Vista Startup Problem

hi all thanks for being here,
i have a problem starting vista and getting bsod i can start in safe mode no problem startup repair doesnt help but i can start the computer fully using last known good configuration.
how do i find out what is causing this problem ?
bsod say
stop: 0x0000003B (0x00000000c0000005, 0xfffffA6003DAFC36, 0xFFFFFA6005FEFE60, 0x0000000000000000)

Ks sys-addressFFFFFA6003DAFC36 base at FFFFFA6003D99000, datestamp 49e02bbf

any help would be appreciated

thanks

 

Hi Lepplin. Welcome to CHF.

Some Questions.

Did you install something just prior to this happening?

Did you try doing a system restore to a time before this problem started?

Did you check the event viewer?

Did this happen after a Windows update?

Are the Drivers for your Graphics up to date?

Is this 64 Bit?

 

hi DSTM,
i am not aware of installing any program prior to this problem
i have tried system restore and that seems to work untill the next time i try to startup again
not sure about event viewer
i dont think this started directly after a windows update
i am pretty sure my drivers are up to date
thank you
yes it is 64 bit

 

what am i looking for in event viewer ?

 

You are looking for Errors which have occurred with your OS. It is a Log.

Click on any errors for an explanation of what happened at a given time.

This can give a clue of what is wrong.

 

can i copy and paste the events on here ? and how do i do that ?

 

i have a few errors listed
here is one:

Log Name: Application
Source: Microsoft-Windows-CAPI2
Date: 07/07/2011 07:02:34
Event ID: 11
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: brian-PC
Description:
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event
<System>
<Provider Name="Microsoft-Windows-CAPI2" Guid="{5bbca4a8-b209-48dc-a8c7-b23d3e5216fb}" EventSourceName="Microsoft-Windows-CAPI2" />
<EventID Qualifiers="49154 11</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2011-07-07T06:02:34.000Z" />
<EventRecordID>128303</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>brian-PC</Computer>
<Security />
</System>
<EventData>
<Data>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab</Data>
<Data>A required certificate is not within its validity period when verifying against the

 

and 2 more


Log Name: Application
Source: Microsoft-Windows-WMI
Date: 07/07/2011 07:02:21
Event ID: 10
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: brian-PC
Description:
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event
<System>
<Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" EventSourceName="WinMgmt" />
<EventID Qualifiers="49152 10</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2011-07-07T06:02:21.000Z" />
<EventRecordID>128301</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>brian-PC</Computer>
<Security />
</System>
<EventData>
<Data>//./root/CIMV2</Data>
<Data>SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage &gt; 99</Data>
<Data>0x80041003</Data>
</EventData>
</Event>


Log Name: System
Source: Service Control Manager
Date: 07/07/2011 07:02:21
Event ID: 7000
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: brian-PC
Description:
The SAS Core Service service failed to start due to the following error:
The system cannot find the path specified.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event
<System>
<Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152 7000</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2011-07-07T06:02:21.000Z" />
<EventRecordID>665555</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>brian-PC</Computer>
<Security />
</System>
<EventData>
<Data Name="param1 SAS Core Service</Data>
<Data Name="param2 %%3</Data>
</EventData>
</Event>

 

Am I correct that you are able to go into safe mode, do a system restore and then boot normally only once? After that reboot you have the same problem as before?

 

yes that seems to be the case

 

What I take from that is a malware infection with a trojan that reinserts itself once you reboot. I urge you to have a look at this thread:

http://computerhelpf...e-removal-help/

I suggest that you follow the instructions on that page. If you are going to do so please let us know and we will move it to the Malware Removal Forum and notify Starbuck to have a look at it.

 

i am running malwarebytes atm and have 8 infected objects atm
thanks for your help

 

OK come back to us when you are done and, if it works great. If, on the other hand, it continues to return on reboot then it may well be something that malwarebytes can't remove permanently if at all.

 

Here is the logfile from malwarebytes

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 7043

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

07/07/2011 20:40:49
mbam-log-2011-07-07 (20-40-49).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 502337
Time elapsed: 1 hour(s), 22 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 8

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&ext=%s) Good: (http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files (x86)\Ubisoft\assassin's creed ii\Ubisoft\ubisoft game launcher\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\Users\brian\downloads\888poker.exe (PUP.Casino) -> Quarantined and deleted successfully.
c:\Users\brian\downloads\setup(4).exe (PUP.Casino) -> Quarantined and deleted successfully.
c:\Users\brian\downloads\nero 7 ultra edition enhanced xp & vista + keygen [scottayb]\keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\Users\brian\downloads\windows xp crack\wga fixer.exe (Hacktool.WGAFix) -> Quarantined and deleted successfully.
c:\Users\brian\downloads\windows xp crack\AMD64\antiwpa.dll (PUP.Wpakill) -> Quarantined and deleted successfully.
c:\Users\brian\downloads\windows xp crack\IA64\antiwpa.dll (PUP.Wpakill) -> Quarantined and deleted successfully.
c:\Users\brian\downloads\windows xp crack\X86\antiwpa.dll (PUP.Wpakill) -> Quarantined and deleted successfully.

 

OTL logfile created on: 07/07/2011 21:01:27 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\brian\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

5.99 Gb Total Physical Memory | 4.05 Gb Available Physical Memory | 67.54% Memory free
12.09 Gb Paging File | 10.20 Gb Available in Paging File | 84.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.56 Gb Total Space | 308.10 Gb Free Space | 45.07% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 11.64 Gb Free Space | 77.61% Space Free | Partition Type: NTFS

Computer Name: BRIAN-PC | User Name: brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\brian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Google\Update\1.3.21.57\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe (PC Pitstop LLC)
PRC - C:\Program Files (x86) (x86)\Dell V305\dldtmon.exe ()
PRC - C:\Program Files (x86) (x86)\Dell V305\dldtmsdmon.exe ()
PRC - C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files (x86)\Folding@home\Folding@home-gpu\Folding@home.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe (Logitech Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\brian\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (dldt_device) -- C:\Windows\SysNative\dldtcoms.exe ( )
SRV:64bit: - (dldtCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\dldtserv.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (lxby_device) -- C:\Windows\SysNative\lxbycoms.exe ( )
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (GoToAssist) -- C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (PCPitstop Scheduling) -- C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe (PC Pitstop LLC)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (dldt_device) -- C:\Windows\SysWow64\dldtcoms.exe ( )
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (lxby_device) -- C:\Windows\SysWow64\lxbycoms.exe ( )
SRV - (PLFlash DeviceIoControl Service) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdLH6.sys (Advanced Micro Devices)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (nmwcdnsux64) -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys (Nokia)
DRV:64bit: - (nmwcdnsucx64) -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys (Nokia)
DRV:64bit: - (pbfilter) -- C:\Program Files\PeerBlock\pbfilter.sys ()
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (sbapifs) -- C:\Windows\SysNative\DRIVERS\sbapifs.sys (Sunbelt Software)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (motmodem) -- C:\Windows\SysNative\DRIVERS\motmodem.sys (Motorola)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (NAL) -- C:\Windows\SysNative\Drivers\iqvw64e.sys (Intel Corporation )
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (e1yexpress) Intel(R) -- C:\Windows\SysNative\DRIVERS\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (ENTECH64) -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys (EnTech Taiwan)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\Drivers\RootMdm.sys (Microsoft Corporation)
DRV:64bit: - (e1express) Intel(R) -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys (Intel Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (ssm_mdm) -- C:\Windows\SysNative\DRIVERS\ssm_mdm.sys (MCCI Corporation)
DRV:64bit: - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- C:\Windows\SysNative\DRIVERS\ssm_bus.sys (MCCI Corporation)
DRV:64bit: - (ssm_mdfl) -- C:\Windows\SysNative\DRIVERS\ssm_mdfl.sys (MCCI Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (Null) -- C:\Windows\SysWow64\null ()
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/?pc=WLEM
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 05 C1 CF 91 E8 FF CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.virginmedia.com"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.10.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@meadco.com eptune plugin,version=2.0.0.29: C:\PROGRA~2\MEADCO~1\npmeadax.dll (MeadCo Corp.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files (x86)\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files (x86)\Microsoft Research\HD View\nphdview.dll (Microsoft Research)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/06/03 09:38:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/07/05 11:52:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/07 09:03:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/07 09:03:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/06/03 09:38:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2009/12/03 20:10:29 | 000,000,000 | ---D | M]

[2010/04/04 10:40:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\brian\AppData\Roaming\Mozilla\Extensions
[2009/10/14 19:03:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\brian\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2009/12/15 23:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\brian\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2011/05/04 07:38:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\brian\AppData\Roaming\Mozilla\Firefox\Profiles\x616aksh.default\extensions
[2010/04/27 23:20:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\brian\AppData\Roaming\Mozilla\Firefox\Profiles\x616aksh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/25 17:05:41 | 000,000,000 | ---D | M] (Foxit PDF Creator Toolbar) -- C:\Users\brian\AppData\Roaming\Mozilla\Firefox\Profiles\x616aksh.default\extensions\toolbar@ask.com
[2011/03/25 18:25:40 | 000,001,832 | ---- | M] () -- C:\Users\brian\AppData\Roaming\Mozilla\Firefox\Profiles\x616aksh.default\searchplugins\bing.xml
[2011/05/04 17:50:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/28 19:14:45 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/09/22 18:10:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/03/25 08:22:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011/06/28 23:08:29 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/03/08 11:24:04 | 000,103,168 | ---- | M] (Midasplayer Ltd) -- C:\Program Files (x86)\mozilla firefox\plugins\npmidas.dll
[2010/01/01 09:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 09:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 09:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/12/23 23:01:45 | 000,370,684 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 12779 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Virgin Media Toolbar) - {A057A204-BACC-4D26-CFC3-3CECC9AB2EDA} - C:\Program Files (x86)\virginmediatoolbar\virginmediatoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Virgin Media Toolbar) - {A057A204-BACC-4D26-CFC3-3CECC9AB2EDA} - C:\Program Files (x86)\virginmediatoolbar\virginmediatoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Virgin Media Toolbar) - {A057A204-BACC-4D26-CFC3-3CECC9AB2EDA} - C:\Program Files (x86)\virginmediatoolbar\virginmediatoolbar.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKCU\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [dldtamon] C:\Program Files (x86)\Dell V305\dldtamon.exe ()
O4:64bit: - HKLM..\Run: [dldtmon.exe] C:\Program Files (x86)\Dell V305\dldtmon.exe ()
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [LXBYCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\LXBYtime.DLL ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [dldtamon] C:\Program Files (x86) (x86)\Dell V305\dldtamon.exe ()
O4 - HKLM..\Run: [dldtmon.exe] C:\Program Files (x86) (x86)\Dell V305\dldtmon.exe ()
O4 - HKLM..\Run: [LVCOMSX] C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\RunOnce: [Shockwave Updater] File not found
O4 - Startup: C:\Users\brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home-gpu.lnk = C:\Users\brian\AppData\Roaming\Microsoft\Installer\{6A90C837-054E-44AE-B9BD-1B1F87986BBC}\_98830A63A82EB98D7BA198.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: amd.com ([game] https in Trusted sites)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (PCMaticVer Class)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.euro.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0EBBED-0C42-4D0F-82DA-44399B5C420A} http://downloads.virginmedia.com/CST/ver1/vistainstaller.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - C:\Program Files (x86)\Citrix\GoToAssist\615\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img3.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img3.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9b33c039-fde6-11dd-aa5b-00219b29d339}\Shell - "" = AutoRun
O33 - MountPoints2\{9b33c039-fde6-11dd-aa5b-00219b29d339}\Shell\AutoRun\command - "" = K:\OblivionLauncher.exe
O33 - MountPoints2\{b15d1468-58e4-11de-b7ca-00219b29d339}\Shell - "" = AutoRun
O33 - MountPoints2\{b15d1468-58e4-11de-b7ca-00219b29d339}\Shell\AutoRun\command - "" = L:\CD_Start.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


MsConfig:64bit - StartUpFolder: C:^Users^brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Adobe Photo Downloader - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
MsConfig:64bit - StartUpReg: DellSupportCenter - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Download Nitro - hkey= - key= - C:\Program Files (x86)\PCPitstop\Download Nitro\pcpitstop-nitro.exe (PC Pitstop, LLC)
MsConfig:64bit - StartUpReg: LogitechCommunicationsManager - hkey= - key= - C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
MsConfig:64bit - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig:64bit - StartUpReg: PC Suite Tray - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: PeerBlock - hkey= - key= - C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
MsConfig:64bit - StartUpReg: RoboForm - hkey= - key= - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/07/07 20:58:20 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\brian\Desktop\OTL.exe
[2011/07/07 19:12:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/07/07 19:12:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011/07/07 19:02:41 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{EB7F56D8-9DCE-4A4E-82DC-B48D2C6DAFF7}
[2011/07/06 20:49:14 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{7AE2636F-B03E-4703-84F0-C8C43AD1499D}
[2011/07/06 19:37:46 | 001,242,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2011/07/06 19:37:46 | 000,084,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2011/07/06 19:37:45 | 002,392,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2011/07/06 19:37:45 | 002,075,712 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011/07/06 19:37:45 | 000,648,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2011/07/06 19:37:44 | 003,048,552 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2011/07/06 19:37:44 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2011/07/05 18:18:40 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Roaming\Malwarebytes
[2011/07/05 18:18:30 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/05 18:18:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/05 18:18:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/07/05 18:18:24 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/05 18:18:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/07/05 12:41:46 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{DC6B677E-BF7B-4674-9603-3F112C86892A}
[2011/07/04 13:48:19 | 000,000,000 | ---D | C] -- C:\Users\brian\Desktop\john price work
[2011/07/04 12:14:48 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{785A1DE5-7B9C-4022-88F1-140589673408}
[2011/07/03 23:50:06 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{0FE11D4F-0869-4934-B065-E7645A0A7748}
[2011/07/01 22:01:02 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{6AFE1F50-BA8F-46C8-ABEA-9714A78AFFB1}
[2011/06/30 22:06:03 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{EAB53065-C293-4070-9FF6-0CAD3337B3A4}
[2011/06/30 05:50:46 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{E565B414-0295-4CDB-BC01-6DCB9297F7AC}
[2011/06/29 22:07:13 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{E0FAF8CF-AC90-455A-98A8-A19B3A7495D0}
[2011/06/29 08:14:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SkyPoker(153)
[2011/06/28 22:54:12 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{E8E3D605-CB8B-4CA7-ADB7-9C203BA315A1}
[2011/06/28 06:42:18 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{F76495FC-A875-40B5-A743-6E4F57F13A8D}
[2011/06/27 17:57:22 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{ECEC4C86-56EE-4BA0-A0E4-F2B6CB940223}
[2011/06/27 10:42:35 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{C97FE130-8F26-467C-B23B-59583DE83D67}
[2011/06/26 22:42:10 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{F4544B0B-FC4B-4133-AE1F-74646DFF4ADA}
[2011/06/26 07:52:15 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{2C0D7B66-BA11-4B50-823E-65F56F4E4665}
[2011/06/25 16:30:16 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{54B617BE-8E77-4C36-A45A-FD16396F7395}
[2011/06/24 16:52:34 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{D596364A-1966-4225-9F99-5ECDCF79E2D3}
[2011/06/23 20:16:43 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{8900C41D-B70C-4851-9D82-D83540E26B88}
[2011/06/22 21:42:37 | 000,111,632 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\AtihdLH6.sys
[2011/06/22 20:27:30 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{BAAEFF75-118F-4265-ADCD-F1289EE84B4B}
[2011/06/21 21:34:19 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{63A4990D-5C45-4A21-8057-53CE491EECD5}
[2011/06/21 06:57:34 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{7E9B256B-D52B-42BC-9F54-FEF2A7FE3F03}
[2011/06/20 10:22:45 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{063066DD-A741-40B6-AFA1-862F73A0B6BF}
[2011/06/19 00:13:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/19 00:13:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/06/19 00:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/19 00:10:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/06/18 23:28:40 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{8D16BC99-8279-441C-8513-751664768BB0}
[2011/06/18 06:44:49 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{960A2BB3-8741-4C4C-8552-8C4BEC471D15}
[2011/06/16 23:17:22 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/16 23:17:21 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/06/16 23:17:21 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/06/16 23:17:21 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/06/16 23:17:21 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/16 23:17:21 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/16 23:17:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/16 23:17:21 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/16 20:41:51 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/16 19:28:35 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{4472DFEE-7358-4EE2-BF8A-03BD76B295E0}
[2011/06/15 22:48:25 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{8815325A-8120-448C-8648-77D6234BB870}
[2011/06/15 06:44:37 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{3B65E02D-ECDF-4EF0-9DD3-36A73937EF0F}
[2011/06/13 23:00:02 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{A1D17B1C-FCE8-423E-98B8-FD7777F71D89}
[2011/06/13 07:38:49 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{4926499F-86D5-4819-B867-43630DBB3D42}
[2011/06/12 16:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod(25)
[2011/06/12 15:58:26 | 000,000,000 | ---D | C] -- C:\Users\brian\{dedf6b97-c2fc-47cb-a389-47a7329db5a4}
[2011/06/11 16:43:47 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{B361476B-3661-4D07-8531-C6F34B28ED78}
[2011/06/10 19:46:48 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{21E8A75A-8285-4341-AA01-3147435199A4}
[2011/06/10 07:13:13 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{C314FC7F-1A50-4A39-A0E8-FCD1B929B8E4}
[2011/06/09 07:02:00 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{A0024535-EF2D-45C2-B57D-A3E933B536BF}
[2011/06/08 07:23:53 | 000,000,000 | ---D | C] -- C:\Users\brian\AppData\Local\{27C03564-98B5-493B-9AA3-B4ACC807E57C}
[2010/09/03 23:02:09 | 001,105,920 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtserv.dll
[2010/09/03 23:02:09 | 001,044,648 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtcoms.exe
[2010/09/03 23:02:09 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtcomc.dll
[2010/09/03 23:02:09 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtusb1.dll
[2010/09/03 23:02:09 | 000,675,328 | ---- | C] ( ) -- C:\Windows\SysWow64\DLDThcp.dll
[2010/09/03 23:02:09 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\dldthbn3.dll
[2010/09/03 23:02:09 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtpmui.dll
[2010/09/03 23:02:09 | 000,603,304 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtcfg.exe
[2010/09/03 23:02:09 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtlmpm.dll
[2010/09/03 23:02:09 | 000,518,824 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtih.exe
[2010/09/03 23:02:09 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtcomm.dll
[2010/09/03 23:02:09 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtinpa.dll
[2010/09/03 23:02:09 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtiesc.dll
[2010/09/03 23:02:09 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\dldtprox.dll
[2010/09/03 20:00:52 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbypmui.dll
[2010/09/03 20:00:52 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbyinpa.dll
[2010/09/03 20:00:52 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbyiesc.dll
[2010/09/03 20:00:51 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbyserv.dll
[2010/09/03 20:00:51 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbyusb1.dll
[2010/09/03 20:00:51 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbyhbn3.dll
[2010/09/03 20:00:51 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbycomc.dll
[2010/09/03 20:00:51 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbylmpm.dll
[2010/09/03 20:00:51 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbycoms.exe
[2010/09/03 20:00:51 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbycomm.dll
[2010/09/03 20:00:51 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbyih.exe
[2010/09/03 20:00:51 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbycfg.exe
[2010/09/03 20:00:51 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbyppls.exe
[2010/09/03 20:00:51 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbyprox.dll
[2010/09/03 20:00:51 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbypplc.dll
[2009/06/07 21:19:02 | 000,106,496 | ---- | C] ( ) -- C:\Windows\SysWow64\VM_1.dll
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\brian\Documents\*.tmp files -> C:\Users\brian\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/07 20:58:23 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\brian\Desktop\OTL.exe
[2011/07/07 20:44:11 | 000,002,661 | ---- | M] () -- C:\Users\brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home-gpu.lnk
[2011/07/07 20:43:53 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/07/07 20:43:46 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/07 20:43:38 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/07 20:43:38 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/07 20:43:36 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/07/07 20:43:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/07 20:43:27 | 2138,234,879 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/07 20:26:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/07 19:12:18 | 000,000,945 | ---- | M] () -- C:\Users\brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/07/07 19:12:15 | 000,000,765 | ---- | M] () -- C:\Users\brian\Desktop\NTREGOPT.lnk
[2011/07/07 19:12:15 | 000,000,746 | ---- | M] () -- C:\Users\brian\Desktop\ERUNT.lnk
[2011/07/07 07:01:23 | 500,472,651 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/07/05 23:09:24 | 000,001,356 | ---- | M] () -- C:\Users\brian\AppData\Local\d3d9caps.dat
[2011/07/05 18:18:31 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/05 11:56:30 | 000,001,798 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/07/05 11:56:27 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/07/05 11:25:07 | 000,000,732 | ---- | M] () -- C:\Users\brian\AppData\Local\d3d9caps64.dat
[2011/07/05 11:11:52 | 000,088,662 | ---- | M] () -- C:\Users\brian\Documents\cc_20110705_111138.reg
[2011/07/05 11:07:52 | 000,000,858 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/06/29 07:27:25 | 000,402,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/29 06:57:07 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/06/28 21:01:07 | 000,003,072 | ---- | M] () -- C:\Windows\SysNative\umstartup.etl
[2011/06/25 17:07:07 | 000,054,570 | ---- | M] () -- C:\Users\brian\Desktop\Letter1620_20110625 (1).pdf
[2011/06/23 22:39:03 | 000,709,582 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/23 22:39:03 | 000,612,902 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/23 22:39:03 | 000,110,212 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/23 11:42:24 | 000,082,944 | ---- | M] () -- C:\Windows\SysNative\umstartup000.etl
[2011/06/20 10:13:17 | 000,002,651 | ---- | M] () -- C:\Users\brian\Desktop\Microsoft Office Word 2007.lnk
[2011/06/19 00:13:51 | 000,001,696 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\brian\Documents\*.tmp files -> C:\Users\brian\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/07 19:12:18 | 000,000,945 | ---- | C] () -- C:\Users\brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/07/07 19:12:15 | 000,000,765 | ---- | C] () -- C:\Users\brian\Desktop\NTREGOPT.lnk
[2011/07/07 19:12:15 | 000,000,746 | ---- | C] () -- C:\Users\brian\Desktop\ERUNT.lnk
[2011/07/06 11:19:12 | 2138,234,879 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/05 18:18:31 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/05 11:11:42 | 000,088,662 | ---- | C] () -- C:\Users\brian\Documents\cc_20110705_111138.reg
[2011/06/28 22:27:21 | 000,001,798 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/06/25 17:07:08 | 000,054,570 | ---- | C] () -- C:\Users\brian\Desktop\Letter1620_20110625 (1).pdf
[2011/06/19 00:13:51 | 000,001,696 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/05/02 22:59:01 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/09/03 23:03:55 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\dldtwupd.dll
[2010/09/03 23:03:55 | 000,015,528 | ---- | C] () -- C:\Windows\SysWow64\dldtwupd.exe
[2010/09/03 23:03:44 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\dldtcomx.dll
[2010/09/03 23:02:09 | 000,747,520 | ---- | C] () -- C:\Windows\SysWow64\dldtutil.dll
[2010/09/03 23:02:09 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\DLDTinst.dll
[2010/09/03 23:02:09 | 000,298,496 | ---- | C] () -- C:\Windows\SysWow64\dldtgrd.dll
[2010/09/03 23:02:09 | 000,236,544 | ---- | C] () -- C:\Windows\SysWow64\dldtins.dll
[2010/09/03 23:02:09 | 000,164,864 | ---- | C] () -- C:\Windows\SysWow64\dldtinsb.dll
[2010/09/03 23:02:09 | 000,129,024 | ---- | C] () -- C:\Windows\SysWow64\dldtjswr.dll
[2010/09/03 23:02:09 | 000,100,352 | ---- | C] () -- C:\Windows\SysWow64\dldtcu.dll
[2010/09/03 23:02:09 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\dldtinsr.dll
[2010/09/03 23:02:09 | 000,068,608 | ---- | C] () -- C:\Windows\SysWow64\dldtcub.dll
[2010/09/03 23:02:09 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\dldtcur.dll
[2010/09/03 20:00:52 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxbycomx.dll
[2010/09/03 20:00:52 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\lxbyinst.dll
[2010/08/09 19:41:22 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010/06/11 19:14:46 | 000,247,296 | ---- | C] () -- C:\Windows\azssuninst.exe
[2010/06/11 19:14:44 | 000,100,864 | ---- | C] () -- C:\Windows\keyhook2.dll
[2010/03/26 00:45:44 | 000,700,310 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/03/20 22:31:29 | 000,002,528 | ---- | C] () -- C:\Users\brian\AppData\Roaming\$_hpcst$.hpc
[2010/02/19 21:02:35 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\WBHelps21.dll
[2009/08/24 20:28:49 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/08/24 20:27:56 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/08/24 20:27:21 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/08/20 20:56:22 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2009/08/13 22:12:02 | 000,000,732 | ---- | C] () -- C:\Users\brian\AppData\Local\d3d9caps64.dat
[2009/07/23 11:41:04 | 000,782,336 | ---- | C] () -- C:\Windows\SysWow64\dldtdrs.dll
[2009/07/06 22:08:16 | 000,032,608 | ---- | C] () -- C:\Windows\king-uninstall.exe
[2009/05/24 09:43:53 | 000,001,356 | ---- | C] () -- C:\Users\brian\AppData\Local\d3d9caps.dat
[2009/05/14 08:57:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\dldtcaps.dll
[2009/05/10 21:32:40 | 000,691,592 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2009/05/10 21:32:40 | 000,528,744 | ---- | C] () -- C:\Windows\SysWow64\OGAVerify.exe
[2009/05/07 17:37:53 | 000,027,528 | ---- | C] () -- C:\Users\brian\AppData\Roaming\UserTile.png
[2009/05/06 19:43:17 | 000,000,760 | ---- | C] () -- C:\Users\brian\AppData\Roaming\setup_ldm.iss
[2009/03/23 22:01:42 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/02/27 22:23:58 | 000,188,896 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009/02/27 22:23:43 | 000,070,968 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009/02/27 22:23:41 | 002,246,144 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2009/02/20 18:32:20 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/02/18 20:28:36 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini
[2009/02/05 22:04:26 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/02/01 15:34:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/01/31 12:53:25 | 000,106,496 | ---- | C] () -- C:\Users\brian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/30 23:45:54 | 000,001,558 | ---- | C] () -- C:\Users\brian\AppData\Roaming\wklnhst.dat
[2009/01/28 19:56:04 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/01/25 20:28:14 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/01/25 20:04:52 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2009/01/25 12:46:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/11/06 17:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/11/06 17:33:02 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll
[2008/01/22 02:05:12 | 000,077,906 | ---- | C] () -- C:\Windows\SysWow64\dldtcfg.dll
[2008/01/21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/11/13 20:13:10 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\dldtcnv4.dll
[2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2006/11/02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2009/08/03 00:07:49 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2010/08/18 15:01:23 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Bioshock
[2011/03/19 01:48:55 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\com.orbis.air.SkyPoker.7C82499D7E4526CADD9D1D1B010AFE250A7BEC27.1
[2009/02/18 19:11:04 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\DAEMON Tools
[2011/07/05 11:09:45 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\DAEMON Tools Lite
[2009/02/18 19:11:04 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\DAEMON Tools Pro
[2011/06/03 19:15:45 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Doctor Who
[2010/12/22 17:27:20 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\DriverCure
[2010/09/10 16:59:12 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Easy Duplicate Finder
[2010/06/22 23:40:44 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Floodlight Games
[2011/07/04 11:32:07 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Folding@home-gpu
[2011/03/25 19:35:53 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Foxit Software
[2011/07/05 11:09:43 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Free Download Manager
[2010/08/16 21:20:39 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\FreeFileViewer
[2010/06/22 22:37:26 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Gestalt Games
[2010/04/22 19:44:44 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\LimeWire
[2009/10/24 20:48:10 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\NLOP
[2010/08/30 23:23:44 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Nokia
[2010/06/05 19:06:09 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Nokia Ovi Suite
[2009/08/30 18:26:11 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Oberonv1002
[2009/03/25 23:20:04 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\OpenOffice.org
[2010/12/22 17:27:20 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\ParetoLogic
[2010/03/26 19:44:54 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\PC Suite
[2010/12/09 23:31:01 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\PCDr
[2009/08/08 12:54:45 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Peace Craft
[2011/03/20 00:00:34 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\PFStaticIP
[2009/10/24 21:11:44 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\PokerCreations
[2011/04/09 22:18:04 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Research In Motion
[2010/12/31 10:48:56 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Samsung
[2011/03/17 19:01:42 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\SystemRequirementsLab
[2009/01/30 23:45:55 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Template
[2009/10/14 19:03:13 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\TomTom
[2011/05/21 21:02:34 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\TS3Client
[2011/04/15 14:03:08 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\TuneUp Software
[2011/03/12 20:55:12 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Ubisoft
[2011/07/05 11:09:43 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\uTorrent
[2011/04/15 20:03:03 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\ViGlance
[2011/05/25 22:45:13 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\WinAVI
[2011/04/08 08:52:51 | 000,000,000 | ---D | M] -- C:\Users\brian\AppData\Roaming\Windows Live Writer
[2011/06/29 06:57:07 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/07/07 20:41:18 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/07/07 20:43:36 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
[2010/12/15 21:53:00 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B69B8853-70DE-4505-9E47-2246C636271F}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2009/01/25 20:32:35 | 000,004,270 | RH-- | M] () -- C:\dell.sdr
[2010/09/04 21:54:49 | 000,001,157 | ---- | M] () -- C:\dldt.log
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2011/07/07 20:43:27 | 2138,234,879 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2011/07/07 20:43:22 | 2451,845,119 | -HS- | M] () -- C:\pagefile.sys
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2009/11/16 11:26:24 | 000,207,064 | ---- | M] () -- C:\Windows6.1-KB925681-x86.msu

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\* >
[2008/01/21 04:21:59 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/06/28 23:08:29 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/06/28 23:08:29 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/28 23:08:29 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2011/06/28 23:08:29 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2011/06/28 23:08:29 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2011/06/28 23:08:29 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -hide [2011/04/15 19:55:50 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -show [2011/04/15 19:55:50 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -reinstall [2011/04/15 19:55:50 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/04/15 19:55:50 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/04/15 19:55:50 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/04/15 19:55:48 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/04/15 19:55:48 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/04/15 19:55:48 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/04/15 19:55:50 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/04/15 19:55:50 | 000,748,336 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 198 bytes -> C:\ProgramData\TEMP282699C
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:CF2C26D2
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:2A8A3140
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:ABD3B354
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:45FE2B4E
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:331C7AE9
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:5425B7F5
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:27B99ED6
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:4DBBB4EA
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:32ED0002
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:9C5E2795
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:940C4202

< End of report >

 

OTL Extras logfile created on: 07/07/2011 21:01:27 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\brian\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

5.99 Gb Total Physical Memory | 4.05 Gb Available Physical Memory | 67.54% Memory free
12.09 Gb Paging File | 10.20 Gb Available in Paging File | 84.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.56 Gb Total Space | 308.10 Gb Free Space | 45.07% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 11.64 Gb Free Space | 77.61% Space Free | Partition Type: NTFS

Computer Name: BRIAN-PC | User Name: brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 70 13 39 72 F8 24 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D7FDB1-2B3D-4B92-BF58-ED8E85F0DED4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{02DF5F56-CE6E-4B93-9DB8-FE3285072340}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{0367684D-B068-4515-9D8C-1ADD73AE790D}" = lport=139 | protocol=6 | dir=in | app=system |
"{1537A65C-7295-4262-8DAE-307149261755}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1C9CFF47-AEE4-4AD2-AD28-E6DB36D6091E}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{1F3EA623-E7D0-40F4-952C-04049C04EDB0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{203744FF-2626-453E-A1DA-91C6224C9322}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2450A3E3-D82E-4C59-8395-E12FE9E0911B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{28265C30-6FF0-4867-8CBC-6F26BEDE78EC}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2AF36DD6-1E04-417C-9920-B6F690405511}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FEF2AB8-93E9-41BC-A66C-6C47A7C95EEA}" = lport=137 | protocol=17 | dir=in | app=system |
"{3D7077A8-6622-41F4-84E2-9359217CC8FE}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{48B1F8DB-BB61-479C-A9D2-C63248DEA7B6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{49B0EF78-927E-459D-ADA4-2D40BE4A4925}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{51F4A3F2-430C-4CFB-B9D2-8728A85B3AD0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5371337E-FC58-4CC1-840E-CE3D72A33290}" = rport=445 | protocol=6 | dir=out | app=system |
"{5EE59AA6-392D-40D9-BE61-EA2A582EC00D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{613300B8-037F-4F8A-8EAC-E5F11DAD8C77}" = rport=137 | protocol=17 | dir=out | app=system |
"{6CF9CE97-54EF-473D-8119-9C8D3952EE8C}" = rport=139 | protocol=6 | dir=out | app=system |
"{6DEA9738-4A84-4AF4-9E43-0092D84A47C6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{752A0863-EFDD-4B25-86D1-6041E09EB888}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7829C6AF-9A8E-467D-91D8-8F03022BA2D1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{787D92DF-AD14-4C48-9CD0-2B81300C24E2}" = lport=138 | protocol=17 | dir=in | app=system |
"{7E17AEE7-8090-462C-B63F-D084FCC60011}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7E97085F-30A4-4DE6-BF30-ECF808AA84B2}" = rport=138 | protocol=17 | dir=out | app=system |
"{7FE4C164-0979-4A0E-AB2F-023513D14BBF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8F0D1A48-D1ED-4FF5-BA57-F24F6FBD272E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{99BB3CC1-B1BB-4C32-8A07-2A68CB4C3139}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{B0774BC7-4F49-4767-B9E7-979AA360074E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B07DE883-0963-426D-8529-CF4BCD2AB1CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C2394C80-9336-490B-9E27-DDD87F9DA753}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CBB28C21-5E56-4A24-96B1-9CCDD675DC7A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{CE58456A-F74E-47E1-B188-D5F11F648F33}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{E200DC97-B104-4432-9F0E-C6192663A9F2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F818A0E6-8B8A-4B59-994A-828F6D00E9E7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F98AFDFC-CA58-4FCA-A115-39737FB59BCE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0087463E-5869-432C-BCD3-7A838D184222}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0110DC89-24C1-48D2-A503-90FC2449F4FA}" = protocol=17 | dir=in | app=c:\program files (x86) (x86)\dell v305\frun.exe |
"{03A17ABA-CC1E-4078-869E-2D871F3CC699}" = protocol=6 | dir=in | app=c:\program files (x86)\dell v305\dldtamon.exe |
"{054F8F5D-E70C-4D18-BB0C-F409C21126A4}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldtpswx.exe |
"{06F03933-D68F-46E1-BBAA-05E6BAEA5EBD}" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{085723AA-81D0-4DAE-AF6D-20E6917296E1}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{0ADA45CA-3A34-4C38-A266-7C40103A19AB}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxbypswx.exe |
"{0AEE216B-4998-4E62-8F8B-3617B1F380B5}" = protocol=6 | dir=in | app=c:\program files (x86)\dell v305\dldtmon.exe |
"{0C22A477-532A-480E-BC84-B7A404A5BB98}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxbypswx.exe |
"{0CA1F391-EAE6-49F3-873B-798E8E6B2062}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxbycoms.exe |
"{0E200F2F-360E-4CFA-B009-085D95458741}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{14F13EBE-B79F-427E-902A-826F3E1F5E88}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1E58CA30-DC9E-44D5-AFC9-DD868488285E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{225100B3-9292-4283-93EB-52D01C8AD213}" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{22BFB7F3-22C2-47F8-8DF1-E1818BE3E042}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2D2E21FD-9F19-44A0-9B42-BF88BB292C9D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2D77E556-0181-4577-BC58-B286F90AAD53}" = protocol=6 | dir=out | app=system |
"{2EB21784-F211-434C-90D2-E737B6241906}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldtpswx.exe |
"{3507F798-DA4C-4099-B2E8-C2B9E66677AA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{38A80332-F935-4A2B-8B7A-0FE46EBA5EB7}" = protocol=17 | dir=in | app=c:\program files (x86)\dell v305\frun.exe |
"{3C833580-3484-457F-9808-50D3E95281A3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{40460A5A-3D54-4DCC-BADD-28CCBA586E38}" = dir=in | app=c:\program files (x86)\dell v305\frun.exe |
"{4171C7C9-DB3D-408E-B254-421551676F0D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{45C86786-AF99-4F2F-A2BB-963D41E95B3B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{490D4985-6FDF-4960-A5DA-674A8E62DB8D}" = protocol=6 | dir=in | app=c:\windows\system32\lxbycoms.exe |
"{492F1A9B-3715-4823-B649-3ABD9CA1DFFA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4A70765F-82E9-45E3-8672-F7F80B9B3410}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4ABAE95F-2B40-482B-AF19-B03D7562236E}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{4FF47B4E-E00D-4FAA-9965-17F823348577}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{500FBD76-B9D1-4FA8-8898-4999CC105765}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{53268C1B-F1A0-47DB-8D2A-69C70EAE82EF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5956A85E-239C-4C01-BA95-9E446737685D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{59E67885-36AC-484E-A66A-78B1F47CC8C0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5A31F58D-45EF-4CBA-82E1-726447EB854F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5ADB3E10-9C65-4081-B08E-13426FF7A95A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5D56892F-86B8-4CAE-88FE-D5DDA118A2E3}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldtjswx.exe |
"{6050E3B5-2583-477B-920C-3F51DABDF227}" = dir=in | app=c:\windows\syswow64\dldtcoms.exe |
"{64722681-DDBC-4450-9968-E4890B38DFF0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{67982E1F-5EE3-4B87-8A94-8EEDBD994FB3}" = protocol=17 | dir=in | app=c:\program files (x86) (x86)\dell v305\dldtamon.exe |
"{6E6E67D7-6D59-4E08-AB91-9366CA46954D}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{6E9BE340-06F6-4966-8894-BDBD7CE8E3FA}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{7B4C2998-2C5B-45E0-AD68-8B0156716455}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7F23CE4F-4049-4C0A-A9B2-4043D320F6B1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8156FEC4-AFD8-4CD7-BBEF-BAC38B9A288A}" = protocol=17 | dir=in | app=c:\program files (x86)\dell v305\dldtmon.exe |
"{841CFF98-EB3E-47CF-84D1-819EA760D246}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{847EC827-D73C-4061-B382-AE696D612D2B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{86193BF0-D88A-457A-90F7-8FAD778D9F68}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{8632CE59-5053-4496-A1C8-DC9A4314E168}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{86978C58-7B3D-4AE0-BAC9-14BAE36B424C}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldtpswx.exe |
"{8CF3D907-7E9A-4DD7-AE7C-E178E82F1921}" = dir=in | app=c:\windows\system32\dldtcoms.exe |
"{90791167-5E30-4559-B845-F4949407F0A3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{916B289F-7114-439C-B7EE-6D1AE1AEF998}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{9293285D-399F-4E5A-8250-5BAD7DFF5371}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{92AE7AAD-59CA-45E7-88B7-36FC7D43B809}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{92C9C02F-95B4-405B-8174-F41CF14BDFD1}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldttime.exe |
"{95B9D40A-5FE3-4B46-B7E4-86D33D181C74}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{99F4B092-4055-4D02-96C5-B6A7F534052E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{9A321B44-B623-4AF8-9BC9-3CCDC8F936E6}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldttime.exe |
"{9C4BB3B8-8070-4B71-9036-83AF7E5E3B78}" = dir=in | app=c:\program files (x86)\dell v305\dldtmon.exe |
"{9C996642-EE14-4870-A6C9-8A272F9B701F}" = protocol=6 | dir=in | app=c:\program files (x86) (x86)\dell v305\frun.exe |
"{A7DF75BB-BDC6-4224-9116-638A0B980041}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A9150651-C5EC-48F1-BB10-3FA1C84FD50B}" = dir=in | app=c:\windows\system32\dldtcoms.exe |
"{AC4498E1-7E1E-4375-A66F-072C0478FF17}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{AD813301-5101-4F91-B503-E3F86D06AC6D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{AE6B0BC0-6810-4E0F-824E-AB5BC2E0221C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{AF827DDA-8CB6-4FFF-BB38-F7CF1D69DA27}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B380808B-F449-4A0A-A728-075C1B8431A9}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BB1645FC-1FD0-49AF-BE21-ED34C5ADFE73}" = protocol=6 | dir=in | app=c:\program files (x86)\dell v305\frun.exe |
"{BC7C793B-32E7-418E-849B-96033D12C1D9}" = dir=in | app=c:\windows\syswow64\dldtcoms.exe |
"{BFD5C7F9-AFD0-4214-8694-AB44EB7CB3BA}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{CD96C6A6-2A24-47DB-89FA-B8E23004577F}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldttime.exe |
"{D0A74D00-37DA-477F-8071-9A344A9833C6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D1B30E30-3CB8-40D2-B929-4CD355E7CC90}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxbycoms.exe |
"{D3FA312E-5492-4CF5-B7CD-CA8D90907FBC}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D468892A-B993-4F05-B816-71707311DE86}" = protocol=17 | dir=in | app=c:\program files (x86)\dell v305\dldtamon.exe |
"{D4B88173-D890-407C-9B3C-745332722767}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldtpswx.exe |
"{DAAAA58E-C738-49F8-AF3F-0DE2C21D6441}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{DAFA95A5-A8E5-4834-AABD-B33E054CA3EE}" = protocol=6 | dir=in | app=c:\program files (x86) (x86)\dell v305\dldtamon.exe |
"{DB4BD161-2E77-4285-AEA6-3272B3F66233}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DB6E3837-A723-4B7B-BC08-FE2F5E105323}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E146C64B-B918-4778-8CEF-BA5ABF4C04AA}" = dir=in | app=c:\program files (x86)\dell v305\dldtamon.exe |
"{E48AB7BB-75F7-428B-BD16-62CB44E02D75}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E5640268-3D02-4BE2-ACE2-A150BEE21FAF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E5827FF2-54DD-49E1-ADF3-BBB7B5A0CFA0}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldtjswx.exe |
"{EA359AF1-4D8A-4AB9-8E2F-4D4CF5E8AB8A}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{EAA73621-AC69-4928-BAB9-FC905A3C1F00}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldttime.exe |
"{F393CB2A-DFA6-4DD9-9AF7-E0F8824C3F22}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F52DE8C9-AB9A-4995-924B-C139F68DBF09}" = protocol=17 | dir=in | app=c:\windows\system32\lxbycoms.exe |
"TCP Query User{10657876-B906-4CCF-9C26-146BB8DCEB6E}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{11F76B2B-AED9-46F2-A3B9-C3F81D293EAB}C:\program files (x86)\entropia universe\bin32\eigc\eigcc_main.exe" = protocol=6 | dir=in | app=c:\program files (x86)\entropia universe\bin32\eigc\eigcc_main.exe |
"TCP Query User{174263AD-35CD-4F53-A470-59203FC6DC20}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"TCP Query User{24851A27-4C14-4DBE-A960-22B661BBC324}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"TCP Query User{36E6E595-99AE-4CC5-BE61-9FB9B2647760}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{532CD915-4358-4544-853B-3BF36D64F852}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{67CDC23C-6DD6-45B1-9ED1-5A6653579A28}C:\program files (x86) (x86)\dell v305\dldtmon.exe" = protocol=6 | dir=in | app=c:\program files (x86) (x86)\dell v305\dldtmon.exe |
"TCP Query User{708CBC31-F6B0-447E-8AA5-889159222E9D}C:\program files (x86) (x86)\dell v305\dldtlscn.exe" = protocol=6 | dir=in | app=c:\program files (x86) (x86)\dell v305\dldtlscn.exe |
"TCP Query User{7C71A13C-F33B-4C85-9879-B7DC340655AD}C:\program files (x86)\entropia universe\bin32\entropia.exe" = protocol=6 | dir=in | app=c:\program files (x86)\entropia universe\bin32\entropia.exe |
"TCP Query User{7E2BE399-A844-4C9E-A555-F1D4CE4397CC}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect 2\binaries\masseffect2.exe |
"TCP Query User{838B01BF-6A25-4EB0-86AD-927123651941}C:\program files (x86) (x86)\dell v305\dldtmon.exe" = protocol=6 | dir=in | app=c:\program files (x86) (x86)\dell v305\dldtmon.exe |
"TCP Query User{AC6EA71F-BD72-43D2-A044-95D1FCFBE6E7}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{ADD17DD9-03C8-465E-B835-87F361A4267F}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{C1184344-C950-4F62-98F7-7D4E36DB3C26}C:\program files (x86)\dell v305\dldtlscn.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell v305\dldtlscn.exe |
"TCP Query User{CDE4E797-43BA-4E1E-B978-A4BCA86EA1A1}C:\program files (x86)\dell v305\dldtmon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell v305\dldtmon.exe |
"TCP Query User{E5212C0E-1DB4-4226-98F0-066D490E3A32}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{F44FD2AA-786B-4E42-8A7A-07BBC7ADF828}C:\program files (x86)\dell v305\dldtlscn.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell v305\dldtlscn.exe |
"UDP Query User{061ABFDD-7135-48D0-B18B-471DB22D898A}C:\program files (x86) (x86)\dell v305\dldtmon.exe" = protocol=17 | dir=in | app=c:\program files (x86) (x86)\dell v305\dldtmon.exe |
"UDP Query User{06CAD136-DECE-4C5D-87C8-4D0D55A8CE42}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{10B4387B-2972-4148-B2BF-4D67A43AF542}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{1EE6AFB8-2510-40A6-8D20-1E8FD5E08044}C:\program files (x86)\dell v305\dldtmon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell v305\dldtmon.exe |
"UDP Query User{3542A2F5-2861-451B-A8D3-B3CE3CA30F7D}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{539E5371-C33E-4F62-AEFD-1C9A38106136}C:\program files (x86)\entropia universe\bin32\eigc\eigcc_main.exe" = protocol=17 | dir=in | app=c:\program files (x86)\entropia universe\bin32\eigc\eigcc_main.exe |
"UDP Query User{6F7AD6FB-D2B5-4453-B751-338B4CE329BD}C:\program files (x86)\activision\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - black ops\blackops.exe |
"UDP Query User{911C52B2-8A3D-4782-90B9-7F2111725C7E}C:\program files (x86)\dell v305\dldtlscn.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell v305\dldtlscn.exe |
"UDP Query User{9972F6C1-E174-4C23-97AF-27CDFED55650}C:\program files (x86) (x86)\dell v305\dldtlscn.exe" = protocol=17 | dir=in | app=c:\program files (x86) (x86)\dell v305\dldtlscn.exe |
"UDP Query User{9B21EF77-FD8C-4ECD-ADA7-59BDA4082653}C:\program files (x86)\dell v305\dldtlscn.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell v305\dldtlscn.exe |
"UDP Query User{A01BAA32-5B77-4B56-8962-DAD12748112C}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"UDP Query User{AB015144-69A4-4FC8-A17A-B8559C732B4E}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{ACB0FF32-934A-47AA-B665-0EC6E3D0F27F}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{C8B22F22-84E3-42EB-8129-123CA7CDD384}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect 2\binaries\masseffect2.exe |
"UDP Query User{D7A46424-137B-43FE-A590-8C6D118433EF}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{E5AA0306-C237-42BC-8D5F-492FC03A3F75}C:\program files (x86)\entropia universe\bin32\entropia.exe" = protocol=17 | dir=in | app=c:\program files (x86)\entropia universe\bin32\entropia.exe |
"UDP Query User{F26D5BB5-07E1-40D9-98C9-F9CB16ACFEA1}C:\program files (x86) (x86)\dell v305\dldtmon.exe" = protocol=17 | dir=in | app=c:\program files (x86) (x86)\dell v305\dldtmon.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{73BA9A8F-6B40-BF79-541E-464156FBA764}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AAA8CA88-8A22-43D1-867F-ABD7944C9815}" = Intel(R) Network Connections 14.3.0.0
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCF07271-A853-4D3A-B668-4B752174CAA8}" = iTunes
"{C5970161-E13E-6661-BBDA-A08268313C83}" = ATI Catalyst Install Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EA0F68A4-CC52-D061-C239-CC54377E9B79}" = ccc-utility64
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"0835126D8556C5A651A6E35F7B0A6B1DC3162631" = Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (06/14/2011 6.0.1.6392)
"7A2A2E10AACD4684FF119E6FEE03EF9CF286B956" = Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (04/06/2011 6.0.1.6343)
"A1181476A82DE4082E2B9482E2FCF2D927BA9534" = Windows Driver Package - AMD (AtiHDAudioService) MEDIA (03/29/2011 6.58.0.6601)
"CCleaner" = CCleaner
"Dell Support Center" = Dell Support Center
"Dell V305" = Dell V305
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Lexmark P910 Series" = Lexmark P910 Series
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PROSetDX" = Intel(R) Network Connections 14.3.0.0
"ReadyDriver Plus_is1" = ReadyDriver Plus 1.1
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Tysoft PDF_is1" = Tysoft PDF (novaPDF 6.3 printer)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A82E70-97F4-3BA9-65DB-692632659387}" = Catalyst Control Center InstallProxy
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B533F34-22BA-4301-BAF8-EA1CEDB06F9E}" = Quake Live Mozilla Plugin
"{0DF30031-F15F-FD36-D9F8-EBC23B901894}" = Catalyst Control Center Graphics Light
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1983E697-AFF8-0850-4193-50252D6FEF50}" = Sky Poker
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{25CFEF55-A945-41FC-86ED-76469F31DF37}" = Nokia Connectivity Cable Driver
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 24
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3921564E-11A7-27AC-8D6F-D5FCA33DD083}" = Skins
"{3ACF7A26-1743-4A84-85F1-2450B35925E4}" = Classic Menu for Office
"{3DE96337-68D2-48E0-A863-6E4A5CD3BC25}" = PC Connectivity Solution
"{3E9016D4-5AD8-3A77-5A75-8C89C68992CD}" = Catalyst Control Center Graphics Previews Vista
"{41888B21-922B-4241-4594-EF1E6828A72B}" = BBC iPlayer Desktop
"{47D0C5E6-9FBA-49DB-8F88-BFAA5BA38646}" = Microsoft Math Add-in for Word 2007
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CA10D13-F83A-487E-9B30-CC979FEF7A70}" = OviMPlatform
"{54169E5E-62BE-4229-AD18-5AD2EA88A8CE}_is1" = Assassin's Creed II
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}" = Skype™ 4.2
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{6331C6C0-3754-E910-7113-5013355C8E47}" = CCC Help English
"{6339663B-F26F-4FE3-B813-0E1DEC4ED976}" = Nokia Ovi Suite
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A90C837-054E-44AE-B9BD-1B1F87986BBC}" = Folding@home-gpu
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6B7CEA10-4694-4FC3-B761-9DBFD50B8F2A}" = Client Settings Tool
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{7596C248-4816-4C6F-8AAC-D8C81F2B4B49}" = HD View
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005124}" = RoyalChallengeSolitaire
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87DF5956-A327-4304-8338-8E2B0AAB843E}" = BlackBerry Desktop Software 6.0.2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95C3927C-C899-C5D8-0EA7-67895FC979B2}" = ccc-core-static
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F73FDEF-DDC1-4307-9D96-13AB3254641A}_is1" = Doctor Who: The Adventure Games
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F7FCEF-3CA6-4CE9-8FEA-8BB18F8686F0}" = Nokia Ovi Suite Software Updater
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B88A3C98-CB4D-E3C2-DE49-EDAF1DC55CC1}" = CCC Help English
"{B9C73F69-63B7-552D-72D8-3C22B6B1A3E7}" = Catalyst Control Center Graphics Full New
"{BD202930-5F70-4B35-B875-1E28604F328D}" = Logitech Communications Manager
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BEF7FC5C-0182-4DDE-BDDD-F7D132AB833D}" = Ovi Desktop Sync Engine
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFC1C90B-E9A4-F656-BCA2-2A71ECCBD8F5}" = Catalyst Control Center Graphics Full Existing
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D85A387E-6EC0-40E5-9D89-A148B3E93968}_is1" = Mass Effect 2
"{DBE73977-170A-4742-AB28-CA41B06A63AA}_is1" = The Witcher Enhanced Edition
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E01A8BFE-96AB-FEA3-4A3B-EEF9849D1E24}" = Catalyst Control Center Graphics Previews Common
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{ED4B50B7-C06B-57FE-7985-AA83DDBEEEF5}" = Catalyst Control Center Graphics Previews Common
"{F01A9563-2A27-6ABC-2E04-03B7873DF7E0}" = Catalyst Control Center InstallProxy
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F569596C-049F-BF15-E0A9-B7605D9B181E}" = Catalyst Control Center Core Implementation
"{f5bfcf18-a8e6-4a03-91c3-89c131537755}}_is1" = Death Track: Resurrection Demo
"{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1033}" = Nero 7 Ultra Edition
"{F9247A02-4B91-467B-90F5-2D006439EF27}" = Motorola Phone Tools
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Aiseesoft Blu-ray Ripper_is1" = Aiseesoft Blu-ray Ripper
"avast" = avast! Free Antivirus
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"Belarc Advisor" = Belarc Advisor 8.1
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0.2
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.orbis.air.SkyPoker.7C82499D7E4526CADD9D1D1B010AFE250A7BEC27.1" = Sky Poker
"Deus Ex" = Deus Ex
"EasyCert" = EasyCert
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Entropia Universe" = Entropia Universe
"Entropia Universe10.6.4.39182" = Entropia Universe
"ERUNT_is1" = ERUNT 1.1j
"EVE" = EVE Online (remove only)
"ffdshow_is1" = ffdshow [rev 2653] [2009-02-03]
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"GoToAssist" = GoToAssist Corporate
"king.com" = king.com (remove only)
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox 5.0 (x86 en-GB)" = Mozilla Firefox 5.0 (x86 en-GB)
"NirSoft BlueScreenView" = NirSoft BlueScreenView
"NLOP" = NLOP
"Nokia Ovi Suite" = Nokia Ovi Suite
"PC Matic_is1" = PC Matic 1.1.0.33
"PC Pitstop Download Nitro_is1" = PC Pitstop Download Nitro 1.2
"PC Pitstop Optimize2_is1" = PC Pitstop Optimize2 2.0
"PC Pitstop Optimize3_is1" = PC Pitstop Optimize3 3.0
"PokerStars" = PokerStars
"Portforward Static IP Address" = Portforward Static IP Address 1.0.45
"PunkBusterSvc" = PunkBuster Services
"SpeedFan" = SpeedFan (remove only)
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Tomb Raider: Anniversary" = Tomb Raider: Anniversary 1.0
"TomTom HOME" = TomTom HOME 2.7.2.1825
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
"ViGlance" = ViGlance
"virginmediatoolbar" = Virgin Media Toolbar
"VLC media player" = VLC media player 1.0.5
"WinAVI All in One Converter" = WinAVI All in One Converter
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"23466595be5698ec" = Entropia Tracker Suite
"27f0a5135f96fdf4" = Entropia Screen Grabber
"613631490.skyplayer.sky.com" = Sky Player Desktop
"AI RoboForm" = AI RoboForm
"e5e57f273bd64ee3" = AutoScreen
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 15/01/2010 23:27:24 | Computer Name = brian-PC | Source = avast! | ID = 33554522
Description =

Error - 24/02/2010 19:43:27 | Computer Name = brian-PC | Source = avast! | ID = 33554522
Description =

Error - 15/03/2010 07:04:50 | Computer Name = brian-PC | Source = avast! | ID = 33554522
Description =

Error - 17/03/2010 11:06:01 | Computer Name = brian-PC | Source = avast! | ID = 33554522
Description =

Error - 17/03/2010 19:16:47 | Computer Name = brian-PC | Source = avast! | ID = 33554522
Description =

Error - 19/03/2010 09:02:20 | Computer Name = brian-PC | Source = avast! | ID = 33554522
Description =

Error - 24/03/2010 00:34:53 | Computer Name = brian-PC | Source = avast! | ID = 33554522
Description =

Error - 24/03/2010 18:53:31 | Computer Name = brian-PC | Source = avast! | ID = 33554522
Description =

Error - 25/03/2010 20:13:05 | Computer Name = brian-PC | Source = avast! | ID = 33554522
Description =

Error - 26/03/2010 03:11:41 | Computer Name = brian-PC | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 06/07/2011 13:23:04 | Computer Name = brian-PC | Source = Perflib | ID = 1023
Description =

Error - 06/07/2011 13:23:04 | Computer Name = brian-PC | Source = Perflib | ID = 1008
Description =

Error - 07/07/2011 02:02:21 | Computer Name = brian-PC | Source = WinMgmt | ID = 10
Description =

Error - 07/07/2011 02:02:34 | Computer Name = brian-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 07/07/2011 06:00:02 | Computer Name = brian-PC | Source = Perflib | ID = 1010
Description =

Error - 07/07/2011 06:00:03 | Computer Name = brian-PC | Source = Perflib | ID = 1008
Description =

Error - 07/07/2011 06:00:06 | Computer Name = brian-PC | Source = PC-Doctor | ID = 1
Description = (4660) Asapi: (11:00:06:0520)(4660) CSPinvoke - Error -- 461 Exception
in C# layer (asapicsharp_wrap.cxx, line 41121; threadid = 4612): License authentication
result = FAIL; reasons = SIGNATURE_CHECK Stack Trace: !!! Stack Trace exceptions
not supported in 64-bit. !!! (end stack trace) ***** NOTE *****: Use stacktraceparser.exe
to translate the instruction offsets into function names.

Error - 07/07/2011 06:56:49 | Computer Name = brian-PC | Source = Application Error | ID = 1000
Description = Faulting application Updater.exe, version 1.0.0.16749, time stamp
0x4dd2d92c, faulting module kernel32.dll, version 6.0.6002.18005, time stamp 0x49e038c0,
exception code 0xe06d7363, fault offset 0x0001e124, process id 0xd68, application
start time 0x01cc3c6b8519bef0.

Error - 07/07/2011 15:43:59 | Computer Name = brian-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 07/07/2011 15:44:02 | Computer Name = brian-PC | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 03/01/2011 13:14:31 | Computer Name = brian-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 31/01/2011 03:19:52 | Computer Name = brian-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 43
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 06/07/2011 06:21:26 | Computer Name = brian-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 06/07/2011 14:28:22 | Computer Name = brian-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 06/07/2011 17:55:14 | Computer Name = brian-PC | Source = DCOM | ID = 10010
Description =

Error - 07/07/2011 02:02:21 | Computer Name = brian-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 07/07/2011 02:03:17 | Computer Name = brian-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 07/07/2011 02:04:31 | Computer Name = brian-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 07/07/2011 15:41:13 | Computer Name = brian-PC | Source = DCOM | ID = 10010
Description =

Error - 07/07/2011 15:44:02 | Computer Name = brian-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 07/07/2011 15:44:18 | Computer Name = brian-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 07/07/2011 15:45:47 | Computer Name = brian-PC | Source = Service Control Manager | ID = 7001
Description =


< End of report >

 

Moved to Malware Removal!

 

hi starbuck, i couldnt run aswMBR it caused a bsod twice

 

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\doctor who - the adventure games\data\episode_3\fx\glass_crack2.epc
c:\users\brian\downloads\nero 7 ultra edition enhanced xp & vista + keygen [scottayb]\ahead nero 7.5.9.0 ultra edition enhanced.exe
c:\users\brian\downloads\nero 7 ultra edition enhanced xp & vista + keygen [scottayb]\nero-7.10.1.2_all_update.exe
c:\users\brian\downloads\nero 7 ultra edition enhanced xp & vista + keygen [scottayb]\read me.txt
c:\users\brian\downloads\nero 7 ultra edition enhanced xp & vista + keygen [scottayb]\torrent_downloaded_from_demonoid.com.txt
c:\users\brian\downloads\windows xp crack\antiwpa3.cmd
c:\users\brian\downloads\windows xp crack\copy of sfig.nfo
c:\users\brian\downloads\windows xp crack\index.php
c:\users\brian\downloads\windows xp crack\read first.txt
c:\users\brian\downloads\windows xp crack\torrent downloaded from demonoid.com.txt
scanner sequence 3.DF.11.HKAPDQ
----- EOF -----


Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-F4GJK-KG77H-B9HD2
Windows Product Key Hash: iJAth4TbScMi8HdcPurlASXdEkw=
Windows Product ID: 89583-OEM-7332157-00204
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.0.6002.2.00010300.2.0.003
ID: {AA31EF2A-E5D6-40C0-AA31-0FC361507986}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows Vista (TM) Home Premium
Architecture: 0x00000009
Build lab: 6002.vistasp2_gdr.101014-0432
TTS Error: M:20110707222810892-
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
OGA Version: Registered, 1.7.111.0
Signed By: Microsoft
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{AA31EF2A-E5D6-40C0-AA31-0FC361507986}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6002.2.00010300.2.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-B9HD2</PKey><PID>89583-OEM-7332157-00204</PID><PIDType>2</PIDType><SID>S-1-5-21-2745690858-3012756604-1693901827</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Studio XPS 435MT</Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>1.0.2</Version><SMBIOSVersion major="2" minor="5"/><Date>20081114000000.000000+000</Date></BIOS><HWID>E9303507018400FE</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name>< ame><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>FX09 </OEMTableID></OEM><GANotification><File Name="OGAAddin.dll" Version="1.7.105.35"/><File Name="OGAVerify.exe" Version="1.7.105.35"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE} <LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>7480B9502DF0D86</Val><Hash>oYWOW5ayFE3pZ+jvTpuXYsY64JE=</Hash><Pid>89388-707-8722531-65425</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Spsys.log Content: U1BMRwEAAAAAAQAACAAAAPMVAAAAAAAAYWECAGD6//+AmjCg3/3LARhy9171jCizkdIEkQaJZ67dUAlgBwC0EKPRyoMq4us/ROtIDu6XDaTcBaKrpu65oyd7IPmIgITKmLNv1wD2WLbPvM725bPz4hofj4LRfhvmil2IWvr6h0zx9j4wRKR/p4qaMVS50xsGhTiu2v3HTjLlzsauw1rN6YPtvvhlgmsOaDbvMnTA1onDIC8xbfNWgsGxBpop0WwiuBXa5HXuzs1OU5kpI4Km83cHZMn5BmY2HdKPD8tNYkwP34K9Ekif+jOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwYcvde9Ywos5HSBJEGiWeuIaeAIRJpaGlI6tMooak5Sdl7KmJ30ymEjGw/YURjYC8neyD5iICEypizb9cA9li2Lx+zhAcUZAW3K2GKOw9Z9opdiFr6+odM8fY+MESkf6eKmjFUudMbBoU4rtr9x04y5c7GrsNazemD7b74ZYJrDmg27zJ0wNaJwyAvMW3zVoLBsQaaKdFsIrgV2uR17s7NTlOZKSOCpvN3B2TJ+QZmNh3Sjw/LTWJMD9+CvRJIn/ozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMGHL3XvWMKLOR0gSRBolnrtJ1kqTEIvq6BwTno+7xudyPwKL2uqKSGAo94uhZ2sltJ3sg+YiAhMqYs2/XAPZYtkT6O1t/ZCsGqZEjjmVBnwiKXYha+vqHTPH2PjBEpH+nipoxVLnTGwaFOK7a/cdOMuXOxq7DWs3pg+2++GWCaw5oNu8ydMDWicMgLzFt81aCwbEGminRbCK4Fdrkde7OzU5TmSkjgqbzdwdkyfkGZjYd0o8Py01iTA/fgr0SSJ/6M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDBhy9171jCizkdIEkQaJZ66FDrTBWvxHMbISX3xVEUMlxixsqG2t0n5g3q9dthb/jid7IPmIgITKmLNv1wD2WLYzB89ManKcaZcZk3YmZ3/Dil2IWvr6h0zx9j4wRKR/p4qaMVS50xsGhTiu2v3HTjLlzsauw1rN6YPtvvhlgmsOaDbvMnTA1onDIC8xbfNWgsGxBpop0WwiuBXa5HXuzs1OU5kpI4Km83cHZMn5BmY2HdKPD8tNYkwP34K9Ekif+jOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwYcvde9Ywos5HSBJEGiWeu2128h7spSaikncYiogaQ57JPJwSURh5RQaAtEVCBtpYneyD5iICEypizb9cA9li23U4tsmMomMjVfzV544VUT4pdiFr6+odM8fY+MESkf6eKmjFUudMbBoU4rtr9x04y5c7GrsNazemD7b74ZYJrDmg27zJ0wNaJwyAvMW3zVoLBsQaaKdFsIrgV2uR17s7NTlOZKSOCpvN3B2TJ+QZmNh3Sjw/LTWJMD9+CvRJIn/ozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMGHL3XvWMKLOR0gSRBolnrjmSgnL9LhHi0LYlB/dKhUSNo+Kf6sTXZxOFEk9zeNO9J3sg+YiAhMqYs2/XAPZYtm3CASXAyH+1PnQWaAE6owaKXYha+vqHTPH2PjBEpH+nipoxVLnTGwaFOK7a/cdOMuXOxq7DWs3pg+2++GWCaw5oNu8ydMDWicMgLzFt81aCwbEGminRbCK4Fdrkde7OzU5TmSkjgqbzdwdkyfkGZjYd0o8Py01iTA/fgr0SSJ/6M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDBhy9171jCizkdIEkQaJZ67tAf8lGaJXeOpDzS7NCvpith0uZ+SHb9eHnH7I8limLSd7IPmIgITKmLNv1wD2WLai667S3kAzH7oP3l31IRZHil2IWvr6h0zx9j4wRKR/p4qaMVS50xsGhTiu2v3HTjLlzsauw1rN6YPtvvhlgmsOaDbvMnTA1onDIC8xbfNWgsGxBpop0WwiuBXa5HXuzs1OU5kpI4Km83cHZMn5BmY2HdKPD8tNYkwP34K9Ekif+jOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwYcvde9Ywos5HSBJEGiWeumYVIg1O5WoJM5377HcMOfuol1EpMCWxPWgutn9a0p30neyD5iICEypizb9cA9li2uezVqoSWFVpoa/1UnghOy4pdiFr6+odM8fY+MESkf6eKmjFUudMbBoU4rtr9x04y5c7GrsNazemD7b74ZYJrDmg27zJ0wNaJwyAvMW3zVoLBsQaaKdFsIrgV2uR17s7NTlOZKSOCpvN3B2TJ+QZmNh3Sjw/LTWJMD9+CvRJIn/ozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMGHL3XvWMKLOR0gSRBolnrrQ9G1rUD5miVCLugWJZzGuX/wyTGl6fEzjCEat64oLSJ3sg+YiAhMqYs2/XAPZYtkPy+5+jTmUcDrTB6k5Dj0WKXYha+vqHTPH2PjBEpH+nipoxVLnTGwaFOK7a/cdOMuXOxq7DWs3pg+2++GWCaw5oNu8ydMDWicMgLzFt81aCwbEGminRbCK4Fdrkde7OzU5TmSkjgqbzdwdkyfkGZjYd0o8Py01iTA/fgr0SSJ/6M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDBhy9171jCizkdIEkQaJZ64zrLTxoGdxs8fYz9Emv2QeJUmnhUvjq9yDwaL/D3Lsyid7IPmIgITKmLNv1wD2WLY+MOKq7uOR/ti1s0ru95uMil2IWvr6h0zx9j4wRKR/p4qaMVS50xsGhTiu2v3HTjLlzsauw1rN6YPtvvhlgmsOaDbvMnTA1onDIC8xbfNWgsGxBpop0WwiuBXa5HXuzs1OU5kpI4Km83cHZMn5BmY2HdKPD8tNYkwP34K9Ekif+jOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwYcvde9Ywos5HSBJEGiWeu846XKGvVzH6HogkP4hQMQN42tYLl1dAZ4DNRBZMMLNoneyD5iICEypizb9cA9li22lAd5MPKpXUoTah78/Ab74pdiFr6+odM8fY+MESkf6eKmjFUudMbBoU4rtr9x04y5c7GrsNazemD7b74ZYJrDmg27zJ0wNaJwyAvMW3zVoLBsQaaKdFsIrgV2uR17s7NTlOZKSOCpvN3B2TJ+QZmNh3Sjw/LTWJMD9+CvRJIn/ozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMGHL3XvWMKLOR0gSRBolnrltUt3m/E1acegk6mQAjiSLxGO8dn+s94aPago6Ry5uhJ3sg+YiAhMqYs2/XAPZYtsNcNNurR21v7p72Agzhd3OKXYha+vqHTPH2PjBEpH+nipoxVLnTGwaFOK7a/cdOMuXOxq7DWs3pg+2++GWCaw5oNu8ydMDWicMgLzFt81aCwbEGminRbCK4Fdrkde7OzU5TmSkjgqbzdwdkyfkGZjYd0o8Py01iTA/fgr0SSJ/6M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDBhy9171jCizkdIEkQaJZ67QwdGRP5aGpKK0oLmmPFv5D0RGxVKnQuzKDVao/Vjoeid7IPmIgITKmLNv1wD2WLbdTi2yYyiYyNV/NXnjhVRPil2IWvr6h0zx9j4wRKR/p4qaMVS50xsGhTiu2v3HTjLlzsauw1rN6YPtvvhlgmsOaDbvMnTA1onDIC8xbfNWgsGxBpop0WwiuBXa5HXuzs1OU5kpI4Km83cHZMn5BmY2HdKPD8tNYkwP34K9Ekif+jOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwYcvde9Ywos5HSBJEGiWeu4eAFa73xcHBUfHz5evshSATlC3JmZXaMDF/HYZgz1d4neyD5iICEypizb9cA9li2dRU+O+ck64fAFZbIXw3Ht4pdiFr6+odM8fY+MESkf6eKmjFUudMbBoU4rtr9x04y5c7GrsNazemD7b74ZYJrDmg27zJ0wNaJwyAvMW3zVoLBsQaaKdFsIrgV2uR17s7NTlOZKSOCpvN3B2TJ+QZmNh3Sjw/LTWJMD9+CvRJIn/ozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMGHL3XvWMKLOR0gSRBolnrpmFSINTuVqCTOd++x3DDn7z8eamZP8gAgFlyiiNMs6NJ3sg+YiAhMqYs2/XAPZYtn02Cy1Qprak6Qf+FQTya/6KXYha+vqHTPH2PjBEpH+nipoxVLnTGwaFOK7a/cdOMuXOxq7DWs3pg+2++GWCaw5oNu8ydMDWicMgLzFt81aCwbEGminRbCK4Fdrkde7OzU5TmSkjgqbzdwdkyfkGZjYd0o8Py01iTA/fgr0SSJ/6M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDBhy9171jCizkdIEkQaJZ64FMg6mtEuBMdLuSA4X1DQHLGzBrvyS5Kh51nLR+KOpryd7IPmIgITKmLNv1wD2WLbU4u05W3tfOsCQ4WlGBlkcil2IWvr6h0zx9j4wRKR/p4qaMVS50xsGhTiu2v3HTjLlzsauw1rN6YPtvvhlgmsOaDbvMnTA1onDIC8xbfNWgsGxBpop0WwiuBXa5HXuzs1OU5kpI4Km83cHZMn5BmY2HdKPD8tNYkwP34K9Ekif+jOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwYcvde9Ywos5HSBJEGiWeuuA+ScFc54BgkvipuTtAmvNeVWzH9dBd1N8ahXbhoIDgneyD5iICEypizb9cA9li2a8RbdFHv4dgEj5e4jbfIfYpdiFr6+odM8fY+MESkf6eKmjFUudMbBoU4rtr9x04y5c7GrsNazemD7b74ZYJrDmg27zJ0wNaJwyAvMW3zVoLBsQaaKdFsIrgV2uR17s7NTlOZKSOCpvN3B2TJ+QZmNh3Sjw/LTWJMD9+CvRJIn/ozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMGHL3XvWMKLOR0gSRBolnrpGy4q1F688MSNtmRbg7klQZBZ7cPvjZl99VRS6v1CkfJ3sg+YiAhMqYs2/XAPZYtlRcaXVYYfOXVFw0jb8yYziKXYha+vqHTPH2PjBEpH+nipoxVLnTGwaFOK7a/cdOMuXOxq7DWs3pg+2++GWCaw5oNu8ydMDWicMgLzFt81aCwbEGminRbCK4Fdrkde7OzU5TmSkjgqbzdwdkyfkGZjYd0o8Py01iTA/fgr0SSJ/6M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDBhy9171jCizkdIEkQaJZ67ahxyMFdIg1EHmZSrFOWdNdCEWFS/x5WWlE/mnD7PWryd7IPmIgITKmLNv1wD2WLbKVrligNyf20JzfDkN7DtCil2IWvr6h0zx9j4wRKR/p4qaMVS50xsGhTiu2v3HTjLlzsauw1rN6YPtvvhlgmsOaDbvMnTA1onDIC8xbfNWgsGxBpop0WwiuBXa5HXuzs1OU5kpI4Km83cHZMn5BmY2HdKPD8tNYkwP34K9Ekif+jOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwYcvde9Ywos5HSBJEGiWeuSXo690sIeS4DOJoocVsc9FwvYwMCrbjiWJGiPPR5qMoneyD5iICEypizb9cA9li2ho5pD2L4xULqb+JeY4ztvopdiFr6+odM8fY+MESkf6eKmjFUudMbBoU4rtr9x04y5c7GrsNazemD7b74ZYJrDmg27zJ0wNaJwyAvMW3zVoLBsQaaKdFsIrgV2uR17s7NTlOZKSOCpvN3B2TJ+QZmNh3Sjw/LTWJMD9+CvRJIn/ozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMGHL3XvWMKLOR0gSRBolnrtCFxJXRXOx5coFnHUYgGiwzezynk1Quw/WmP4xD8UUAJ3sg+YiAhMqYs2/XAPZYtlIIR/ouDjVqyJN6mc9Wg/CKXYha+vqHTPH2PjBEpH+nipoxVLnTGwaFOK7a/cdOMuXOxq7DWs3pg+2++GWCaw5oNu8ydMDWicMgLzFt81aCwbEGminRbCK4Fdrkde7OzU5TmSkjgqbzdwdkyfkGZjYd0o8Py01iTA/fgr0SSJ/6M5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDBhy9171jCizkdIEkQaJZ67UMM4dTpydgKnlbuS8lPOxQSFAgMvKe2rkocA4rPhi7Sd7IPmIgITKmLNv1wD2WLYl16uDcitihi4Vro7m/xxQil2IWvr6h0zx9j4wRKR/p4qaMVS50xsGhTiu2v3HTjLlzsauw1rN6YPtvvhlgmsOaDbvMnTA1onDIC8xbfNWgsGxBpop0WwiuBXa5HXuzs1OU5kpI4Km83cHZMn5BmY2HdKPD8tNYkwP34K9Ekif+jOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwYcvde9Ywos5HSBJEGiWeu8cs6cZs4vt/jFSMrxZxw5GUslz3JbmGm7sep+WgDrPsneyD5iICEypizb9cA9li2ouuu0t5AMx+6D95d9SEWR4pdiFr6+odM8fY+MESkf6eKmjFUudMbBoU4rtr9x04y5c7GrsNazemD7b74ZYJrDmg27zJ0wNaJwyAvMW3zVoLBsQaaKdFsIrgV2uR17s7NTlOZKSOCpvN3B2TJ+QZmNh3Sjw/LTWJMD9+CvRJIn/ozkNYn29bLc66sfsN1jWgMM5DWJ9vWy3OurH7DdY1oDDOQ1ifb1stzrqx+w3WNaAwzkNYn29bLc66sfsN1jWgMGHL3XvWMKLOR0gSRBolnrogUpMrwmU5YYxM+0CyYtvEwjvrFKfTntSJ+Ycmr1fo9J3sg+YiAhMqYs2/XAPZYtsxutx2Rv1OgFFdq6DXRBSmKXYha+vqHTPH2PjBEpH+nipoxVLnTGwaFOK7a/cdOMuXOxq7DWs3pg+2++GWCaw5oNu8ydMDWicMgLzFt81a

Licensing Data-->
Software licensing service version: 6.0.6002.18005
Name: Windows(TM) Vista, HomePremium edition
Description: Windows Operating System - Vista, OEM_SLP channel
Activation ID: bffdc375-bbd5-499d-8ef1-4f37b61c895f
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 89583-00146-321-500204-02-2057-6001.0000-0272009
Installation ID: 020752770584243710966316936263305322772575170515687184
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43473
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43474
Use License URL: http://go.microsoft.com/fwlink/?LinkID=43476
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43475
Partial Product Key: B9HD2
License Status: Licensed

Windows Activation Technologies-->
N/A

HWID Data-->
HWID Hash Current: OgAAAAIABAABAAEAAgACAAAAAgABAAEAonYaf/zzbYY2+OhlRryENEKtArflZvL0mojqt6r+rFbqgg==

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20000
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC DELL FX09
FACP DELL FX09
HPET DELL OEMHPET
MCFG DELL OEMMCFG
SLIC DELL FX09
OSFR DELL FX09
OEMB DELL FX09
SSDT DpgPmm CpuPm