Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

malware removed then PC running really slow

Started by gasmanuk , Jun 22 2011 01:58 PM

  • Please log in to reply

#1
gasmanuk
Posted 22 June 2011 - 01:58 PM

gasmanuk

    Member

  • Member
  • PipPip
  • 42 posts
Hi Guys
I seem to have a problem with malware or virus I can’t be sure. I keep getting Trojans and not long ago had a blue screen fault. After running malwarebytes and AVG they stopped but my PC and internet explorer especially run really slow. I’m just assuming its a malware problem and not hardware as the its just happened around the same time as the malware problem

Thanks for your help in advance


OTL logfile created on: 22/06/2011 20:39:24 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 43.17% Memory free
4.22 Gb Paging File | 2.55 Gb Available in Paging File | 60.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 325.33 Gb Total Space | 97.55 Gb Free Space | 29.99% Space Free | Partition Type: NTFS
Drive D: | 10.02 Gb Total Space | 1.36 Gb Free Space | 13.54% Space Free | Partition Type: NTFS
Drive E: | 180.65 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 449.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive K: | 1863.01 Gb Total Space | 1812.42 Gb Free Space | 97.28% Space Free | Partition Type: NTFS

Computer Name: PAUL-PC | User Name: Paul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/22 20:36:56 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Downloads\OTL.exe
PRC - [2011/03/15 09:14:20 | 002,071,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2011/01/05 23:23:48 | 000,222,568 | ---- | M] (Teruten) -- C:\WINDOWS\System32\FsUsbExService.Exe
PRC - [2011/01/05 23:19:02 | 003,370,296 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2010/12/21 08:48:50 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe
PRC - [2010/11/24 14:11:22 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/09/28 00:03:24 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/07/23 09:19:15 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/07/20 23:48:17 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/07/20 23:48:12 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/07/20 23:47:25 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/01/20 17:49:04 | 000,308,640 | ---- | M] (Panasonic Corporation) -- C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
PRC - [2009/10/11 05:17:45 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/08/30 19:13:55 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\service\st330service.exe
PRC - [2008/01/19 08:33:27 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
PRC - [2008/01/15 11:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007/06/15 13:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe
PRC - [2007/04/18 16:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/04/13 17:55:34 | 000,288,256 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files\Portrait Displays\forteManager\dthtml.exe
PRC - [2007/04/13 17:53:40 | 000,073,728 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2007/04/13 17:52:54 | 000,110,592 | ---- | M] (Portrait Displays Inc.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
PRC - [2007/02/15 12:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006/11/02 13:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wpcumi.exe
PRC - [2006/09/28 10:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/05/24 07:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\System32\StkASv2K.exe


========== Modules (SafeList) ==========

MOD - [2011/06/22 20:36:56 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Downloads\OTL.exe
MOD - [2010/08/31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
MOD - [2010/07/20 23:49:14 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (RPCER) Remote Procedure Call (HNM)
SRV - [2011/01/05 23:23:48 | 000,222,568 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/07/23 09:19:15 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/07/20 23:47:25 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2008/08/30 19:13:55 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) [Auto | Running] -- C:\Program Files\Thomson\ST330\service\st330service.exe -- (st330service)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/15 13:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\System32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2007/04/13 17:53:40 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2006/09/28 10:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/24 07:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\WINDOWS\System32\StkASv2K.exe -- (StkASSrv)


========== Driver Services (SafeList) ==========

DRV - [2011/05/06 10:12:09 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2011/01/05 23:23:40 | 000,042,112 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/12/21 06:55:02 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/12/21 06:55:02 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2010/12/21 06:55:02 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/07/20 23:49:01 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/07/20 23:48:59 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2008/09/26 13:30:54 | 000,651,264 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2008/07/28 18:19:28 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/04/11 22:45:36 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\st330.sys -- (ST330)
DRV - [2008/04/11 22:45:36 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\stbus.sys -- (STBUS)
DRV - [2008/04/11 22:17:22 | 000,035,328 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\stppp.sys -- (stppp)
DRV - [2008/02/14 06:56:02 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006/11/16 17:20:48 | 000,015,920 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\PdiPorts.sys -- (PdiPorts)
DRV - [2006/09/27 04:01:36 | 000,241,628 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StkAMini.sys -- (StkAMini)
DRV - [2006/08/02 07:44:04 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StkScan.sys -- (StkScan)
DRV - [2006/02/20 20:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2005/09/24 00:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MarvinBus.sys -- (MarvinBus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ario&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ario&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/26 06:39:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/09 22:41:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/05/09 22:42:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions
[2011/05/09 22:44:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\pkq8i87a.default\extensions
[2011/05/09 22:41:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\USERS\PAUL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PKQ8I87A.DEFAULT\EXTENSIONS\{DA8BD68D-8E90-41CD-8345-A71B294E72E6}.XPI
[2009/09/02 21:14:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/04/14 17:41:09 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 09:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 09:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll (BitComet)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\FMV5\msdxm.ocx (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DT LGE] C:\Program Files\Portrait Displays\forteManager\DTHtml.exe (Portrait Displays, Inc)
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [NBKeyScan] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [WPCUMI] C:\WINDOWS\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] File not found
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - File not found
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll (BitComet)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1B735B98-8010-11D5-AD0B-00500463D885} http://www.partsaren...IMIESRCHie7.cab (SearchCD Control)
O16 - DPF: {36C17E9B-3354-11D1-95CF-0000B4530F04} http://www.partsaren...ins/GFXVIEW.cab (GrafixViewControl)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Program Files\FMV5\msdxm.ocx (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Paul\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Paul\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/03 20:55:33 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/02/28 15:22:47 | 000,000,000 | ---D | M] - E:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2005/02/18 16:21:08 | 000,327,680 | R--- | M] () - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2005/02/10 18:59:44 | 000,000,051 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010/12/06 13:52:16 | 000,000,000 | RH-D | M] - K:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 19:56:50 | 000,000,036 | RH-- | M] () - K:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{5747bd5f-07f5-11dd-9dc8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5747bd5f-07f5-11dd-9dc8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2005/02/18 16:21:08 | 000,327,680 | R--- | M] ()
O33 - MountPoints2\{a422254f-7e6d-11df-a590-a6c0388bc0de}\Shell - "" = AutoRun
O33 - MountPoints2\{a422254f-7e6d-11df-a590-a6c0388bc0de}\Shell\AutoRun\command - "" = L:\iStudio.exe
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/20 20:58:59 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011/06/19 15:45:45 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{80368266-1363-4997-B427-02AC780B1ED4}
[2011/06/19 15:41:48 | 000,000,000 | ---D | C] -- C:\ProgramData\eE28258CoOcJ28258
[2 C:\Users\Paul\*.tmp files -> C:\Users\Paul\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Paul\AppData\Local\*.tmp files -> C:\Users\Paul\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/22 20:40:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{DC7EC6D7-C97F-449F-84F2-85E1476C69B4}.job
[2011/06/22 20:27:23 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/06/22 20:27:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/22 20:22:32 | 000,003,696 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/22 20:22:32 | 000,003,696 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/22 20:15:06 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/22 11:15:58 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/22 11:15:58 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/22 09:54:16 | 078,401,855 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2011/06/20 22:22:36 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011/06/20 22:22:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/20 22:22:22 | 2138,431,488 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/20 22:01:07 | 000,084,156 | ---- | M] () -- C:\Users\Paul\Documents\ram2.pdf
[2011/06/20 22:00:12 | 000,062,474 | ---- | M] () -- C:\Users\Paul\Documents\ram.pdf
[2011/06/19 16:39:18 | 000,000,690 | ---- | M] () -- C:\Users\Paul\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/06/19 15:46:42 | 000,000,000 | ---- | M] () -- C:\Users\Paul\AppData\Local\Gdatisohunirum.bin
[2011/06/13 16:26:52 | 000,000,680 | ---- | M] () -- C:\Users\Paul\AppData\Local\d3d9caps.dat
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/26 14:59:05 | 000,077,824 | ---- | M] () -- C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/24 22:46:28 | 220,445,914 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2 C:\Users\Paul\*.tmp files -> C:\Users\Paul\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Paul\AppData\Local\*.tmp files -> C:\Users\Paul\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/20 22:01:07 | 000,084,156 | ---- | C] () -- C:\Users\Paul\Documents\ram2.pdf
[2011/06/20 22:00:12 | 000,062,474 | ---- | C] () -- C:\Users\Paul\Documents\ram.pdf
[2011/05/11 14:41:19 | 000,000,990 | -HS- | C] () -- C:\Users\Paul\AppData\Roaming\systemfl.$dk
[2011/04/03 15:25:45 | 000,000,034 | -H-- | C] () -- C:\Windows\System32\VideoConverter_sysquict.dat
[2011/04/03 14:59:44 | 000,011,438 | -HS- | C] () -- C:\Users\Paul\AppData\Local\704g2smt3les0vhg27bh254kl6878srlwy60
[2011/04/03 14:59:44 | 000,011,438 | -HS- | C] () -- C:\ProgramData\704g2smt3les0vhg27bh254kl6878srlwy60
[2011/02/21 23:11:09 | 000,000,130 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\wklnhst.dat
[2011/01/12 12:58:54 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011/01/12 12:58:54 | 000,042,112 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011/01/04 17:10:58 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/01/04 17:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/01/04 17:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/01/04 17:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/01/04 17:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010/11/15 15:02:40 | 000,015,312 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2010/10/11 14:05:55 | 000,000,120 | ---- | C] () -- C:\Users\Paul\AppData\Local\Obetab.dat
[2010/10/11 14:05:55 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\Gdatisohunirum.bin
[2010/06/02 10:51:59 | 000,000,552 | ---- | C] () -- C:\Users\Paul\AppData\Local\d3d8caps.dat
[2010/05/11 11:55:55 | 000,007,136 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2010/03/15 12:55:49 | 000,161,452 | ---- | C] () -- C:\Windows\hpoins46.dat.temp
[2010/03/15 12:55:49 | 000,000,532 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp
[2010/02/03 11:58:49 | 000,205,868 | ---- | C] () -- C:\Windows\hpoins46.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/11 04:02:28 | 000,000,532 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2008/08/30 18:24:20 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/08/30 18:24:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/08/05 23:08:43 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/06/21 21:43:33 | 000,000,680 | ---- | C] () -- C:\Users\Paul\AppData\Local\d3d9caps.dat
[2008/06/01 18:14:11 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2008/04/13 18:21:14 | 000,047,104 | ---- | C] () -- C:\Windows\System32\Wh2Robo.dll
[2008/04/11 22:13:14 | 000,077,824 | ---- | C] () -- C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/25 16:56:08 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1461.dll
[2007/12/03 20:46:09 | 000,102,451 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/12/03 20:40:29 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1332.dll
[2007/12/03 20:30:59 | 000,061,440 | ---- | C] () -- C:\Windows\System32\OsdRemove.exe
[2007/12/03 20:28:36 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2007/12/03 20:28:36 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 002,337,168 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,608,760 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,108,268 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/10/20 23:58:52 | 000,090,112 | ---- | C] () -- C:\Windows\System32\vspxvfw.dll
[2005/09/01 15:20:46 | 000,524,288 | ---- | C] () -- C:\Windows\System32\vspxcore.dll
[2004/06/12 16:55:32 | 000,274,432 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2004/06/12 16:55:32 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LameEncShim.dll

========== LOP Check ==========

[2009/09/12 09:15:44 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Atari
[2010/10/22 17:04:55 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\BDA3C1DB7961FD695B72E72BF51EFE51
[2011/04/03 15:51:52 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\ImTOO
[2009/09/12 09:09:54 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Leadertech
[2008/04/22 12:59:45 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\muvee Technologies
[2009/01/25 15:21:21 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Publish Providers
[2011/01/12 12:56:39 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Samsung
[2011/01/23 15:22:42 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Sony
[2008/09/14 17:59:22 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Sports Interactive
[2009/07/05 15:07:34 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\TeamViewer
[2011/02/21 23:11:11 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Template
[2010/04/20 22:00:59 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Ulead Systems
[2011/01/14 14:17:10 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\uTorrent
[2008/07/05 13:28:11 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\WinBatch
[2011/06/20 22:20:10 | 000,032,626 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2011/06/22 20:40:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DC7EC6D7-C97F-449F-84F2-85E1476C69B4}.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2010/08/06 21:59:18 | 000,000,000 | ---D | M](C:\Users\Paul\AppData\Roaming\???????sAppData) -- C:\Users\Paul\AppData\Roaming\敎潲䍄敔灭慬整sAppData
[2010/08/06 21:59:18 | 000,000,000 | ---D | M](C:\Users\Paul\AppData\Roaming\???????sAppData) -- C:\Users\Paul\AppData\Roaming\敎潲䍄敔灭慬整sAppData
(C:\Users\Paul\AppData\Roaming\???????sAppData) -- C:\Users\Paul\AppData\Roaming\敎潲䍄敔灭慬整sAppData

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Paul\Desktop\Michael Jackson - Thriller [1983][SkidVid]_XviD.avi:TOC.WMV
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:9A2B2B2D
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:364682BC

< End of report >
OTL Extras logfile created on: 22/06/2011 20:39:24 - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 43.17% Memory free
4.22 Gb Paging File | 2.55 Gb Available in Paging File | 60.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 325.33 Gb Total Space | 97.55 Gb Free Space | 29.99% Space Free | Partition Type: NTFS
Drive D: | 10.02 Gb Total Space | 1.36 Gb Free Space | 13.54% Space Free | Partition Type: NTFS
Drive E: | 180.65 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 449.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive K: | 1863.01 Gb Total Space | 1812.42 Gb Free Space | 97.28% Space Free | Partition Type: NTFS

Computer Name: PAUL-PC | User Name: Paul | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021F92D6-9544-4BEB-9212-1D6FEA118C36}" = lport=138 | protocol=17 | dir=in | app=system |
"{3305C6E4-A29F-4384-94CD-5C3FB7193B78}" = rport=138 | protocol=17 | dir=out | app=system |
"{3A79F906-50BA-4ADE-B55F-F3A2DC4CEC2B}" = rport=137 | protocol=17 | dir=out | app=system |
"{40F101A3-8544-4F08-9A54-FDEEFBE92115}" = rport=445 | protocol=6 | dir=out | app=system |
"{65E632F9-27EC-437C-AF0E-909523A04AC2}" = lport=137 | protocol=17 | dir=in | app=system |
"{758A6DE4-03C8-4C1A-BDE8-156719B47CC5}" = lport=139 | protocol=6 | dir=in | app=system |
"{7D95C098-169A-4BCB-82D4-109BA01ADB1C}" = rport=139 | protocol=6 | dir=out | app=system |
"{9F9E5639-F23C-434F-B8E0-43748DD5EA5E}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{BE122C84-D6D4-49C6-9E85-04A1ACB9C54F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E00E2647-1903-4F36-B2DC-D43B7F1FE3F5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E9A979E0-4807-40C4-BF41-C9C8AC418C71}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{EC98FD83-CD9D-4580-8BAC-05BC63A9D77A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FD153643-59E1-4C45-99AC-04E0CD795C66}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FEB12D-DADF-4520-B97E-00DBA67B2366}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{0587FEB1-3D27-4CA1-A40F-EE58257ED734}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{06117C50-16BC-444A-949A-204A1C1EB006}" = dir=in | app=c:\program files\avg\avg9\avgemc.exe |
"{128ADD73-7E80-44B9-BEDC-D7E08B93923E}" = protocol=17 | dir=in | app=c:\users\paul\appdata\local\temp\installer.exe |
"{13DD1FB4-6262-488F-9551-FBF8849476C5}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{15730D04-F0D5-4D23-82F6-6B1A5DAD30BC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1843A19E-46AF-4129-9A6F-26BCD9752C7F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{266EA0BF-E782-40FA-851A-6C9B184699A5}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{29BCD5E1-46E6-4980-9F92-CA1D5A28D9F3}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{2EADB3C6-0D59-4309-BC94-B1FAA23CB638}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3760455D-E8EC-4509-8DA1-0017ABDC9BB6}" = protocol=1 | dir=in | [email protected],-28543 |
"{3785D4D1-807D-44E8-B875-80F73284A7A9}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{388DF019-7479-4FAC-8622-DD128E2C1208}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{41A90CB4-B80E-4CE8-B0E5-34A9DBBD1EB0}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{4DAC2819-7F24-4CA7-9578-22B92B7935EB}" = protocol=17 | dir=in | app=c:\program files\ea games\the battle for middle-earth ™\game.dat |
"{5212F931-5A26-4D52-A63B-173DA90AAC2F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{5B277D3C-DD3B-4E22-819E-608789C13627}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{617F2778-EEC8-4F12-80C2-77337BD9758C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{630AAB0E-3898-463B-860A-02C73D4AF7AB}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{63371822-78AB-4D6E-A7E8-ED0BD5115A72}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{64590FC7-A82E-4E64-86B1-BB7241F14709}" = protocol=6 | dir=in | app=c:\program files\gigatribe\gigatribe_3x.exe |
"{649E1B31-D172-4E11-9991-2B6BE0E822B3}" = protocol=58 | dir=in | [email protected],-28545 |
"{66100F38-9030-4D18-ABF5-3F02C749C435}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{69A2769C-9DA6-4E4D-A21A-C71D2DFF8FA1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{7A86C764-7654-4C8F-BE19-10AC32BAAF57}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{7D5F563E-98CE-4F1F-9A67-CF54B8F0DB77}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{84EDA7CF-5147-4F95-A02A-6D2194623640}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{8636B9A1-D64B-40EE-805C-77FBE5F160C9}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{8A63E9A5-8264-4E4F-93CD-9C0EF66E35EE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{92C4C22E-1AF2-4D1B-ADD4-A54B566376C1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{96DAA289-8340-4470-BF56-8AD678ACCA6B}" = protocol=17 | dir=in | app=c:\program files\thomson\st330\service\st330service.exe |
"{982A235A-5F11-42E1-A5A1-A08EAD6B500B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B2FFD31B-FE26-47FB-8537-89E9BEB8D1DE}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{B424ADA0-F1EB-4EC4-9B11-7258EDF209F4}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{BA6F4DFD-2ACE-433F-AC8E-A6CD8E77CB08}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BB3C1E19-96E4-4AC3-9514-8A24AF4099A7}" = protocol=1 | dir=out | [email protected],-28544 |
"{BD4095E3-C1B5-45A8-9240-7F36DC6F9820}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{BF212322-557D-4D70-930C-11380AE1AA08}" = protocol=6 | dir=in | app=c:\program files\thomson\st330\service\st330service.exe |
"{C20C2EA7-1008-46FB-9777-0675BE1AC24F}" = protocol=17 | dir=in | app=c:\program files\gigatribe\gigatribe_3x.exe |
"{CA9F06AF-D34F-4927-B5B3-CEDDB3D0BAD1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{CB3CFE4C-FE2D-435E-800B-64A31EA1E8C7}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{D28EE086-6212-49E3-9C85-450D649B2F31}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{D76E3C93-701C-4C6D-8D08-D16B84CD709C}" = protocol=58 | dir=out | [email protected],-28546 |
"{D7978400-FB05-49A6-A317-6FE02CD7C06F}" = protocol=6 | dir=in | app=c:\users\paul\appdata\local\temp\installer.exe |
"{DF5CDE54-FC0E-435D-9D7C-EEF53C5E78F1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{E2DDECD7-C661-4FB9-B7A8-9494238911C3}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{E601665F-A1DC-48B2-BED7-AEC5DBA12594}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{E87F4BED-E303-4A84-98DC-EC48ECDD95BB}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{EE9F108C-092B-477D-AEBB-4AED3AE66A98}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{EF2D1272-F630-4D8B-AFB2-EFEBC5FFFED6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{EF363919-9720-40B0-A763-6859EDEAAAA1}" = protocol=6 | dir=in | app=c:\program files\ea games\the battle for middle-earth ™\game.dat |
"{EF6448AA-DF5B-446D-9316-454678B70E17}" = dir=in | app=c:\users\paul\appdata\local\temp\7zs390d\setup\hpznui01.exe |
"{F788A8D7-A312-426F-86F8-5F0A6E776773}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{F81F9619-98A7-4E8D-88A2-D32B02454E77}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{FA08AE5E-DB9E-4696-BB69-69EDC5BD1DE8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FB24DDA2-3704-49E9-B187-897F1286457D}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"TCP Query User{635EEC0A-8B56-49F7-B825-064438464934}C:\program files\gigatribe\gigatribe.exe" = protocol=6 | dir=in | app=c:\program files\gigatribe\gigatribe.exe |
"TCP Query User{CBF47CAD-5A66-4000-8714-4D59DED803F2}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{2B8F48AF-7A3A-4A2F-9892-DE29293B675E}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{B8BC88BD-B034-4696-BF86-B5CFAE3A1392}C:\program files\gigatribe\gigatribe.exe" = protocol=17 | dir=in | app=c:\program files\gigatribe\gigatribe.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}" = HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1883A84D-94AA-432C-9519-FA31B6B118B9}" = forteManager
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22420BF3-340F-4380-B14F-86397AD0AA5B}" = FMV V5.99a
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22FB6750-ADDF-4726-B67F-6901E1991033}" = Nero 7 Ultra Edition
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376AAB2-F4D9-48D7-A42B-4E80B8967A8B}" = F4500
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java™ 6 Update 17
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4EE9A620-46A0-4BCF-82AC-950D2BBED982}" = Belkin Wireless USB Adapter Setup
"{56415658-366E-4E28-A6BD-68EC63E560E0}" = Vegas Pro 9.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Driver
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{83EC8AE9-53A6-474D-95AF-8F5116CC9C4E}" = 3D Home Architect Design Suite Deluxe 8
"{84639CB3-04D4-4758-B1D0-82E531D21F59}" = HD Writer AE 2.0
"{85498904-0748-45AA-9482-6DB8EA971B91}" = DJ_AIO_06_F4500_SW_MIN
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AFAD41A9-9687-48A3-848F-693C11451433}" = HP Customer Experience Enhancements
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E6CFBFB5-9232-410C-B353-AF6E614B2681}" = LightScribe System Software 1.10.16.1
"{E8C2622C-9FF1-4F60-8008-A0208154F9F3}" = muvee autoProducer 6.1
"{e96b3d28-47d6-43cc-98fd-7069eeab6b11}" = HP Total Care Advisor
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"A123 AVI MPEG WMV ASF MOV FLV to Mp4 Converter_is1" = A123 AVI MPEG WMV ASF MOV FLV to Mp4 Converter 1.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"AVG9Uninstall" = AVG Free 9.0
"BitComet" = BitComet 1.09
"c474c3891a130b8bd0297680e91988cd308463113" = Football Manager 2007
"CleanUp!" = CleanUp!
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"FLV Player" = FLV Player 2.0 (build 25)
"Google Updater" = Google Updater
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HyperCam 2" = HyperCam 2
"HyperCam Toolbar" = HyperCam Toolbar
"ImTOO Video Converter Ultimate 6" = ImTOO Video Converter Ultimate 6
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{83EC8AE9-53A6-474D-95AF-8F5116CC9C4E}" = 3D Home Architect Design Suite Deluxe 8
"Magic ISO Maker v5.5 (build 0259)" = Magic ISO Maker v5.5 (build 0259)
"MagicDisc 2.7.105" = MagicDisc 2.7.105
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0.1 (x86 en-GB)" = Mozilla Firefox 4.0.1 (x86 en-GB)
"MpcStar" = MpcStar 1.9
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"Paint Shop Pro 6" = Paint Shop Pro 6.02 CD
"ShalSoft.GigaTribe_is1" = GigaTribe 3.01.007
"Shop for HP Supplies" = Shop for HP Supplies
"SpeedTouch 330" = SpeedTouch 330
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Messenger" = Yahoo! Messenger
"YASA MP4 Video Converter v3.2 (build 0051)" = YASA MP4 Video Converter v3.2 (build 0051)
"ZoomPlayer" = Zoom Player (remove only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 19/06/2011 17:03:48 | Computer Name = Paul-PC | Source = profsvc | ID = 1533
Description = Windows cannot delete the profile directory C:\Users\TEMP.Paul-PC.009.
This error may be caused by files in this directory being used by another program.
DETAIL - The directory is not empty.

Error - 20/06/2011 15:57:17 | Computer Name = Paul-PC | Source = VSS | ID = 8193
Description =

Error - 20/06/2011 15:57:17 | Computer Name = Paul-PC | Source = VSS | ID = 8194
Description =

Error - 20/06/2011 15:57:19 | Computer Name = Paul-PC | Source = VSS | ID = 8193
Description =

Error - 20/06/2011 16:15:42 | Computer Name = Paul-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6001.18639 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 17dc Start Time: 01cc2f85fe4ef8f0 Termination Time: 0

Error - 20/06/2011 17:23:12 | Computer Name = Paul-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 21/06/2011 19:13:05 | Computer Name = Paul-PC | Source = VSS | ID = 8193
Description =

Error - 22/06/2011 15:28:26 | Computer Name = Paul-PC | Source = VSS | ID = 8193
Description =

Error - 22/06/2011 15:28:27 | Computer Name = Paul-PC | Source = VSS | ID = 8194
Description =

Error - 22/06/2011 15:28:28 | Computer Name = Paul-PC | Source = VSS | ID = 8193
Description =

[ Media Center Events ]
Error - 16/04/2008 06:51:02 | Computer Name = Paul-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 18/04/2008 13:51:14 | Computer Name = Paul-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

[ OSession Events ]
Error - 10/02/2010 15:31:13 | Computer Name = Paul-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12710
seconds with 180 seconds of active time. This session ended with a crash.

Error - 27/07/2010 15:09:53 | Computer Name = Paul-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30809
seconds with 240 seconds of active time. This session ended with a crash.

Error - 08/08/2010 17:05:00 | Computer Name = Paul-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15182
seconds with 1080 seconds of active time. This session ended with a crash.

Error - 05/12/2010 10:57:51 | Computer Name = Paul-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 22519 seconds with 2820 seconds of active time. This session ended with
a crash.

[ System Events ]
Error - 19/06/2011 11:04:52 | Computer Name = Paul-PC | Source = DCOM | ID = 10010
Description =

Error - 19/06/2011 11:16:30 | Computer Name = Paul-PC | Source = HTTP | ID = 15016
Description =

Error - 19/06/2011 17:04:09 | Computer Name = Paul-PC | Source = DCOM | ID = 10010
Description =

Error - 20/06/2011 06:03:21 | Computer Name = Paul-PC | Source = DCOM | ID = 10010
Description =

Error - 20/06/2011 17:22:34 | Computer Name = Paul-PC | Source = HTTP | ID = 15016
Description =

Error - 21/06/2011 23:52:14 | Computer Name = Paul-PC | Source = DCOM | ID = 10010
Description =

Error - 22/06/2011 02:41:26 | Computer Name = Paul-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 9444527FE7FC. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 22/06/2011 02:47:39 | Computer Name = Paul-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 9444527FE7FC. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 22/06/2011 02:53:55 | Computer Name = Paul-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 9444527FE7FC. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 22/06/2011 03:55:15 | Computer Name = Paul-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 9444527FE7FC. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP