"AntiSpywareOverride" = 0</p><p>"FirewallOverride" = 0</p><p>"VistaSp1" = Reg Error: Unknown registry data type -- File not found</p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]</p><p> </p><p><span style="color: #E56717">========== Firewall Settings ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]</p><p>"EnableFirewall" = 0</p><p>"DisableNotifications" = 0</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]</p><p>"EnableFirewall" = 0</p><p>"DisableNotifications" = 0</p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]</p><p>"EnableFirewall" = 0</p><p>"DisableNotifications" = 0</p><p> </p><p><span style="color: #E56717">========== Authorized Applications List ==========</span></p><p> </p><p> </p><p><span style="color: #E56717">========== Vista Active Open Ports Exception List ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]</p><p>"{132C0866-EA1B-4C22-B406-F59F9F50F887}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | </p><p>"{3EF15C61-5FDA-4ADB-B075-8CE9C4172E93}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | </p><p>"{448F2443-5419-4C95-8376-9D415350E738}" = lport=138 | protocol=17 | dir=in | app=system | </p><p>"{5CF0E473-20C0-459D-A04B-FB882DA33FDD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | </p><p>"{663D4056-21CF-428A-8482-02AAB9B3E22C}" = lport=137 | protocol=17 | dir=in | app=system | </p><p>"{79FFCC95-75AC-4F4E-A41F-E316732452E3}" = rport=138 | protocol=17 | dir=out | app=system | </p><p>"{87F184C2-3ECB-4DDD-97FD-1BC8A2BB378E}" = lport=445 | protocol=6 | dir=in | app=system | </p><p>"{8AB212A4-919E-48E7-9213-F39FCCC3C703}" = rport=137 | protocol=17 | dir=out | app=system | </p><p>"{95D3B83D-39BC-44C3-9760-C6DF6D012D9C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | </p><p>"{B82B8DEE-B8BB-4779-BD27-B29B3F4F27E6}" = lport=139 | protocol=6 | dir=in | app=system | </p><p>"{D3F4D7E5-88DD-45FF-8417-74E58AF1282C}" = rport=139 | protocol=6 | dir=out | app=system | </p><p>"{DD2F7BA0-94DC-49B6-BFFA-2880990944EF}" = rport=445 | protocol=6 | dir=out | app=system | </p><p>"{EF10F2ED-8101-4456-BDC4-3C13616D915E}" = lport=2869 | protocol=6 | dir=in | app=system | </p><p> </p><p><span style="color: #E56717">========== Vista Active Application Exception List ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]</p><p>"{00D8135C-B6E2-471A-A2A3-30A312F6D43F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | </p><p>"{0119D704-146F-4134-BACA-BEC6D49A6BF9}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | </p><p>"{0BE69BD7-3880-4328-B804-B803651F3BF0}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | </p><p>"{1423F8F3-3E55-4251-A966-5A48738FCFD5}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | </p><p>"{1FCC71B3-8206-4D1B-9EDB-35C404E98440}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | </p><p>"{26328B94-F200-45FF-803B-60F027CDE63B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | </p><p>"{2778C178-494C-4FD2-85B8-BF1E87B2A800}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe | </p><p>"{2967839C-C33B-48B9-8EF4-A4EB78BE04FF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | </p><p>"{2BD6E723-E848-4BB2-BEED-268472765DF4}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | </p><p>"{2F6A9D3D-6641-431C-9325-BF1090DA63F9}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | </p><p>"{33416A3B-6A35-4172-B9CC-649B4A0BFCDC}" = dir=in | app=c:\program files\skype\phone\skype.exe | </p><p>"{42D18F2C-36CF-4D3B-BFED-B379714348C0}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of mythology\aomx.exe | </p><p>"{5F874A84-DA44-4669-8D59-C19116F01B18}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | </p><p>"{7522DC56-3BFE-4440-B700-190BB68271E2}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | </p><p>"{82345E63-93E1-4581-894B-985609B40AFF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | </p><p>"{8E8D0710-FB89-45F1-93F6-28C832583EF0}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe | </p><p>"{913BE182-3CCC-4D34-9BCC-795FE29CC14F}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | </p><p>"{9321DC5E-A171-443A-A4FA-56C63D0B3956}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | </p><p>"{A046FF93-C82E-468D-99D9-EB6AAF58A8E6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | </p><p>"{A7AE32E1-295E-4660-891F-6C9900E416D8}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | </p><p>"{C644A2D7-FD83-4651-9F3F-AFAF718FB03B}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | </p><p>"{C97E4A7B-5F63-439B-B186-18AC1F650FD3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | </p><p>"{D074946B-BB42-44C4-9D17-6A82B070C8E5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | </p><p>"{DC6AFFF4-BD80-4B77-88BC-008BC0599B44}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | </p><p>"{E4DD6134-F93C-41AB-A83C-3CE952D85075}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of mythology\aomx.exe | </p><p>"{F1E8285B-E4A1-47DC-BA5D-DD6D2CF23A96}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | </p><p>"TCP Query User{9F17FD20-8B27-4603-AD01-F9DAFFB9B7DA}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd | </p><p>"TCP Query User{FEC3420A-5BDE-40AD-BF2C-D85E8526C16B}C:\windows\lmi65f5.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\windows\lmi65f5.tmp\lmi_rescue.exe | </p><p>"UDP Query User{061A3D26-13C8-453B-8006-648B1B7BE2FB}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd | </p><p>"UDP Query User{86798896-D991-4226-BEF1-72064902B90D}C:\windows\lmi65f5.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\windows\lmi65f5.tmp\lmi_rescue.exe | </p><p> </p><p><span style="color: #E56717">========== HKEY_LOCAL_MACHINE Uninstall List ==========</span></p><p> </p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]</p><p>"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR</p><p>"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser</p><p>"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call</p><p>"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals</p><p>"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour</p><p>"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger</p><p>"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support</p><p>"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs</p><p>"{1EF75089-392B-4771-B791-17316E27EBA6}" = Real War Rogue States</p><p>"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool</p><p>"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls</p><p>"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT</p><p>"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer</p><p>"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 29</p><p>"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5</p><p>"{3408E5D6-4925-4496-AB67-AB8643C3685C}_is1" = Mouse and Keyboard Recorder 3.2.2.8</p><p>"{36C97B5B-5593-45B8-B50E-DAD87036BD9D}" = Microsoft LifeCam</p><p>"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile</p><p>"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go</p><p>"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater</p><p>"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update</p><p>"{505DF7A3-88D5-4DD6-9AD5-C98C2ED0CEC4}" = Windows Live Sign-in Assistant</p><p>"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter</p><p>"{582E9125-32B6-4CBA-AB48-3E33CE3DB389}" = NETGEAR RangeMax(TM) Wireless USB 2.0 Adapter WPN111</p><p>"{5E6ACA2E-60D5-461C-8FD3-04BA9C174B27}_is1" = Mouse Recorder Pro 1.3</p><p>"{5FCA3E78-219B-457B-8316-2C906EA0A91D}" = Recorder</p><p>"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail</p><p>"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works</p><p>"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update</p><p>"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer</p><p>"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable</p><p>"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com</p><p>"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security</p><p>"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III</p><p>"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management</p><p>"{8524BBAC-E3A7-42F5-9B9A-5AE50A10C500}" = Belkin USB Wireless Adaptor</p><p>"{85BF0E64-6ABB-4EA1-A026-A3DEA6554A60}" = Do It Again</p><p>"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard</p><p>"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007</p><p>"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)</p><p>"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007</p><p>"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)</p><p>"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007</p><p>"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007</p><p>"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007</p><p>"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)</p><p>"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007</p><p>"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)</p><p>"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007</p><p>"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)</p><p>"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007</p><p>"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)</p><p>"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system</p><p>"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007</p><p>"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007</p><p>"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)</p><p>"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007</p><p>"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)</p><p>"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007</p><p>"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)</p><p>"{90EC11E4-854E-4C0F-9B4C-76D6C7CF7C68}" = Linksys WUSB600N Dual-Band Wireless-N USB Network Adapter</p><p>"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007</p><p>"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)</p><p>"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007</p><p>"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)</p><p>"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting</p><p>"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars</p><p>"{9BC6AB96-3613-4676-ABE8-4B7F55D7D8E7}" = DriverUpdate</p><p>"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime</p><p>"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe</p><p>"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper</p><p>"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support</p><p>"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9</p><p>"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation</p><p>"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint</p><p>"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1</p><p>"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1</p><p>"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials</p><p>"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer</p><p>"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant</p><p>"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes</p><p>"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]</p><p>"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver</p><p>"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform</p><p>"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery</p><p>"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync</p><p>"Adobe AIR" = Adobe AIR</p><p>"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX</p><p>"Adobe Shockwave Player" = Adobe Shockwave Player 11.5</p><p>"Age of Empires 2.0" = Microsoft Age of Empires II</p><p>"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion</p><p>"Age of Mythology Expansion Pack 1.0" = Age of Mythology Gold</p><p>"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem</p><p>"BFlix" = BFlix</p><p>"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com</p><p>"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner</p><p>"Google Chrome" = Google Chrome</p><p>"Google Desktop" = Google Desktop</p><p>"HOMESTUDENTR" = Microsoft Office Home and Student 2007</p><p>"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals</p><p>"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs</p><p>"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter</p><p>"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III</p><p>"InstallShield_{8524BBAC-E3A7-42F5-9B9A-5AE50A10C500}" = Belkin USB Wireless Adaptor</p><p>"InstallShield_{90EC11E4-854E-4C0F-9B4C-76D6C7CF7C68}" = Linksys Dual-Band Wireless-N USB Network Adapter</p><p>"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300</p><p>"McAfee Security Scan" = McAfee Security Scan</p><p>"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1</p><p>"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile</p><p>"MS Access 97 SP2" = MS Access 97 SP2</p><p>"NIS" = Norton Internet Security</p><p>"Norton Utilities_is1" = Norton Utilities</p><p>"NVIDIA Drivers" = NVIDIA Drivers</p><p>"Risk" = Risk</p><p>"ShadowExplorer_is1" = ShadowExplorer 0.8</p><p>"SimCity 3000 Unlimited" = SimCity 3000 Unlimited</p><p>"SMALLBUSINESSR" = Microsoft Office Small Business 2007</p><p>"WildTangent emachines Master Uninstall" = eMachines Games</p><p>"WinLiveSuite_Wave3" = Windows Live Essentials</p><p> </p><p><span style="color: #E56717">========== HKEY_CURRENT_USER Uninstall List ==========</span></p><p> </p><p>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]</p><p>"2a7a433177cfa3a6" = Macro Recorder</p><p>"Applet" = Applet</p><p>"Color Vision" = Color Vision</p><p>"Yahoo! BrowserPlus" = Yahoo! BrowserPlus</p><p> </p><p><span style="color: #E56717">========== Last 20 Event Log Errors ==========</span></p><p> </p><p>[ Application Events ]</p><p>Error - 4/30/2013 1:07:44 AM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000</p><p>Description = Faulting application iexplore.exe, version 8.0.6001.18999, time stamp</p><p> 0x4ccf92fb, faulting module mshtml.dll, version 8.0.6001.18999, time stamp 0x4ccfa8d4,</p><p> exception code 0xc0000005, fault offset 0x00095a22, process id 0x1630, application</p><p> start time 0x01ce456091b164b0.</p><p> </p><p>Error - 5/5/2013 12:01:09 PM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000</p><p>Description = Faulting application rundll32.exe, version 6.0.6000.16386, time stamp</p><p> 0x4549b0e1, faulting module NvCpl.dll, version 7.15.11.8120, time stamp 0x4954aa1a,</p><p> exception code 0xc0000005, fault offset 0x000e6f04, process id 0xea0, application</p><p> start time 0x01ce49a9b8c0b8d2.</p><p> </p><p>Error - 5/5/2013 12:01:22 PM | Computer Name = UPSTAIRS | Source = WinMgmt | ID = 10</p><p>Description = </p><p> </p><p>Error - 5/14/2013 12:32:18 AM | Computer Name = UPSTAIRS | Source = Windows Search Service | ID = 3013</p><p>Description = </p><p> </p><p>Error - 5/15/2013 3:58:56 PM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000</p><p>Description = Faulting application iexplore.exe, version 8.0.6001.18999, time stamp</p><p> 0x4ccf92fb, faulting module ntdll.dll, version 6.0.6001.18000, time stamp 0x4791a7a6,</p><p> exception code 0xc0000005, fault offset 0x000659c3, process id 0x107c, application</p><p> start time 0x01ce51a5d259b070.</p><p> </p><p>Error - 5/18/2013 10:04:24 PM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000</p><p>Description = Faulting application iexplore.exe, version 8.0.6001.18999, time stamp</p><p> 0x4ccf92fb, faulting module ntdll.dll, version 6.0.6001.18000, time stamp 0x4791a7a6,</p><p> exception code 0xc0000005, fault offset 0x000659c3, process id 0x1090, application</p><p> start time 0x01ce5434e533e8a0.</p><p> </p><p>Error - 5/19/2013 12:34:47 AM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000</p><p>Description = Faulting application rundll32.exe, version 6.0.6000.16386, time stamp</p><p> 0x4549b0e1, faulting module NvCpl.dll, version 7.15.11.8120, time stamp 0x4954aa1a,</p><p> exception code 0xc0000005, fault offset 0x000e6f04, process id 0xefc, application</p><p> start time 0x01ce544a2e6714ab.</p><p> </p><p>Error - 5/19/2013 12:34:48 AM | Computer Name = UPSTAIRS | Source = WinMgmt | ID = 10</p><p>Description = </p><p> </p><p>Error - 5/27/2013 7:51:17 AM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000</p><p>Description = Faulting application iexplore.exe, version 8.0.6001.18999, time stamp</p><p> 0x4ccf92fb, faulting module IEShims.dll, version 8.0.6001.18999, time stamp 0x4ccfa85d,</p><p> exception code 0xc0000005, fault offset 0x00021e16, process id 0x1f44, application</p><p> start time 0x01ce5ad07ed97140.</p><p> </p><p>Error - 5/27/2013 9:09:26 AM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000</p><p>Description = Faulting application iexplore.exe, version 8.0.6001.18999, time stamp</p><p> 0x4ccf92fb, faulting module IEShims.dll, version 8.0.6001.18999, time stamp 0x4ccfa85d,</p><p> exception code 0xc0000005, fault offset 0x00021e16, process id 0x1cf8, application</p><p> start time 0x01ce5adb69d30da0.</p><p> </p><p>[ OSession Events ]</p><p>Error - 4/9/2013 11:49:35 PM | Computer Name = UPSTAIRS | Source = Microsoft Office 12 Sessions | ID = 7001</p><p>Description = ID: 0, Application Name: Microsoft Office Word, Application Version:</p><p> 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 172558</p><p> seconds with 1740 seconds of active time. This session ended with a crash.</p><p> </p><p>[ System Events ]</p><p>Error - 6/7/2013 2:40:50 PM | Computer Name = UPSTAIRS | Source = DCOM | ID = 10005</p><p>Description = </p><p> </p><p>Error - 6/7/2013 2:40:57 PM | Computer Name = UPSTAIRS | Source = DCOM | ID = 10005</p><p>Description = </p><p> </p><p>Error - 6/7/2013 2:41:04 PM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7001</p><p>Description = </p><p> </p><p>Error - 6/7/2013 2:41:04 PM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7026</p><p>Description = </p><p> </p><p>Error - 6/7/2013 2:43:48 PM | Computer Name = UPSTAIRS | Source = HTTP | ID = 15016</p><p>Description = </p><p> </p><p>Error - 6/7/2013 2:44:19 PM | Computer Name = UPSTAIRS | Source = Dhcp | ID = 1002</p><p>Description = The IP address lease 192.168.1.164 for the Network Card with network</p><p> address 08863B94B521 has been denied by the DHCP server 192.168.1.1 (The DHCP Server</p><p> sent a DHCPNACK message).</p><p> </p><p>Error - 6/7/2013 2:45:22 PM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7000</p><p>Description = </p><p> </p><p>Error - 6/7/2013 2:45:22 PM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7026</p><p>Description = </p><p> </p><p>Error - 6/7/2013 2:45:56 PM | Computer Name = UPSTAIRS | Source = Dhcp | ID = 1002</p><p>Description = The IP address lease 192.168.1.2 for the Network Card with network</p><p> address 08863B94B521 has been denied by the DHCP server 192.168.1.1 (The DHCP Server</p><p> sent a DHCPNACK message).</p><p> </p><p>Error - 6/7/2013 2:58:53 PM | Computer Name = UPSTAIRS | Source = W32Time | ID = 39452706</p><p>Description = The time service has detected that the system time needs to be changed</p><p> by +86345 seconds. The time service will not change the system time by more than</p><p> +54000 seconds. Verify that your time and time zone are correct, and that the time</p><p> source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->64.4.10.33:123) is working </p><p>properly.</p><p> </p><p> </p><p>< End of report ></p></blockquote><p></p>
[QUOTE="mmaikeru, post: 124154, member: 8869"] OTL Extras logfile created on: 6/7/2013 11:51:59 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Upstairs computer\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18999) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 66.32% Memory free 6.20 Gb Paging File | 5.16 Gb Available in Paging File | 83.27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 136.05 Gb Total Space | 57.35 Gb Free Space | 42.15% Space Free | Partition Type: NTFS Drive D: | 583.05 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: UPSTAIRS | User Name: WALL_E_Machine | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{132C0866-EA1B-4C22-B406-F59F9F50F887}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{3EF15C61-5FDA-4ADB-B075-8CE9C4172E93}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{448F2443-5419-4C95-8376-9D415350E738}" = lport=138 | protocol=17 | dir=in | app=system | "{5CF0E473-20C0-459D-A04B-FB882DA33FDD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{663D4056-21CF-428A-8482-02AAB9B3E22C}" = lport=137 | protocol=17 | dir=in | app=system | "{79FFCC95-75AC-4F4E-A41F-E316732452E3}" = rport=138 | protocol=17 | dir=out | app=system | "{87F184C2-3ECB-4DDD-97FD-1BC8A2BB378E}" = lport=445 | protocol=6 | dir=in | app=system | "{8AB212A4-919E-48E7-9213-F39FCCC3C703}" = rport=137 | protocol=17 | dir=out | app=system | "{95D3B83D-39BC-44C3-9760-C6DF6D012D9C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{B82B8DEE-B8BB-4779-BD27-B29B3F4F27E6}" = lport=139 | protocol=6 | dir=in | app=system | "{D3F4D7E5-88DD-45FF-8417-74E58AF1282C}" = rport=139 | protocol=6 | dir=out | app=system | "{DD2F7BA0-94DC-49B6-BFFA-2880990944EF}" = rport=445 | protocol=6 | dir=out | app=system | "{EF10F2ED-8101-4456-BDC4-3C13616D915E}" = lport=2869 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00D8135C-B6E2-471A-A2A3-30A312F6D43F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{0119D704-146F-4134-BACA-BEC6D49A6BF9}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | "{0BE69BD7-3880-4328-B804-B803651F3BF0}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{1423F8F3-3E55-4251-A966-5A48738FCFD5}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | "{1FCC71B3-8206-4D1B-9EDB-35C404E98440}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{26328B94-F200-45FF-803B-60F027CDE63B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{2778C178-494C-4FD2-85B8-BF1E87B2A800}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe | "{2967839C-C33B-48B9-8EF4-A4EB78BE04FF}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{2BD6E723-E848-4BB2-BEED-268472765DF4}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | "{2F6A9D3D-6641-431C-9325-BF1090DA63F9}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | "{33416A3B-6A35-4172-B9CC-649B4A0BFCDC}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{42D18F2C-36CF-4D3B-BFED-B379714348C0}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of mythology\aomx.exe | "{5F874A84-DA44-4669-8D59-C19116F01B18}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{7522DC56-3BFE-4440-B700-190BB68271E2}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | "{82345E63-93E1-4581-894B-985609B40AFF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{8E8D0710-FB89-45F1-93F6-28C832583EF0}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3x.exe | "{913BE182-3CCC-4D34-9BCC-795FE29CC14F}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | "{9321DC5E-A171-443A-A4FA-56C63D0B3956}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "{A046FF93-C82E-468D-99D9-EB6AAF58A8E6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A7AE32E1-295E-4660-891F-6C9900E416D8}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | "{C644A2D7-FD83-4651-9F3F-AFAF718FB03B}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | "{C97E4A7B-5F63-439B-B186-18AC1F650FD3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{D074946B-BB42-44C4-9D17-6A82B070C8E5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{DC6AFFF4-BD80-4B77-88BC-008BC0599B44}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{E4DD6134-F93C-41AB-A83C-3CE952D85075}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of mythology\aomx.exe | "{F1E8285B-E4A1-47DC-BA5D-DD6D2CF23A96}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | "TCP Query User{9F17FD20-8B27-4603-AD01-F9DAFFB9B7DA}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd | "TCP Query User{FEC3420A-5BDE-40AD-BF2C-D85E8526C16B}C:\windows\lmi65f5.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\windows\lmi65f5.tmp\lmi_rescue.exe | "UDP Query User{061A3D26-13C8-453B-8006-648B1B7BE2FB}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd | "UDP Query User{86798896-D991-4226-BEF1-72064902B90D}C:\windows\lmi65f5.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\windows\lmi65f5.tmp\lmi_rescue.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call "{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support "{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs "{1EF75089-392B-4771-B791-17316E27EBA6}" = Real War Rogue States "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 29 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3408E5D6-4925-4496-AB67-AB8643C3685C}_is1" = Mouse and Keyboard Recorder 3.2.2.8 "{36C97B5B-5593-45B8-B50E-DAD87036BD9D}" = Microsoft LifeCam "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update "{505DF7A3-88D5-4DD6-9AD5-C98C2ED0CEC4}" = Windows Live Sign-in Assistant "{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter "{582E9125-32B6-4CBA-AB48-3E33CE3DB389}" = NETGEAR RangeMax(TM) Wireless USB 2.0 Adapter WPN111 "{5E6ACA2E-60D5-461C-8FD3-04BA9C174B27}_is1" = Mouse Recorder Pro 1.3 "{5FCA3E78-219B-457B-8316-2C906EA0A91D}" = Recorder "{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail "{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security "{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III "{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management "{8524BBAC-E3A7-42F5-9B9A-5AE50A10C500}" = Belkin USB Wireless Adaptor "{85BF0E64-6ABB-4EA1-A026-A3DEA6554A60}" = Do It Again "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90EC11E4-854E-4C0F-9B4C-76D6C7CF7C68}" = Linksys WUSB600N Dual-Band Wireless-N USB Network Adapter "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007 "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9BC6AB96-3613-4676-ABE8-4B7F55D7D8E7}" = DriverUpdate "{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime "{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials "{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform "{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery "{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Age of Empires 2.0" = Microsoft Age of Empires II "Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion "Age of Mythology Expansion Pack 1.0" = Age of Mythology Gold "Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem "BFlix" = BFlix "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner "Google Chrome" = Google Chrome "Google Desktop" = Google Desktop "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals "InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs "InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter "InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III "InstallShield_{8524BBAC-E3A7-42F5-9B9A-5AE50A10C500}" = Belkin USB Wireless Adaptor "InstallShield_{90EC11E4-854E-4C0F-9B4C-76D6C7CF7C68}" = Linksys Dual-Band Wireless-N USB Network Adapter "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "McAfee Security Scan" = McAfee Security Scan "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "MS Access 97 SP2" = MS Access 97 SP2 "NIS" = Norton Internet Security "Norton Utilities_is1" = Norton Utilities "NVIDIA Drivers" = NVIDIA Drivers "Risk" = Risk "ShadowExplorer_is1" = ShadowExplorer 0.8 "SimCity 3000 Unlimited" = SimCity 3000 Unlimited "SMALLBUSINESSR" = Microsoft Office Small Business 2007 "WildTangent emachines Master Uninstall" = eMachines Games "WinLiveSuite_Wave3" = Windows Live Essentials [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "2a7a433177cfa3a6" = Macro Recorder "Applet" = Applet "Color Vision" = Color Vision "Yahoo! BrowserPlus" = Yahoo! BrowserPlus [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 4/30/2013 1:07:44 AM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18999, time stamp 0x4ccf92fb, faulting module mshtml.dll, version 8.0.6001.18999, time stamp 0x4ccfa8d4, exception code 0xc0000005, fault offset 0x00095a22, process id 0x1630, application start time 0x01ce456091b164b0. Error - 5/5/2013 12:01:09 PM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000 Description = Faulting application rundll32.exe, version 6.0.6000.16386, time stamp 0x4549b0e1, faulting module NvCpl.dll, version 7.15.11.8120, time stamp 0x4954aa1a, exception code 0xc0000005, fault offset 0x000e6f04, process id 0xea0, application start time 0x01ce49a9b8c0b8d2. Error - 5/5/2013 12:01:22 PM | Computer Name = UPSTAIRS | Source = WinMgmt | ID = 10 Description = Error - 5/14/2013 12:32:18 AM | Computer Name = UPSTAIRS | Source = Windows Search Service | ID = 3013 Description = Error - 5/15/2013 3:58:56 PM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18999, time stamp 0x4ccf92fb, faulting module ntdll.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000005, fault offset 0x000659c3, process id 0x107c, application start time 0x01ce51a5d259b070. Error - 5/18/2013 10:04:24 PM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18999, time stamp 0x4ccf92fb, faulting module ntdll.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000005, fault offset 0x000659c3, process id 0x1090, application start time 0x01ce5434e533e8a0. Error - 5/19/2013 12:34:47 AM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000 Description = Faulting application rundll32.exe, version 6.0.6000.16386, time stamp 0x4549b0e1, faulting module NvCpl.dll, version 7.15.11.8120, time stamp 0x4954aa1a, exception code 0xc0000005, fault offset 0x000e6f04, process id 0xefc, application start time 0x01ce544a2e6714ab. Error - 5/19/2013 12:34:48 AM | Computer Name = UPSTAIRS | Source = WinMgmt | ID = 10 Description = Error - 5/27/2013 7:51:17 AM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18999, time stamp 0x4ccf92fb, faulting module IEShims.dll, version 8.0.6001.18999, time stamp 0x4ccfa85d, exception code 0xc0000005, fault offset 0x00021e16, process id 0x1f44, application start time 0x01ce5ad07ed97140. Error - 5/27/2013 9:09:26 AM | Computer Name = UPSTAIRS | Source = Application Error | ID = 1000 Description = Faulting application iexplore.exe, version 8.0.6001.18999, time stamp 0x4ccf92fb, faulting module IEShims.dll, version 8.0.6001.18999, time stamp 0x4ccfa85d, exception code 0xc0000005, fault offset 0x00021e16, process id 0x1cf8, application start time 0x01ce5adb69d30da0. [ OSession Events ] Error - 4/9/2013 11:49:35 PM | Computer Name = UPSTAIRS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 172558 seconds with 1740 seconds of active time. This session ended with a crash. [ System Events ] Error - 6/7/2013 2:40:50 PM | Computer Name = UPSTAIRS | Source = DCOM | ID = 10005 Description = Error - 6/7/2013 2:40:57 PM | Computer Name = UPSTAIRS | Source = DCOM | ID = 10005 Description = Error - 6/7/2013 2:41:04 PM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7001 Description = Error - 6/7/2013 2:41:04 PM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7026 Description = Error - 6/7/2013 2:43:48 PM | Computer Name = UPSTAIRS | Source = HTTP | ID = 15016 Description = Error - 6/7/2013 2:44:19 PM | Computer Name = UPSTAIRS | Source = Dhcp | ID = 1002 Description = The IP address lease 192.168.1.164 for the Network Card with network address 08863B94B521 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). Error - 6/7/2013 2:45:22 PM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7000 Description = Error - 6/7/2013 2:45:22 PM | Computer Name = UPSTAIRS | Source = Service Control Manager | ID = 7026 Description = Error - 6/7/2013 2:45:56 PM | Computer Name = UPSTAIRS | Source = Dhcp | ID = 1002 Description = The IP address lease 192.168.1.2 for the Network Card with network address 08863B94B521 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). Error - 6/7/2013 2:58:53 PM | Computer Name = UPSTAIRS | Source = W32Time | ID = 39452706 Description = The time service has detected that the system time needs to be changed by +86345 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->64.4.10.33:123) is working properly. < End of report > [/QUOTE]
Insert quotes…
Verification
Post reply
Top