I did manage to install mbam and it found a few things
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4520
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928
01/09/2010 10:10:49
mbam-log-2010-09-01 (10-10-49).txt
Scan type: Quick scan
Objects scanned: 163747
Time elapsed: 7 minute(s), 51 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files (x86)\Uninstall Fun Web Products.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
but i still couldn't install any of the programs above.
I then used the downloadable superantispyware scanner and it found more things but I still cannot install any of the programs. Please help!
Whe I tried GMER most of the tick boxes were greyed out, so I couldn't tick all the boxes shown in the picture.
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-09-01 17:41:10
Windows 6.0.6002 Service Pack 2
Running: gmer.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000c556e098f
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000c556e098f (not active ControlSet)
---- EOF - GMER 1.0.15 ----
OTL logfile created on: 01/09/2010 17:46:06 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\garvin\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 68.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.20 Gb Total Space | 139.55 Gb Free Space | 63.96% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 6.91 Gb Free Space | 47.15% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 971.63 Mb Total Space | 401.59 Mb Free Space | 41.33% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LINDA-PC
Current User Name: garvin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
========== Processes (SafeList) ==========
PRC - C:\Users\garvin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe (Yahoo! Inc.)
PRC - C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
PRC - C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
========== Modules (SafeList) ==========
MOD - C:\Users\garvin\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (WAS) -- C:\Windows\SysNative\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV:64bit: - (simptcp) -- C:\Windows\SysNative\tcpsvcs.exe (Microsoft Corporation)
SRV:64bit: - (AppHostSvc) -- C:\Windows\SysNative\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV:64bit: - (SNMP) -- C:\Windows\SysNative\snmp.exe (Microsoft Corporation)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (wltrysvc) -- C:\Windows\SysNative\WLTRYSVC.EXE ()
SRV:64bit: - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe (ATI Technologies Inc.)
SRV:64bit: - (NtmsSvc) -- C:\Windows\SysNative\ntmssvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (iprip) -- C:\Windows\SysNative\iprip.dll (Microsoft Corporation)
SRV:64bit: - (CISVC) -- C:\Windows\SysNative\CISVC.EXE (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_64) -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (simptcp) -- C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (SNMP) -- C:\Windows\SysWOW64\snmp.exe (Microsoft Corporation)
SRV - (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (OA008Ufd) -- C:\Windows\SysNative\DRIVERS\OA008Ufd.sys (Creative Technology Ltd.)
DRV:64bit: - (OA008Vid) -- C:\Windows\SysNative\DRIVERS\OA008Vid.sys (Creative Technology Ltd.)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\BCM42RLY.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys (Broadcom Corporation)
DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\DRIVERS\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (k57nd60a) Broadcom NetLink -- C:\Windows\SysNative\DRIVERS\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys (REDC)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\DRIVERS\rimspx64.sys (REDC)
DRV:64bit: - (e1express) Intel® -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys (Intel Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (SASDIFSV) -- C:\Users\garvin\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV64.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Users\garvin\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL64.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (PCD5SRVC{048DBD20-445E8C82-05040104}) -- C:\Program Files (x86)\Dell Support Center\HWDiag\bin\pcd5srvc_x64.pkms (PC-Doctor, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
IE - HKLM\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {d1e06b91-60e6-4492-af9f-53043fa32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E3 92 C2 34 0E 8F CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {d1e06b91-60e6-4492-af9f-53043fa32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100127023632
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/08/31 18:03:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/08/26 13:19:34 | 000,000,000 | ---D | M]
[2010/09/01 10:26:29 | 000,000,000 | ---D | M] -- C:\Users\linda\AppData\Roaming\Mozilla\Extensions
[2010/09/01 11:19:08 | 000,000,000 | ---D | M] -- C:\Users\garvin\AppData\Roaming\mozilla\Firefox\Profiles\4i3e6bnp.default\extensions
[2010/09/01 11:19:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\garvin\AppData\Roaming\mozilla\Firefox\Profiles\4i3e6bnp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/29 18:26:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/29 18:26:36 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/03/16 19:27:25 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/08/14 20:50:42 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
[2010/03/16 19:27:25 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/03/16 19:27:25 | 000,000,769 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/03/16 19:27:25 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2006/09/18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O2 - BHO: (TheFreeDictionarycom Toolbar) - {d1e06b91-60e6-4492-af9f-53043fa32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (Search Assistant) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files (x86)\SGPSA\BHO.dll (MTWB)
O2 - BHO: (Fast Browser Search Toolbar Helper) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Fast Browser Search\IE\FBStoolbar.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn7\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Fast Browser Search\IE\FBStoolbar.dll ()
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (myBabylon English Toolbar) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TheFreeDictionarycom Toolbar) - {d1e06b91-60e6-4492-af9f-53043fa32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn7\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Fast Browser Search Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Fast Browser Search\IE\FBStoolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (myBabylon English Toolbar) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - C:\Program Files (x86)\myBabylon_English\tbmyBa.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (TheFreeDictionarycom Toolbar) - {D1E06B91-60E6-4492-AF9F-53043FA32716} - C:\Program Files (x86)\TheFreeDictionarycom\tbTheF.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe File not found
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe File not found
O4 - HKLM..\Run: [YMailAdvisor] C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe (Yahoo! Inc.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [CollaborationHost] C:\Windows\SysWow64\p2phost.exe File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\garvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found
O4 - Startup: C:\Users\garvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Media Check Tool.lnk = C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 23:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2009/07/03 10:48:52 | 000,586,212 | ---- | M] () - F:\Autoruns.zip -- [ FAT ]
O33 - MountPoints2\{abf1407b-70cb-11de-909a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{abf1407b-70cb-11de-909a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\MSWorks\autorun.exe -- File not found
O33 - MountPoints2\{b6a9069e-e1b8-11de-9d66-002219f61ee1}\Shell\AutoRun\command - "" = F:\.\Vado\Vado.exe -- File not found
O33 - MountPoints2\{d4624843-9969-11de-8f65-002219f61ee1}\Shell\AutoRun\command - "" = F:\.\Vado\Vado.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: Ntmssvc - C:\Windows\SysNative\ntmssvc.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ==========
[2010/09/01 17:42:51 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\garvin\Desktop\OTL.exe
[2010/09/01 17:08:25 | 000,000,000 | ---D | C] -- C:\bcce0f9d5c351366473af0b2d7
[2010/09/01 16:53:46 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/09/01 16:53:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010/09/01 14:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/09/01 12:33:28 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\garvin\Desktop\spybotsd162.exe
[2010/09/01 12:19:18 | 002,133,536 | ---- | C] (AVG Technologies) -- C:\Users\garvin\Desktop\avg_free_stb_all_9_115_cnet.exe
[2010/09/01 11:36:28 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2010/09/01 11:00:35 | 000,439,808 | ---- | C] (OldTimer Tools) -- C:\Users\garvin\Desktop\TFC.exe
[2010/09/01 10:44:54 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/09/01 10:26:22 | 000,000,000 | ---D | C] -- C:\Users\linda\AppData\Roaming\Mozilla
[2010/09/01 10:26:22 | 000,000,000 | ---D | C] -- C:\Users\linda\AppData\Local\Mozilla
[2010/07/26 09:03:41 | 000,000,000 | ---D | C] -- C:\Creative
[2010/07/24 21:10:42 | 000,000,000 | ---D | C] -- C:\PriceGong
[2010/07/24 21:10:38 | 000,000,000 | ---D | C] -- C:\Users\garvin\AppData\Roaming\alot
[2010/07/11 16:11:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PlayFirst
[2010/07/11 16:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PriceGong
[2010/07/09 22:20:40 | 000,000,000 | -HSD | C] -- C:\Users\garvin\Desktop\%APPDATA%
[2010/07/09 22:19:52 | 000,000,000 | ---D | C] -- C:\Users\garvin\Desktop\_hiddenPbk
[2010/06/27 12:18:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010/06/26 15:00:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2010/06/26 15:00:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/06/26 14:58:59 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/26 14:58:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/06/26 14:58:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010/06/26 14:58:32 | 000,000,000 | ---D | C] -- C:\Users\linda\AppData\Local\Apple
[2010/06/26 14:58:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010/06/26 14:58:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/06/25 16:45:39 | 000,000,000 | ---D | C] -- C:\4c9abb1882c1d631b644127c52
========== Files - Modified Within 90 Days ==========
[2010/09/01 17:46:09 | 001,572,864 | ---- | M] () -- C:\Users\garvin\ntuser.dat
[2010/09/01 17:46:00 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4756DD25-8884-4554-BC18-52386A99AC7F}.job
[2010/09/01 17:44:59 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9665E421-ECBC-4C68-A495-82B85FDCDAFB}.job
[2010/09/01 17:43:00 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\garvin\Desktop\OTL.exe
[2010/09/01 17:16:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/01 17:15:53 | 000,524,288 | -HS- | M] () -- C:\Users\garvin\ntuser.dat{b9aeefaa-b5df-11df-8872-002219f61ee1}.TMContainer00000000000000000002.regtrans-ms
[2010/09/01 17:15:53 | 000,524,288 | -HS- | M] () -- C:\Users\garvin\ntuser.dat{b9aeefaa-b5df-11df-8872-002219f61ee1}.TMContainer00000000000000000001.regtrans-ms
[2010/09/01 17:15:53 | 000,065,536 | -HS- | M] () -- C:\Users\garvin\ntuser.dat{b9aeefaa-b5df-11df-8872-002219f61ee1}.TM.blf
[2010/09/01 17:15:50 | 002,270,494 | -H-- | M] () -- C:\Users\garvin\AppData\Local\IconCache.db
[2010/09/01 17:12:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/01 17:03:19 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2010/09/01 17:03:12 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/01 17:03:12 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/01 17:03:10 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/01 17:03:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/01 17:02:59 | 4289,576,960 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/01 17:01:59 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/09/01 17:01:57 | 001,572,864 | -HS- | M] () -- C:\Users\garvin\ntuser.bak
[2010/09/01 17:01:56 | 000,524,288 | -HS- | M] () -- C:\Users\garvin\ntuser.dat{207bb4bf-8157-11df-9943-002219f61ee1}.TMContainer00000000000000000001.regtrans-ms
[2010/09/01 17:01:56 | 000,065,536 | -HS- | M] () -- C:\Users\garvin\ntuser.dat{207bb4bf-8157-11df-9943-002219f61ee1}.TM.blf
[2010/09/01 16:53:26 | 000,000,721 | ---- | M] () -- C:\Users\garvin\Desktop\NTREGOPT.lnk
[2010/09/01 16:53:26 | 000,000,702 | ---- | M] () -- C:\Users\garvin\Desktop\ERUNT.lnk
[2010/09/01 14:41:04 | 011,329,872 | ---- | M] () -- C:\Users\garvin\Desktop\SAS_5532383.COM
[2010/09/01 14:22:27 | 000,305,992 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/09/01 12:19:24 | 002,133,536 | ---- | M] (AVG Technologies) -- C:\Users\garvin\Desktop\avg_free_stb_all_9_115_cnet.exe
[2010/09/01 10:47:28 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/09/01 10:24:09 | 000,006,836 | ---- | M] () -- C:\Users\garvin\AppData\Local\d3d9caps.dat
[2010/09/01 09:58:12 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/01 09:56:23 | 000,835,402 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/09/01 09:56:23 | 000,703,180 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/09/01 09:56:23 | 000,142,984 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/27 16:25:18 | 000,781,122 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/08/26 20:40:20 | 000,284,915 | ---- | M] () -- C:\Users\garvin\Desktop\gmer.zip
[2010/08/06 13:23:25 | 000,104,960 | ---- | M] () -- C:\Users\garvin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/30 11:48:32 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/06/27 19:25:38 | 000,000,996 | ---- | M] () -- C:\Users\garvin\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/06/27 19:25:38 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/06/26 20:50:49 | 000,524,288 | -HS- | M] () -- C:\Users\garvin\ntuser.dat{207bb4bf-8157-11df-9943-002219f61ee1}.TMContainer00000000000000000002.regtrans-ms
[2010/06/26 15:03:13 | 000,524,288 | -HS- | M] () -- C:\Users\garvin\ntuser.dat{86025301-4d25-11df-b396-002219f61ee1}.TMContainer00000000000000000001.regtrans-ms
[2010/06/26 15:03:13 | 000,065,536 | -HS- | M] () -- C:\Users\garvin\ntuser.dat{86025301-4d25-11df-b396-002219f61ee1}.TM.blf
[2010/06/26 15:00:26 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
========== Files Created - No Company Name ==========
[2010/09/01 17:16:24 | 000,284,915 | ---- | C] () -- C:\Users\garvin\Desktop\gmer.zip
[2010/09/01 17:03:16 | 000,524,288 | -HS- | C] () -- C:\Users\garvin\ntuser.dat{b9aeefaa-b5df-11df-8872-002219f61ee1}.TMContainer00000000000000000002.regtrans-ms
[2010/09/01 17:03:16 | 000,524,288 | -HS- | C] () -- C:\Users\garvin\ntuser.dat{b9aeefaa-b5df-11df-8872-002219f61ee1}.TMContainer00000000000000000001.regtrans-ms
[2010/09/01 17:03:16 | 000,065,536 | -HS- | C] () -- C:\Users\garvin\ntuser.dat{b9aeefaa-b5df-11df-8872-002219f61ee1}.TM.blf
[2010/09/01 17:00:37 | 000,262,144 | -H-- | C] () -- C:\Users\linda\ntuser.tmp.LOG1
[2010/09/01 17:00:37 | 000,000,000 | -H-- | C] () -- C:\Users\linda\ntuser.tmp.LOG2
[2010/09/01 16:53:26 | 000,000,721 | ---- | C] () -- C:\Users\garvin\Desktop\NTREGOPT.lnk
[2010/09/01 16:53:26 | 000,000,702 | ---- | C] () -- C:\Users\garvin\Desktop\ERUNT.lnk
[2010/09/01 14:41:09 | 011,329,872 | ---- | C] () -- C:\Users\garvin\Desktop\SAS_5532383.COM
[2010/09/01 14:22:04 | 4289,576,960 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/01 12:37:00 | 000,002,087 | ---- | C] () -- C:\Users\garvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Media Check Tool.lnk
[2010/09/01 12:37:00 | 000,001,815 | ---- | C] () -- C:\Users\garvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[2010/09/01 09:58:12 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/27 16:25:15 | 000,781,122 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/08/27 15:35:37 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2010/06/27 19:25:38 | 000,000,996 | ---- | C] () -- C:\Users\garvin\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/06/27 19:25:38 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/06/26 20:15:32 | 000,524,288 | -HS- | C] () -- C:\Users\garvin\ntuser.dat{207bb4bf-8157-11df-9943-002219f61ee1}.TMContainer00000000000000000002.regtrans-ms
[2010/06/26 20:15:32 | 000,524,288 | -HS- | C] () -- C:\Users\garvin\ntuser.dat{207bb4bf-8157-11df-9943-002219f61ee1}.TMContainer00000000000000000001.regtrans-ms
[2010/06/26 20:15:32 | 000,065,536 | -HS- | C] () -- C:\Users\garvin\ntuser.dat{207bb4bf-8157-11df-9943-002219f61ee1}.TM.blf
[2010/06/26 15:00:26 | 000,001,866 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2009/12/03 16:55:09 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/03 16:54:20 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/20 19:04:59 | 000,006,836 | ---- | C] () -- C:\Users\linda\AppData\Local\d3d9caps.dat
[2009/09/20 16:55:18 | 000,024,088 | ---- | C] () -- C:\Users\linda\AppData\Roaming\UserTile.png
[2009/08/07 21:32:17 | 000,104,960 | ---- | C] () -- C:\Users\linda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
========== LOP Check ==========
[2010/07/24 21:10:38 | 000,000,000 | ---D | M] -- C:\Users\garvin\AppData\Roaming\alot
[2009/12/09 20:44:33 | 000,000,000 | ---D | M] -- C:\Users\garvin\AppData\Roaming\muvee Technologies
[2009/09/20 16:55:17 | 000,000,000 | ---D | M] -- C:\Users\linda\AppData\Roaming\PeerNetworking
[2010/09/01 17:01:59 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/09/01 17:46:00 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{4756DD25-8884-4554-BC18-52386A99AC7F}.job
[2010/09/01 17:44:59 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{9665E421-ECBC-4C68-A495-82B85FDCDAFB}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/06/24 12:22:20 | 000,546,872 | ---- | M] (Microsoft Corporation) -- C:\bootmgr.efi
[2009/07/15 08:09:56 | 000,003,506 | RH-- | M] () -- C:\dell.sdr
[2010/09/01 17:02:59 | 4289,576,960 | -HS- | M] () -- C:\hiberfil.sys
[2006/12/02 05:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2010/09/01 17:02:55 | 308,223,999 | -HS- | M] () -- C:\pagefile.sys
[2010/07/11 16:11:05 | 000,005,892 | ---- | M] () -- C:\scramble.log
< %systemroot%\Fonts\*.com >
[2006/11/02 16:06:41 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 16:06:41 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 16:06:41 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/12/03 17:34:06 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006/09/18 22:35:48 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2009/07/10 13:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
Invalid Environment Variable: APPDATA
< %ALLUSERSPROFILE%\Favorites\*.* >
Invalid Environment Variable: APPDATA
< %PROGRAMFILES%\*.* >
[2008/01/21 04:21:59 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
Invalid Environment Variable: APPDATA
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
Invalid Environment Variable: APPDATA
< %USERPROFILE%\Desktop\*.exe >
[2010/09/01 12:19:24 | 002,133,536 | ---- | M] (AVG Technologies) -- C:\Users\garvin\Desktop\avg_free_stb_all_9_115_cnet.exe
[2009/12/15 11:24:48 | 000,293,376 | ---- | M] () -- C:\Users\garvin\Desktop\gmer.exe
[2010/09/01 10:33:37 | 007,537,912 | ---- | M] (Microsoft Corporation) -- C:\Users\garvin\Desktop\mssefullinstall-amd64fre-en-us-vista-win7(2).exe
[2010/09/01 17:43:00 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\garvin\Desktop\OTL.exe
[2009/06/04 22:07:42 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\garvin\Desktop\spybotsd162.exe
[2010/02/27 00:44:30 | 000,439,808 | ---- | M] (OldTimer Tools) -- C:\Users\garvin\Desktop\TFC.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
Invalid Environment Variable: APPDATA
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
[2010/08/03 20:43:21 | 000,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
[2010/08/03 20:42:51 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
[2009/12/03 18:37:26 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
[2009/12/03 18:37:26 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs
[2010/08/03 20:42:51 | 001,056,768 | ---- | M] () -- C:\Windows\security\database\tmp.edb
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\0*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2009/08/07 21:30:11 | 000,000,402 | -HS- | M] () -- C:\Users\linda\Favorites\desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
< %systemroot%\system32\drivers\*.rmv >
< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >
< dir /b "%systemroot%\*.exe" | find /i " " /c >
< %PROGRAMFILES%\Microsoft\*.* >
< %systemroot%\System32\Wbem\proquota.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.dat >
< %USERPROFILE%\Cookies\*.txt /x >
< %SystemRoot%\system32\fonts\*.* >
< %systemroot%\system32\winlog\*.* >
< %systemroot%\system32\Language\*.* >
< %systemroot%\system32\Settings\*.* >
< %systemroot%\system32\*.quo >
< %SYSTEMROOT%\AppPatch\*.exe >
< %SYSTEMROOT%\inf\*.exe >
< %SYSTEMROOT%\Installer\*.exe >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:79DD4F33
< End of report >
OTL Extras logfile created on: 01/09/2010 17:46:06 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\garvin\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 68.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 218.20 Gb Total Space | 139.55 Gb Free Space | 63.96% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 6.91 Gb Free Space | 47.15% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 971.63 Mb Total Space | 401.59 Mb Free Space | 41.33% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LINDA-PC
Current User Name: garvin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = E4 F5 93 41 3F 74 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{059702E0-2738-4E18-BA51-E43FB0CEFD48}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{07F8D44E-6A92-4DE3-BC72-072A1FE39F62}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{14EE2169-9F9A-4ACD-BA1B-0A73ABF463C5}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{1531E7BE-561E-4C56-99C0-B5A6A10F7D37}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1A16C29A-AC19-4FC3-83A9-C5F908FE28CD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1D4BBA0D-47F2-4AAA-A574-D74140305F1D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1F2FF446-3261-4AFE-9008-27BF2E791805}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{20DF15F7-F46B-44DD-8EE4-D4CD717AC8D6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{22D54990-DD7D-4CB6-B399-B38E082B9EA4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{22FF6092-F8A6-4828-A300-AD179FC27D97}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{265A53EF-290B-4876-9BD6-FF3FFE0E9641}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{2BBB9C67-A011-4909-A2C8-2F2DD13C0B9C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2C807DB3-FDAD-403E-9853-A8D58EA44BAA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{30B43F00-BF6D-4DE4-BD41-99B4793880A6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{34118F4D-BCB0-4942-86F8-D842C46605FF}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{39B80E04-403A-4B08-9BAA-B1E373D1C196}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3EE1295C-9363-477C-B39E-8722752719EB}" = lport=445 | protocol=6 | dir=in | app=system |
"{438F954A-BFC5-4DC6-8A07-D1BFCCAC3447}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46AC08ED-7AD4-4C8A-ACDF-03B1FE22413F}" = rport=137 | protocol=17 | dir=out | app=system |
"{4A193D34-8DA9-4087-A505-339E1185CB98}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{57D7065E-6F26-4244-AC47-F90FA5EFA8CA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6050B02B-446D-4520-8245-001B4BEA15D9}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{612C1B7B-AE56-4F89-A292-BAB42D1C995D}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{6335392F-023E-4368-8D40-06A333D86EF4}" = rport=139 | protocol=6 | dir=out | app=system |
"{658913F3-FB86-4A89-A8F9-5B119646239D}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{6653ABA7-F6E9-4363-936A-92A6985BEEA8}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{6666D0DA-C993-4902-9A82-EA5F8DE05AD0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6B922A9F-0241-4756-9105-460031B1FEA7}" = lport=5357 | protocol=6 | dir=in | app=system |
"{6F520536-3115-49EC-BC47-375A355B5414}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{76BE438B-9895-42EB-A74B-69B5E9EAA69C}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{7953710D-AD03-4ED9-A23B-1952E48A7864}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{7E559629-B7BD-4146-8998-974C407C416A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7EB68914-BA25-4CAF-BDC9-2EC882444DCD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{87888B7D-90D8-4793-8F59-591A96052A4A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{92C723DE-49F4-4F07-AC45-9A10EB4505F6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9C7B1BB2-BF1A-4B14-834F-9F067493848A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A1C61A39-6ED4-44AC-B1ED-1C8174920503}" = rport=445 | protocol=6 | dir=out | app=system |
"{A418584E-A799-460C-A402-9F2D013BE191}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A6196C5E-1942-422C-8846-AD4EBA1C1EC1}" = lport=5358 | protocol=6 | dir=in | app=system |
"{B5872834-D935-4DB9-82A2-5AFCF68C93F5}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{B742B776-712D-4547-B14C-A0F822AFA1A9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BD2512C9-EDA7-4E43-A248-A20C93852F7A}" = lport=139 | protocol=6 | dir=in | app=system |
"{BFF880A3-0674-41F9-B6C9-708C30798AC0}" = lport=138 | protocol=17 | dir=in | app=system |
"{C6100721-EEFD-48DC-B839-1D703DDB4880}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{C96965A6-CB74-4E69-A728-3FB353C0E443}" = rport=5358 | protocol=6 | dir=out | app=system |
"{CBE4279F-C18A-4F2F-8175-ED3507988DCC}" = rport=138 | protocol=17 | dir=out | app=system |
"{D0DE6DE6-E13E-4311-9AB0-4BFA208E990A}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{D2A83D75-12F4-4B3B-81A5-16D553DB2448}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{D78B41A7-611E-42BB-A209-DA34B3BEF202}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{DD1461DB-5DEC-4C64-9B71-FE067E534768}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{DFE2E5F7-4978-4E4F-B68C-7DD00A1C997F}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{E50703BD-5688-46AA-86E2-EC47A13C51C0}" = lport=137 | protocol=17 | dir=in | app=system |
"{EA6C362E-CE59-4089-AE72-5B383AC88EA0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F217B317-B2E4-4BA5-881C-5EA47EDEA391}" = rport=5357 | protocol=6 | dir=out | app=system |
"{F4692055-2153-4476-AC39-CA34578E2CCB}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{F79DA188-361A-40CE-A472-676C9FD2CF79}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FA9A1021-AAF6-4EE4-A5FC-56822EB61240}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B51695-7A2B-478C-B3BC-B0E7EFEAB7E9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0230F325-3DF8-48D8-9C59-F0821A62E398}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{0C915E75-FC41-4EBA-96BF-81E157CDEBEF}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{103E0318-2D68-4B10-8629-5FBAFF3C8F2C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{10A4647A-48BB-48D6-BD69-E86B0326CC1D}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{188899B7-37C8-4C0F-9A45-76008197ABBC}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{22FF7E1F-ACB9-420E-BB61-5AF5BFCAF1FA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2355A80A-6942-4096-8AB8-9D023104A56C}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{2685152D-A48A-4628-8856-9BBF3B19EC58}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{27A30C6D-D360-4E84-B901-7D86B5037773}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{32F6C521-B131-46FA-AE18-F0D7F09BD215}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3A7CC999-C099-47D0-BA7A-C776DA4F3B6E}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{3B210688-AB56-4491-B566-2BF11AEE485D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3DC641B1-C1D5-49A3-B242-F0D705B597EA}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{3F2512D7-FA40-48EE-B294-5C3CEEB6BE18}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{4B2A329D-E263-4C67-8D15-BF6B6DECB5AC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4C107EA7-8313-4398-8D81-2D9A424A1837}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4DF9B31B-DBE5-4646-967F-64CD9475CCB6}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{5155CA82-75D5-43B8-A87D-1368F551F1FB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{57A60AC3-3FA0-4DB0-A09D-5298463E67E8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5A67389F-E529-4F03-9855-436D9020E490}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{5EB693F6-9E0C-4BCC-98C3-86CB2A5FE1EE}" = protocol=58 | dir=in | [email protected],-28545 |
"{62C2EBF4-F3DE-470F-837D-10AE018A2D9E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6B5DD798-0D6B-4680-87E4-4A439ABA67B2}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{6FA24516-E64F-4145-85A6-66ABDAFF0012}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7411E7D9-76C8-4F14-92DB-A0F597115BDC}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{7831FB06-9988-456B-827C-184E8F16647E}" = protocol=58 | dir=out | [email protected],-28546 |
"{8972107D-7582-458C-A33D-375B6970AA04}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{8F967FD1-DF2E-463E-905E-FDDAF9C08118}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{93434EE5-7B55-48F2-80B9-756777DBAF40}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{973E3389-6B8B-416E-9A38-C40AE15ECEEB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{99656822-F6C6-4323-8F14-FB84D823F604}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A8E2C0A7-8D3B-4C8B-9065-9B2682FC9AC6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{AB6DB5C2-845C-4930-8D97-76D7BAF14177}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B2730C3E-724B-4993-B276-C4812ED45B39}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{B988D6B2-FD5E-4E69-A931-F2DD51490BE4}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{BC3C9875-17EE-40EE-9605-0DF51E874320}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BEBF69C5-BD42-457B-8104-17ED6FDDC111}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{C30B5B70-F1B8-40B1-AE4E-90A39227D45C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C33C3C98-FD5B-4EFF-A3DD-7CBEFD1E32FE}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{C6DABB6F-EC07-4970-84E9-D8197139283F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C7620992-8B59-41DC-AFC4-6820C4DDBD01}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DC1BCBBF-10D4-467C-8991-2D10777145A5}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{DC7576FE-D910-42C6-81EE-CF5845C09D9B}" = protocol=6 | dir=out | app=system |
"{E5AE3DE6-7AF2-4F7A-8042-AB3D4996638A}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{EF5310F2-5DA1-46BC-96FE-1875DCA63DF9}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F824845F-EB06-433F-B9EB-5E53E54F5DAE}" = protocol=1 | dir=out | [email protected],-28544 |
"{FA1A828B-DD69-4E01-928C-AF2CA8A7E425}" = protocol=1 | dir=in | [email protected],-28543 |
"TCP Query User{2A9C0ADE-0F3F-4A77-BDBD-A0978CF5CA9E}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{99962FD5-4563-4D48-9B53-791941F575C4}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416013FF}" = Java 6 Update 13 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E87F997C-3E93-6DAD-1AE6-619002BA9623}" = ccc-utility64
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"Creative OA008" = Integrated Webcam Driver (1.02.02.0106)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Dell Touchpad
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0CE69E03-1021-EB74-0836-C706CADC213A}" = Catalyst Control Center Localization Korean
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{12365698-8042-4774-8CAF-35BE91DC657B}" = Creative Vado HD Codec
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15F7FA6D-8FC5-08FD-2727-8AE6811A2A0D}" = CCC Help Russian
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{180BEABD-453E-4047-96B4-4F86EE605589}" = CCC Help Danish
"{181A0114-24D5-9E74-0138-4C8C27ED3EAC}" = Catalyst Control Center Graphics Light
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E5196FA-47EF-F0C7-847B-960F3349E9B5}" = CCC Help Finnish
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2094F083-B28B-AFFD-4075-49E803BE17B7}" = CCC Help Italian
"{2116C03A-7111-9669-8009-9FD7F5AABA20}" = Catalyst Control Center Graphics Full New
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23467AA2-058A-1064-40C5-E0E0533C2D7D}" = Catalyst Control Center Localization French
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java 6 Update 18
"{26B29DE2-7759-F8BB-FB10-98142B343C8C}" = CCC Help Korean
"{2FB28284-51D3-C991-3940-694B1B629F2B}" = Catalyst Control Center Localization German
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3945F4B5-0FAD-38E3-B39B-2F497550C847}" = CCC Help French
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3F6107B9-D211-EBCC-EA41-BD2FAC156A23}" = Catalyst Control Center Localization Japanese
"{3FD8C713-B1D5-D973-5351-50A918C02749}" = Catalyst Control Center Core Implementation
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{555B2506-E17C-4EEF-AA70-03985F664BAD}" = Creative Vado Central muvee Plugin
"{586DD9D2-09B2-D1DB-AD2A-95194A771C49}" = CCC Help Dutch
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C16A05F-C202-578A-108C-AFA4D9167CCC}" = Catalyst Control Center Localization Spanish
"{6C6D7326-770A-812B-B104-442F71A826F8}" = Catalyst Control Center Localization Russian
"{6EA1C352-4D16-5A9F-7751-D7AE08AA7F63}" = Catalyst Control Center Localization Chinese Traditional
"{72085899-3540-2F67-F5C7-46FF826A235F}" = CCC Help German
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{74622EDD-7879-3185-976D-A6098420D889}" = CCC Help Portuguese
"{7505BBE5-CB0C-5027-1228-15CC7C26C4C3}" = CCC Help English
"{76C4BA9A-BFA5-151D-8A39-AA0E74041F83}" = Catalyst Control Center Localization Danish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77A5C01F-E04C-9616-2E3D-D78CF889712B}" = Catalyst Control Center Graphics Full Existing
"{79D34E3B-8826-170B-8B3D-A9CD9C2D28F5}" = ccc-core-static
"{7CDF0744-7A0D-961B-3695-49756E822FC4}" = Catalyst Control Center Localization Swedish
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8247BD1D-C258-DBEE-3225-B9F0214763AB}" = CCC Help Japanese
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83E222CC-223F-BE8C-0C77-0CEBDC2F9B57}" = Acrobat.com
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92491D2C-D9E9-5FDD-64CD-82D5688872A9}" = Catalyst Control Center Localization Italian
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9EF77B2D-FF26-9237-BBAB-127110FD65CC}" = Catalyst Control Center Localization Portuguese
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{ACB08AF2-DFE9-C179-8BC9-E3209F3EBC28}" = CCC Help Chinese Traditional
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BB5F88FC-5D66-9316-0E48-E411941A8A74}" = Catalyst Control Center Graphics Previews Vista
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C17280C4-8BF2-946A-9C51-EEB2CD216D89}" = Catalyst Control Center Graphics Previews Common
"{C552184B-E4BE-479E-9A4A-6E51ED46ABE7}" = LiveUpload to Facebook
"{C5D85C24-A56B-6954-77F1-B25A4B4E7B52}" = CCC Help Spanish
"{C8C5CE76-860E-B5FA-27EA-C52C74DDBD2D}" = Catalyst Control Center Localization Finnish
"{CDCFA0B9-06DA-C47E-2CF1-37C5F25DF753}" = Catalyst Control Center InstallProxy
"{D071B7C5-07A2-D000-05B8-2DE6A63249D9}" = Catalyst Control Center Localization Norwegian
"{D2D3882A-3624-2963-EA08-27589DBCEF8A}" = CCC Help Norwegian
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E481DB0E-52F2-4EE0-9BDA-9EE173FA6EA2}" = Catalyst Control Center - Branding
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E8E8C42E-E817-C7DA-1A81-BFD8388B4014}" = CCC Help Swedish
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EFD537AE-0530-8887-DC9C-433E113547D7}" = Catalyst Control Center Localization Chinese Standard
"{F081ED08-77AE-8019-D554-904EF4F88FC1}" = CCC Help Chinese Standard
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F133ACD4-CFCF-BADD-4AC5-9408E2E7FD74}" = Catalyst Control Center Localization Dutch
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FB56BF24-6AB9-AC55-5B7A-D3657D2F4A38}" = Skins
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative Vado HD Codec" = Creative Vado HD Codec
"Dell Video Chat" = Dell Video Chat
"Dell Webcam Central" = Dell Webcam Central
"Diner Dash 2" = Diner Dash 2 (remove only)
"ERUNT_is1" = ERUNT 1.1j
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.2pre)" = Mozilla Firefox (3.6.2pre)
"myBabylon_English Toolbar" = myBabylon_English Toolbar
"PriceGong" = PriceGong 2.1.0
"TBSB07183.TBSB07183Toolbar" = Fast Browser Search (My Tattoons)
"TheFreeDictionarycom Toolbar" = TheFreeDictionarycom Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Mail Advisor" = Yahoo! Mail Advisor
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 04/06/2010 02:29:03 | Computer Name = linda-PC | Source = WinMgmt | ID = 10
Description =
Error - 04/06/2010 03:12:46 | Computer Name = linda-PC | Source = MsiInstaller | ID = 11606
Description =
Error - 04/06/2010 03:12:46 | Computer Name = linda-PC | Source = MsiInstaller | ID = 11606
Description =
Error - 04/06/2010 04:15:04 | Computer Name = linda-PC | Source = WinMgmt | ID = 10
Description =
Error - 04/06/2010 09:34:48 | Computer Name = linda-PC | Source = WinMgmt | ID = 10
Description =
Error - 04/06/2010 10:12:49 | Computer Name = linda-PC | Source = MsiInstaller | ID = 11606
Description =
Error - 04/06/2010 10:12:49 | Computer Name = linda-PC | Source = MsiInstaller | ID = 11606
Description =
Error - 04/06/2010 10:22:08 | Computer Name = linda-PC | Source = EventSystem | ID = 4621
Description =
Error - 04/06/2010 12:09:57 | Computer Name = linda-PC | Source = WinMgmt | ID = 10
Description =
Error - 04/06/2010 14:13:04 | Computer Name = linda-PC | Source = WinMgmt | ID = 10
Description =
[ Broadcom Wireless LAN Events ]
Error - 03/08/2010 15:24:37 | Computer Name = linda-PC | Source = WLAN-Tray | ID = 0
Description = Error - Error in creating key container - -2146893809 (Broadcom Wireless
Adapter Manager Container)
Error - 03/08/2010 15:24:54 | Computer Name = linda-PC | Source = WLAN-Tray | ID = 0
Description = 20:24:54, Tue, Aug 03, 10 Error - Error in creating key container -
-2146893809 (Broadcom Wireless Adapter Manager Container)
Error - 03/08/2010 15:24:54 | Computer Name = linda-PC | Source = WLAN-Tray | ID = 0
Description = 20:24:54, Tue, Aug 03, 10 Error - Unable to gain access to user store
Error - 03/08/2010 15:25:12 | Computer Name = linda-PC | Source = WLAN-Tray | ID = 0
Description = 20:25:12, Tue, Aug 03, 10 Error - Unable to get current user admin
status
Error - 03/08/2010 15:25:22 | Computer Name = linda-PC | Source = WLAN-Tray | ID = 0
Description = 20:25:22, Tue, Aug 03, 10 Error - Unable to get current user admin
status
Error - 04/08/2010 06:19:05 | Computer Name = linda-PC | Source = WLAN-Tray | ID = 0
Description = 11:19:05, Wed, Aug 04, 10 Error - Unable to get current user admin
status
Error - 04/08/2010 06:19:16 | Computer Name = linda-PC | Source = WLAN-Tray | ID = 0
Description = 11:19:16, Wed, Aug 04, 10 Error - Unable to get current user admin
status
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Hope you can help me!