Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rapidly Slowing Computer


  • This topic is locked This topic is locked
30 replies to this topic

#1 shark13

shark13

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 10 July 2012 - 09:31 PM

A few weeks ago I noticed that when trying to go to a website an error would come up about a server error. The problem was that it would occur on several different servers. Shortly after that I started noticing my computer getting slower. Now it's to the point it won't really play streaming video, is very delayed when going online, and generally slow in everything else I do including starting and restarting. I have run several online virus checks including malware bytes and AVG and still have not been able to resolve the issue. I would be extremely appreciative if I could get some assistance in both identifying and removing whatever is causing my computer to behave oddly.

Below are attached the requested files. I have a 64bit system and therefore have not included a GMER log.

Thanks

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:15 AM

Posted 15 July 2012 - 09:35 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/460154 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 shark13

shark13
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 17 July 2012 - 12:42 PM

My situation is still the same with a substantial decline in the speed at which my computer operates. I have disabled any cd/dvd drives as requested and included a copy of the DDS files. I look forward to receiving further assistance.

I did not receive any original windows software with my Windows 7 system.

Edited by shark13, 17 July 2012 - 12:43 PM.


#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:15 AM

Posted 17 July 2012 - 08:27 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

----------------------------------------------

Please run aswMBR in place of Gmer

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Posted Image
m0le is a proud member of UNITE

#5 shark13

shark13
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 19 July 2012 - 11:23 AM

Thanks m0le. I did recently remove AVG from my system before reading your note. I will not remove anything further. I have attached the requested log.

Attached Files



#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:15 AM

Posted 19 July 2012 - 02:42 PM

That looks fine. My first thought was that this wasn't malware but I would like to do a few more checks if I may

We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Posted Image
m0le is a proud member of UNITE

#7 shark13

shark13
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 21 July 2012 - 01:19 AM

Attached our the requested files.

Attached Files

  • Attached File  OTL.Txt   91.99KB   1 downloads


#8 shark13

shark13
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 21 July 2012 - 01:20 AM

I attempted to load the extra.txt file but it said file was too big. I have included the information below:

OTL Extras logfile created on: 7/20/2012 8:05:17 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Beads Worldwide\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 42.83% Memory free
7.49 Gb Paging File | 4.15 Gb Available in Paging File | 55.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 280.47 Gb Total Space | 199.78 Gb Free Space | 71.23% Space Free | Partition Type: NTFS
Drive D: | 17.32 Gb Total Space | 2.51 Gb Free Space | 14.47% Space Free | Partition Type: NTFS
Drive G: | 1.89 Gb Total Space | 1.37 Gb Free Space | 72.44% Space Free | Partition Type: FAT

Computer Name: BUSINESS | User Name: Beads Worldwide | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3402686642-2645844716-3634080963-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04EFEC73-00C9-4D0C-83CA-E96CB9AB5456}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{08DCEDAC-3772-46BC-A8C0-14251A40BE5A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{16F4D460-28EE-46C8-A389-F82DFFD7EFBA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1DE78E39-57A1-44B5-B17E-97C8C07033BB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1E0D5A83-F5DB-4620-8903-11A5EEEC16C5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E1CC176-41E0-4497-B132-F288B7CA2ADD}" = rport=138 | protocol=17 | dir=out | app=system |
"{270CBD68-BF81-4C64-9BAC-35D08FFA4FEC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2ADD1C1A-AF4C-4E82-887E-D54D642CB813}" = rport=445 | protocol=6 | dir=out | app=system |
"{2F249DDE-A26A-4D93-9820-64A6F6308A8A}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{36427767-564A-4219-9BB5-0D6DBB226818}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{60A848B8-6116-451B-A2FD-84851743AB91}" = lport=445 | protocol=6 | dir=in | app=system |
"{65A54456-3C94-4FA1-AD33-85A676FE7251}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{76809D43-4CF6-47C6-AF79-8543D4CEEDBF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7A7FCE7C-E474-459A-9EC6-74E4F3448898}" = lport=138 | protocol=17 | dir=in | app=system |
"{876A9EEB-0BDE-4A57-B0F3-FA2750F3F0AB}" = lport=139 | protocol=6 | dir=in | app=system |
"{87757612-D211-4189-9584-E096CE51B2A9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AA2F2377-500D-47BE-B24B-257AE79718FE}" = lport=19540 | protocol=17 | dir=in | name=sxuptp |
"{B1D96FE5-1BF7-41CB-AB4D-38CACF7890C3}" = lport=137 | protocol=17 | dir=in | app=system |
"{CACE2A3F-94D0-4A90-9C85-DE45A5BB75A9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D2AC1900-EEDE-4C34-A457-7C8437D04217}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D85D392A-99A5-4190-A9C3-5EEDAC2A7C32}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D9066959-D296-481D-98F3-E046BCDAECF9}" = rport=139 | protocol=6 | dir=out | app=system |
"{DADA19CA-A29D-48FC-BD7A-80FD281B0469}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DD273608-1366-4097-A527-627E71C5FE0C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E9E2360F-84FA-414E-90B7-4A585D347F86}" = rport=137 | protocol=17 | dir=out | app=system |
"{EEEA3C71-8275-4592-9C73-FC94B97CC42D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F0770722-ACAB-4A0C-BAB9-15B7694802D2}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0239DCED-ED54-4940-A8C8-2414C14819F7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{02DCDD84-AE72-480E-9F34-3FD67A9ADEB1}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{049EAF5E-DB73-4AF5-9034-7AD901C66636}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{05C38040-F5CB-4751-8BFD-A261FD20F735}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0899FC42-D50B-4A75-9AEB-58005A8852BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0C3A3C13-7F3D-4C90-BA6D-A00151E2E030}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{0FD0F283-D8F9-4DAB-9D71-FCDFB75C9417}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{270BA950-1759-4E02-A794-7D13A15CA3DF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2FD18DD4-08D1-44F4-90D1-0C71DB9B0B85}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{31C3D127-0C64-4291-95DC-471D22856CB2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{36E3D015-F139-4D8F-A6AB-C51C7F901C54}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{37EE426A-0C62-4973-8F0B-A34373EE240E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3B48811D-FDDC-4A4B-BE89-2A3F963BC516}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{445A9AD5-832E-49F0-B9D3-B544708226EC}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{445CE48D-A580-41A7-8B54-04174116EA6D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{474DF979-490C-4958-A3B6-C8574895B2AB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{4F06E9C3-E54E-4921-A6E6-261311C064AD}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{5695A4CA-D3E7-459B-A6C1-CED71B3E0C3E}" = dir=in | app=c:\program files\belkin\belkin usb print and storage center\connect.exe |
"{59106CA0-14A3-46D2-8B1C-691D42F73416}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5914A07C-6AEF-4DAC-83AB-6ED01E539132}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{5CAE6D2D-487F-42C0-845D-BD3900B74F93}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{61D8C5A3-DE7A-4F06-9B2F-C94E4F90B547}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{624E9E90-9D6F-4540-A9A7-55B0FB71E7F3}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{63B1731F-906E-4D26-B567-24506C125183}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6A6EF346-4A13-47E2-9AB7-565063D73BB6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{6E2A430E-41B8-4970-9896-E5137A06EF68}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{6E5BF5CE-F808-4B6E-A83E-B1FE13556F6F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{70ED29F3-1896-4495-B32D-3CBB1371B5E1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{74643451-F3F9-4A45-842D-B7A8AB9A7FAA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{79E86A4C-1F70-4055-99CB-A60471781213}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7EBB69F4-937A-4F9B-87AB-A8E721FD82C9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{88B40E4D-6A6A-4D29-95A7-24AF1CB1E05B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{8B5D55CB-1C18-4CBC-B56F-82627D768B8D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{8D8C7DD9-3F06-4DEE-92B0-EA96BF7903F3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{927CF994-225B-4DE7-B7CC-441829B12E66}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9310BD40-D6BE-4D6D-B89D-6276DD6FF576}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{96194319-414D-4478-B56A-ECD3F367F398}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{98074FFE-F26B-4DDE-ABC6-8AA7E141A541}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9DFBB4E5-3D00-4AB0-BA55-A8A3E4071999}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A019F151-C6DD-466F-A2A0-BBADC07B49ED}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{A1D2574C-CEC2-4C27-83AA-FBAF0FDEC1F1}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{A3A4B663-7DAA-4562-A680-C47CAC7A17FC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{A66146DE-2830-4CE6-8B79-923DFB6C7552}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{A6652858-D99D-4602-BDE1-47BB9AFCE025}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{A738B786-62E9-482D-AA6B-50675DF227D7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{A8AF4A94-0910-47AE-9128-888DF61B4E38}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A98EE21F-D378-45E3-A390-EA5026C9A352}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{ABDC8E61-B616-4EB8-8501-75D4C133034E}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{AE6A0325-223A-4835-ABF0-1F17E515B19D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B1FA19CE-B328-4B30-8700-7BDB9E32683E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B29FB4EA-3E81-4F21-80D3-9DD7ABC6BD1E}" = protocol=6 | dir=out | app=system |
"{B32C5C86-6813-4B1B-9BC8-1A98CCE2648B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{B37C0EB3-D4B6-4AEA-9780-43CB6766E95F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{B4D8E645-5159-4B68-B41D-06038E3F01EB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B59AB8F6-C060-497C-8659-2D2AEE4510B2}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B831C778-1F98-44DE-99AF-8CC5572B36F8}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{B88305E7-6821-46B7-A288-B0A10DE72049}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B954A727-2F55-455D-8610-FD290BF9CFBA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BC21A4DD-98B4-4E45-AD3C-1F4EB6F87341}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{C48F205A-CF29-4681-A47D-E99B513991CF}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C50529B8-9889-4ACD-879A-42FD7E23386C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C5F66F5A-B1EF-409C-84D6-4FFA0630C57B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{CA1EEEA0-6C58-4424-8DA9-6F04B8800456}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{CE486923-2204-4E2C-BB18-AA131E6F2F17}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{D0C186F8-424E-457C-9ECB-507CC810BCA4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{D101F5D9-2ADB-48CB-B9F5-CE0E408198FB}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D5EB9376-8598-4366-8288-8401EE3AFD5D}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{D6D3F211-0F9A-40EF-8E10-C562344EBE4D}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{DC58CFB0-1E8E-413E-A1B3-2446BA1A99E2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E457A283-DF2B-4B84-A7BB-D9C3C32C493A}" = dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{EACFDF81-D212-40E9-BEFC-83698086AB75}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EC014215-DE66-404F-A9A3-0F7D07D4CDB6}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{ECC83859-F826-4E60-8C70-2679218588B5}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{ED0DEF05-87B6-40EF-9345-D39BB6CD27B6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EE07BBA1-F26B-46F6-B8B5-47210DFF567D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F6C16D67-D0B9-4570-8792-01B4DD5F10DB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F7156468-2723-4A7D-9E96-FB30D69F7DE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{FDF8FF42-323A-4097-BC07-F7D95ED749A8}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FF6EE4EF-0DDC-4E4A-8B31-AB6620A52551}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"TCP Query User{233C4313-F6DF-4DF7-B039-63C074AE59EF}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{8A62A3F3-2BE7-4F08-B29C-0095D5A135AE}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{8E258087-02EB-426C-97AE-FAFF043CF6B7}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{8F018ED7-4FFD-4377-AEF8-2131CEBD319D}C:\users\beads worldwide\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\beads worldwide\appdata\local\akamai\netsession_win.exe |
"TCP Query User{A514B530-B3F6-4522-9235-3A4357B77F6D}C:\program files (x86)\google\google earth pro\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth pro\googleearth.exe |
"UDP Query User{3AEBFC7F-3B2A-4D4B-9421-7DAF6E3AEFBD}C:\program files (x86)\google\google earth pro\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth pro\googleearth.exe |
"UDP Query User{40797186-601F-4619-98EB-DF6C9236DCF0}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{4A90DBE0-DC58-4F46-BBE0-3B6869F5454A}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{4B617322-0A9B-4055-BF04-FB30500487F4}C:\users\beads worldwide\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\beads worldwide\appdata\local\akamai\netsession_win.exe |
"UDP Query User{5FAE6594-EA8C-4C45-AABC-EB26A6C93967}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{091A0130-A82F-4A6D-9C61-3BBBB3289030}" = RtVOsd
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java™ 6 Update 20 (64-bit)
"{3E2DA560-EE3E-45C2-9CC7-B1B0A06C6BE6}" = Motorola Driver Installation 3.9.0
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{6B9CE44B-52D0-4B2F-BDFA-56FF4977A790}" = AVG 2012
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant
"{C01AE65A-8874-3A33-BE03-23F8516A0350}" = ccc-utility64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{ECD0D4B5-FFA9-6E1B-A08D-58E82EA5EEB9}" = ATI Catalyst Install Manager
"{F86D9734-D358-4C5B-BC2B-6D90557FF05B}" = HP Officejet Pro 8500 A909 Series
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"AVG" = AVG 2012
"Belkin USB Print and Storage Center" = Belkin USB Print and Storage Center
"doPDF 7 printer_is1" = doPDF 7.2 printer
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Microsoft Security Client" = Microsoft Security Essentials
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0190D9DE-6D57-7727-861E-D4BEA111D86B}" = Catalyst Control Center Core Implementation
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0A785656-433A-0575-8C5D-A8EAE05329CA}" = CCC Help Thai
"{0AD77FFC-874E-9AAE-6A76-549DFEB17849}" = CCC Help Polish
"{0CD58F4F-B339-4B81-FAD4-2BF9E3590F60}" = CCC Help Czech
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1A47631D-8875-7993-476D-130C5D41D101}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{222A544B-E6B7-496F-B4D7-6FE74FF0E616}" = Bing Bar Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237a4b22-78c2-11d6-a394-00104bd190b1}" = QuickBooks Pro Edition 2003
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 26
"{28749552-9DBD-1D10-A894-6079282C941F}" = CCC Help German
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30F4D459-824A-498C-826C-7721B777207F}" = Catalyst Control Center - Branding
"{30F9800A-02C1-4B3A-B6D5-BA62601E4DDD}" = VZAccess Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32BA2A6E-6C61-0347-8958-7B2113982A55}" = CCC Help Portuguese
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3C66EECF-8143-55D4-774A-309A59230A92}" = Catalyst Control Center Graphics Full Existing
"{3D73DC7A-2D1D-45CF-8A67-24873925C716}" = bpd_scan
"{3D843732-70CD-4DEF-A36F-AEFB87C80DC9}" = ProductContext
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager
"{4C93C363-414E-11D4-9756-00C04F8EEB39}" = Macromedia Flash 5
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{54372041-9715-DE87-F84E-B0995D7567C6}" = CCC Help Chinese Traditional
"{55D56ACA-79C3-4692-9F78-2DA5E663770C}" = Print Artist Platinum 23
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5D6A4F95-49B5-0FC4-81CF-18176000B235}" = Catalyst Control Center Graphics Full New
"{5E25081D-9CB4-4B17-AD2B-8DF2DC335E85}" = HP Documentation
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{67E4EE98-59F4-4210-89A6-A20AF5BEC689}" = Microsoft Streets and Trips 2005
"{69754D89-C21E-4851-83C0-399DE63C6579}" = 8500A909_Help
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6D3650CA-7104-5DF0-E7EC-290CEC529AF8}" = CCC Help Korean
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{72FC0445-FE6D-4E12-815B-3A8C5E3704DA}_is1" = GroupMail :: Free Edition
"{76B344A5-F756-0107-3559-1D97F9B316DC}" = CCC Help Norwegian
"{7CA09975-C4BE-469D-E45F-E47E9391106B}" = CCC Help Dutch
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{81ADC365-6BA4-E757-81DA-BC9DC12DD291}" = Catalyst Control Center InstallProxy
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8AEA6737-8AF3-47BB-95CE-AAB62BE68985}" = MPM
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FA97A48-D942-AE67-D901-7C4136CC9DFD}" = CCC Help Danish
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{920E9471-FF68-680F-537C-F21777E53D31}" = CCC Help Turkish
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97174E88-52F9-445A-A28E-704A45332D19}" = HP Software Framework
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A4E828B6-FE61-E279-A174-F5323931400B}" = CCC Help Finnish
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A6F797DB-9D0C-4243-B15B-91CD21D7E980}" = 8500A909a
"{A7A02E23-805C-4AAC-B408-D59A1D53AEA6}" = BPDSoftware
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8833100-1481-11D4-9731-00C04F8EEB39}" = Macromedia Fireworks 4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{ABDA9912-5D00-11D4-BAE7-9367CA097955}" = Macromedia Dreamweaver 4
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC4E477E-BBD4-4C68-8D6C-D10C3BB658F3}" = BPD_DSWizards
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.1 MUI
"{AD0AA962-111E-41D5-A705-0E3D9178A661}" = BPDSoftware_Ini
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B318D3D1-3421-4E2A-9C63-5D8FC2457B9C}" = 8500A909_eDocs
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6BEB695-166D-E268-8AA2-A243F615D0BA}" = CCC Help Japanese
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C21A705D-D992-204F-8A2A-C31F490F502F}" = CCC Help Greek
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CAA10DB8-E20C-9192-38F9-1F5399EA2DB7}" = CCC Help Italian
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD184A27-1174-E497-189A-0CA5DB56BC97}" = CCC Help Chinese Standard
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{D1014B9B-5704-4B27-B581-1C19B72528D1}" = Panasonic DVC USB Driver
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D3A451EE-219D-F373-5152-8C4760278628}" = Catalyst Control Center Graphics Light
"{D5959B62-9515-8DC9-ED0B-1680210AAC3E}" = CCC Help English
"{DA9481F2-D8A1-CC1D-4A8E-22854E60C6EB}" = Catalyst Control Center Localization All
"{DE2B9A3D-976F-BE70-7557-52EE82BAB1C6}" = CCC Help French
"{DF6DA606-904D-4C18-823F-A4CFC3035E53}" = eFax Messenger
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E9F950D9-A469-644E-3977-31F2963AEE23}" = CCC Help Swedish
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ED6CEC68-1D49-5BCB-57B4-CD128E242356}" = CCC Help Hungarian
"{EDE97402-4A1F-2D15-FDB4-5620C57A9BA5}" = Catalyst Control Center Graphics Previews Common
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F08A7C44-17FC-ED74-831E-5BCA9D5B77AD}" = ccc-core-static
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1224610-A17E-4E65-560A-D56B963D650D}" = CCC Help Russian
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7C81FF0-8624-8C6E-D28D-CF68DFE7AE8C}" = Catalyst Control Center Graphics Previews Vista
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FBCCF9CE-61EE-425E-BE4D-959D76FA7701}" = Adobe GoLive 5.0
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 6.0" = Adobe Photoshop 6.0
"Adobe SVG Viewer" = Adobe SVG Viewer
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"Auto FTP Manager 4.0_is1" = Auto FTP Manager 4.0
"Batch XLSX to XLS Converter" = Batch XLSX to XLS Converter
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D1014B9B-5704-4B27-B581-1C19B72528D1}" = Panasonic DVC USB Driver
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"office Convert Pdf to Jpg Jpeg Tiff Free_is1" = office Convert Pdf to Jpg Jpeg Tiff Free 6.4
"SpamBayes_is1" = SpamBayes 1.1a6
"Video Mover_is1" = Video Mover
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087335" = Build-a-lot 2
"WT087342" = Dora's Carnival Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087372" = Heroes of Hellas 2 - Olympia
"WT087373" = Jewel Quest 3
"WT087379" = Jewel Quest Solitaire 2
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087414" = Virtual Families
"WT087415" = Wheel of Fortune 2
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/30/2012 6:42:48 PM | Computer Name = Business | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/30/2012 6:42:48 PM | Computer Name = Business | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/30/2012 6:42:48 PM | Computer Name = Business | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/30/2012 6:42:48 PM | Computer Name = Business | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/30/2012 6:42:48 PM | Computer Name = Business | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/30/2012 6:42:48 PM | Computer Name = Business | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/30/2012 6:42:48 PM | Computer Name = Business | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/30/2012 6:42:48 PM | Computer Name = Business | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/30/2012 6:42:48 PM | Computer Name = Business | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/30/2012 6:42:48 PM | Computer Name = Business | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

[ Hewlett-Packard Events ]
Error - 5/20/2012 3:09:58 AM | Computer Name = Business | Source = HPSF.exe | ID = 4000
Description =

Error - 5/27/2012 1:13:29 AM | Computer Name = Business | Source = HPSF.exe | ID = 4000
Description =

Error - 5/27/2012 11:47:30 PM | Computer Name = Business | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/64af8711_eb0a_4c57_b18e_f3f325d9771d/avkduv7rtftbbifhqihhxfyu_25.rem'
has been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3834 Ram Utilization: 50 TargetSite: Void UpdateDetail(System.String)

Error - 6/2/2012 3:34:40 PM | Computer Name = Business | Source = HPSF.exe | ID = 4000
Description =

Error - 6/8/2012 3:44:03 PM | Computer Name = Business | Source = HPSF.exe | ID = 4000
Description =

Error - 7/8/2012 12:21:57 PM | Computer Name = Business | Source = HPSF.exe | ID = 4000
Description =

Error - 7/19/2012 10:47:30 AM | Computer Name = Business | Source = HPSF.exe | ID = 4000
Description =

Error - 7/19/2012 10:48:46 AM | Computer Name = Business | Source = HPSF.exe | ID = 4000
Description =

Error - 7/19/2012 10:49:35 AM | Computer Name = Business | Source = HPSF.exe | ID = 4000
Description =

Error - 7/19/2012 10:50:38 AM | Computer Name = Business | Source = HPSF.exe | ID = 4000
Description =

[ HP Wireless Assistant Events ]
Error - 1/8/2011 12:27:41 AM | Computer Name = Business | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 1/8/2011 12:28:41 AM | Computer Name = Business | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 4/28/2011 8:40:27 AM | Computer Name = Business | Source = HP WA Service | ID = 0
Description = System.InvalidCastException at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 4/28/2011 8:40:27 AM | Computer Name = Business | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

at HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName)

at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardware radio)

at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 4/28/2011 8:40:28 AM | Computer Name = Business | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

at HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName)

at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardware radio)

at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 4/28/2011 8:40:28 AM | Computer Name = Business | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

at HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName)

at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardware radio)

at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 4/28/2011 8:52:29 AM | Computer Name = Business | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 4/28/2011 9:03:54 AM | Computer Name = Business | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()

Error - 7/6/2011 4:05:03 PM | Computer Name = Business | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 7/29/2011 12:53:00 PM | Computer Name = Business | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

[ System Events ]
Error - 7/7/2012 1:27:37 AM | Computer Name = Business | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Netman service.

Error - 7/7/2012 10:53:46 AM | Computer Name = Business | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR7.

Error - 7/8/2012 11:37:22 AM | Computer Name = Business | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.129.1173.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 7/10/2012 3:55:25 PM | Computer Name = Business | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.129.1298.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 7/10/2012 8:39:28 PM | Computer Name = Business | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFS

Error - 7/10/2012 8:40:25 PM | Computer Name = Business | Source = DCOM | ID = 10016
Description =

Error - 7/10/2012 8:40:55 PM | Computer Name = Business | Source = DCOM | ID = 10016
Description =

Error - 7/16/2012 10:43:19 AM | Computer Name = Business | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.

Error - 7/16/2012 10:30:32 PM | Computer Name = Business | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HPSLPSVC service.

Error - 7/19/2012 12:15:31 AM | Computer Name = Business | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.131.70.0 Update Source: %%859 Update Stage:
%%852 Source Path: http://www.microsoft.com Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.


< End of report >

#9 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:15 AM

Posted 21 July 2012 - 06:59 PM

We need to run an OTL Fix but just to remove a few bits and pieces.
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :OTL
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O4 - HKLM..\Run: []  File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.

There are no problems with malware so far - nor is there much evidence that any ever existed.

Your symptoms seem to show a slow down which may well be down to your ISP throttling your download speed. Do you know what your connection speed should be? Try testing it here and let me know what the results for the ping, upload and download are.
Posted Image
m0le is a proud member of UNITE

#10 shark13

shark13
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 23 July 2012 - 01:24 AM

Hi,

The problem is not so much even related to when I'm online. My computer takes for ever to start up and shut down. It between opening files takes longer than it did. Video player slower...even if they are on my hard drive. It happened rather suddenly as well. Around the same time I began getting an error message when trying to open up some web pages. Not an error message I had seen before. I apologize that I did not keep record of it. I also seemed to lost connection with my router often...since returning from a trip though that has not happened.

Attached Files



#11 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:15 AM

Posted 23 July 2012 - 02:54 PM

This does look like a system problem.

You may have corrupt critical system files. Let's see if we can fix that.
  • Select Posted Image
  • Select All Programs
  • Select Accessories
  • Right click Command Prompt and choose Run as administrator
Posted Image
  • If you have the User Account Control (UAC) enabled you will be asked for authorization prior to the command prompt opening.
  • You may simply need to press the Continue button if you are the administrator or insert the administrator password.
  • Copy & paste sfc /scannow in the command window and press enter.
  • Note the space between the c and the /
    • Be patient because the scan may take some time.
    • When that has completed then we need to create a logfile.
  • Repeat the process but this time copy & paste findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt in the command window and press Enter.

    Note: This will place a sfcdetails.txt file on your desktop with the SFC scan details from the CBS.LOG.

Then please run StartupLite

Please download StartupLite. to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve performance.


Finally run MiniToolBox

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Let me know how the machine is running after this.

Edited by m0le, 23 July 2012 - 03:00 PM.

Posted Image
m0le is a proud member of UNITE

#12 shark13

shark13
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 26 July 2012 - 01:26 PM

I tried the scan and then didn't get back to it for some time. I assume that the way in which to create the log file is by pasting "findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt" into the command line. When I did that it stated it could not open the sfcdetails.txt file. I have gone ahead and rerun the original scan and will request the file immediately after. Hopefully that was the cause of the problem.

#13 shark13

shark13
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 26 July 2012 - 03:06 PM

Tried again and got the same response. Any ideas?

#14 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:15 AM

Posted 26 July 2012 - 07:05 PM

If the scan completed then I don't need to see the log.

Please complete the other steps and then come back to me. :)
Posted Image
m0le is a proud member of UNITE

#15 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:11:15 AM

Posted 29 July 2012 - 07:42 PM

How are things going, shark13?
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users