This is thread two on getting rid of THINK POINT [Archive]

View Full Version : This is thread two on getting rid of THINK POINT

igy31

2011-01-10, 20:47

Post two?

here is the link to my first post, sotty it took so long to to get back to you, i was told about this site by a friend and thought it was to good to be true after four day i gave up.

but i'll play along here is my link to my first post: http://forums.spybot.info/showthread.php?p=392369#post392369

i did everthing that the post told me to do and here are the ruselts:

form: malware bytes:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5195

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

1/10/2011 11:42:06 AM
mbam-log-2011-01-10 (11-42-06).txt

Scan type: Quick scan
Objects scanned: 220566
Time elapsed: 6 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\Windows\System32\Iasv32.dll (Trojan.Agent) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ias (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hpsysdrv (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\hp\support\hpsysdrv.exe (Trojan.FakeAlert.H) -> Delete on reboot.
C:\Windows\System32\certstore.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\Iasv32.dll (Trojan.Agent) -> Delete on reboot.

From OLT

olt. text:
OTL logfile created on: 1/10/2011 11:49:51 AM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Ian Young\Saved Games\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 78.00% Memory free
16.00 Gb Paging File | 14.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.46 Gb Total Space | 346.49 Gb Free Space | 50.48% Space Free | Partition Type: NTFS
Drive D: | 12.18 Gb Total Space | 1.66 Gb Free Space | 13.66% Space Free | Partition Type: NTFS
Drive G: | 298.02 Gb Total Space | 139.02 Gb Free Space | 46.65% Space Free | Partition Type: FAT32
Drive N: | 970.13 Mb Total Space | 441.45 Mb Free Space | 45.50% Space Free | Partition Type: FAT

Computer Name: IANYOUNG-PC | User Name: Ian Young | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Ian Young\Saved Games\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Steam\steam.exe ()
PRC - C:\Program Files (x86)\DNA\btdna.exe ()
PRC - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe ()
PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe ()
PRC - C:\hp\KBD\KbdStub.EXE ()
PRC - C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe ()
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe ()
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\WhiteSmoke Translator\WSTrayDictMode.exe ()
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe ()
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\java.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
PRC - c:\hp\HPEZBTN\HPBtnSrv.exe ()

========== Modules (SafeList) ==========

MOD - C:\Users\Ian Young\Saved Games\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\audition.dll ()
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\WhiteSmoke Translator\WHook.dll (Deskperience)

========== Win32 Services (SafeList) ==========

SRV:[b]64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (dlbt_device) -- C:\Windows\SysNative\dlbtcoms.exe ( )
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SupportSoft RemoteAssist) -- C:\Program Files (x86)\Common Files\Supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (nmservice) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Cisco Systems, Inc.)
SRV - (LinksysUpdater) -- C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (HPBtnSrv) -- c:\hp\HPEZBTN\HPBtnSrv.exe ()

========== Driver Services (SafeList) ==========

DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\DRIVERS\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (acedrv11) -- C:\Windows\SysNative\drivers\acedrv11.sys (Protect Software GmbH)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (purendis) -- C:\Windows\SysNative\DRIVERS\purendis.sys (Cisco Systems, Inc.)
DRV:64bit: - (pnarp) -- C:\Windows\SysNative\DRIVERS\pnarp.sys (Cisco Systems, Inc.)
DRV:64bit: - (HCW85BDA) -- C:\Windows\SysNative\drivers\HCW85BDA.sys (Hauppauge Computer Works)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\DRIVERS\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation )
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (MREMP50) -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Pavilion&pf=cndt
IE - HKLM\..\URLSearchHook: {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\tbFre0.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Pavilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "FreeOnlineRadioPlayerRecorder Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://forums.spybot.info/showthread.php?t=288"
FF - prefs.js..extensions.enabledItems: {f999a48b-1950-4d81-9971-79018f807b4b}:2.7.2.0
FF - prefs.js..extensions.enabledItems: searchtoolbar@zugo.com:1.2
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1
FF - prefs.js..extensions.enabledItems: {B3CFF1CD-9E08-47F7-8F3D-4E2049E3845B}:1.9.1
FF - prefs.js..extensions.enabledItems: {9727A106-0AB1-4EFA-955D-4DE0558A883B}:1.9.1

FF - HKLM\software\mozilla\Firefox\Extensions\\{B3CFF1CD-9E08-47F7-8F3D-4E2049E3845B}: C:\Windows\system32\config\systemprofile\AppData\Local\{B3CFF1CD-9E08-47F7-8F3D-4E2049E3845B}\ [2010/11/10 19:03:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{9727A106-0AB1-4EFA-955D-4DE0558A883B}: C:\Users\Ian Young\AppData\Local\{9727A106-0AB1-4EFA-955D-4DE0558A883B} [2010/11/10 19:13:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/09/30 11:19:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/09/30 11:19:47 | 000,000,000 | ---D | M]

[2010/06/05 17:55:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ian Young\AppData\Roaming\Mozilla\Extensions
[2010/06/05 17:55:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ian Young\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/11/26 18:55:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ian Young\AppData\Roaming\Mozilla\Firefox\Profiles\ocaw0gfp.default\extensions
[2010/06/07 09:55:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ian Young\AppData\Roaming\Mozilla\Firefox\Profiles\ocaw0gfp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/18 13:29:18 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\Ian Young\AppData\Roaming\Mozilla\Firefox\Profiles\ocaw0gfp.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2010/08/27 13:16:27 | 000,000,000 | ---D | M] (FreeOnlineRadioPlayerRecorder Toolbar) -- C:\Users\Ian Young\AppData\Roaming\Mozilla\Firefox\Profiles\ocaw0gfp.default\extensions\{f999a48b-1950-4d81-9971-79018f807b4b}
[2010/11/20 17:16:53 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Ian Young\AppData\Roaming\Mozilla\Firefox\Profiles\ocaw0gfp.default\extensions\searchtoolbar@zugo.com
[2010/07/08 20:15:56 | 000,002,425 | ---- | M] () -- C:\Users\Ian Young\AppData\Roaming\Mozilla\Firefox\Profiles\ocaw0gfp.default\searchplugins\askcom.xml
[2010/09/14 06:41:12 | 000,002,506 | ---- | M] () -- C:\Users\Ian Young\AppData\Roaming\Mozilla\Firefox\Profiles\ocaw0gfp.default\searchplugins\BearShareWebSearch.xml
[2010/11/20 17:16:53 | 000,001,919 | ---- | M] () -- C:\Users\Ian Young\AppData\Roaming\Mozilla\Firefox\Profiles\ocaw0gfp.default\searchplugins\bing-zugo.xml
[2010/08/11 10:56:22 | 000,000,961 | ---- | M] () -- C:\Users\Ian Young\AppData\Roaming\Mozilla\Firefox\Profiles\ocaw0gfp.default\searchplugins\conduit.xml
[2010/09/23 11:22:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/10 19:13:37 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\IAN YOUNG\APPDATA\LOCAL\{9727A106-0AB1-4EFA-955D-4DE0558A883B}
[2010/11/10 19:03:00 | 000,000,000 | ---D | M] (XULRunner) -- C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\{B3CFF1CD-9E08-47F7-8F3D-4E2049E3845B}
[2010/09/14 06:41:12 | 000,002,506 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2011/01/10 11:41:14 | 000,001,919 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing-zugo.xml

O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files (x86)\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O2 - BHO: (WhiteSmoke Toolbar) - {52794457-af6c-4c50-9def-f2e24f4c8889} - C:\Program Files (x86)\whitesmoketoolbar\whitesmoketoolbarX.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\tbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files (x86)\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O3 - HKLM\..\Toolbar: (WhiteSmoke Toolbar) - {52794457-af6c-4c50-9def-f2e24f4c8889} - C:\Program Files (x86)\whitesmoketoolbar\whitesmoketoolbarX.dll ()
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\tbFre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (FreeOnlineRadioPlayerRecorder Toolbar) - {F999A48B-1950-4D81-9971-79018F807B4B} - C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder\tbFre0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe ()
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe ()
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.EXE ()
O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre1.6.0_03\bin\jusched.exe ()
O4 - HKCU..\Run: [AROReminder] C:\Program Files (x86)\Advanced Registry Optimizer\ARO.exe (Sammsoft)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files (x86)\DNA\btdna.exe ()
O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe ()
O4 - HKCU..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64; Trident\4.0; File not found
O4 - Startup: C:\Users\Ian Young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo2.walgreens.com/WalgreensActivia.cab (Snapfish Activia)
O16 - DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} http://photos1.walmart.com/WalmartActivia3.cab (Snapfish Activia3)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553512000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Ian Young\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Ian Young\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/18 10:37:12 | 000,000,069 | RH-- | M] () - G:\AUTORUN.FCB -- [ FAT32 ]
O32 - AutoRun File - [2008/01/22 19:40:38 | 000,000,090 | ---- | M] () - G:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{0cb12bdb-bd6f-11dd-8035-806e6f6e6963}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- [2004/08/04 00:56:58 | 000,028,672 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setupSNK.exe -- [2004/08/04 00:56:58 | 000,028,672 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: Logotvol - (C:\Windows\system32\audition.dll) - C:\Windows\SysWOW64\audition.dll ()
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/10 11:48:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ian Young\Saved Games\Desktop\OTL.exe
[2011/01/10 11:41:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\whitesmoketoolbar
[2011/01/01 23:31:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteSmoke Translator
[2011/01/01 23:31:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhiteSmoke Translator
[2011/01/01 23:23:59 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/01/01 23:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/01/01 23:23:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011/01/01 23:22:50 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Ian Young\Saved Games\Desktop\erunt-setup.exe
[2011/01/01 23:03:22 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/01/01 23:03:22 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/01/01 23:03:22 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/01/01 23:03:21 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2011/01/01 23:03:21 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2011/01/01 23:03:21 | 000,048,128 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/01/01 23:03:17 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2011/01/01 23:03:00 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/01/01 23:02:59 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/01/01 23:02:59 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/01/01 23:02:59 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/01/01 23:02:59 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/01/01 23:02:59 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/01/01 23:02:59 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/01/01 23:02:59 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/01/01 23:02:59 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/01/01 23:02:59 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/01/01 23:02:59 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/01/01 23:02:59 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/01/01 23:02:59 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/01/01 23:02:59 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/01/01 23:02:59 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/01/01 23:02:59 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/01/01 23:02:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/01/01 23:02:59 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/01/01 23:02:59 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/01/01 23:02:59 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/01/01 23:02:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/01/01 23:02:59 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/01/01 23:02:59 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/01/01 23:02:59 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/01/01 23:02:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/01/01 23:02:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/01/01 23:02:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/01/01 23:02:59 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/01/01 23:02:44 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2011/01/01 23:02:44 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2011/01/01 23:02:44 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2011/01/01 23:02:44 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2011/01/01 23:02:44 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2011/01/01 23:02:44 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2009/03/16 13:36:16 | 001,691,464 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2009/03/16 13:35:46 | 000,525,128 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
[2009/03/16 13:35:34 | 000,094,024 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/10 11:53:39 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/01/10 11:53:39 | 000,604,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/01/10 11:53:39 | 000,103,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/01/10 11:49:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ian Young\Saved Games\Desktop\OTL.exe
[2011/01/10 11:45:57 | 000,001,344 | ---- | M] () -- C:\Users\Ian Young\Saved Games\Desktop\Clean Registry for Free!.lnk
[2011/01/10 11:45:47 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/10 11:45:47 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/10 11:45:47 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/10 11:45:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/10 11:41:18 | 000,001,797 | ---- | M] () -- C:\Users\Public\Desktop\Launch WhiteSmoke Translator.lnk
[2011/01/10 11:30:32 | 000,000,112 | ---- | M] () -- C:\ProgramData\6WODEbKw.dat
[2011/01/10 11:29:09 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2B569909-EA70-4117-81A1-F0AA99D8121D}.job
[2011/01/02 10:13:29 | 000,397,800 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/01/01 23:31:48 | 000,001,909 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launch Whitesmoke Translator.lnk
[2011/01/01 23:31:48 | 000,001,328 | ---- | M] () -- C:\Users\Public\Desktop\Buy Whitesmoke Translator.lnk
[2011/01/01 23:23:23 | 000,000,945 | ---- | M] () -- C:\Users\Ian Young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/01/01 23:22:56 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Ian Young\Saved Games\Desktop\erunt-setup.exe
[2011/01/01 23:17:26 | 000,002,607 | ---- | M] () -- C:\Users\Ian Young\Saved Games\Desktop\ian's Attach text.zip
[2011/01/01 23:05:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/01 22:58:25 | 000,624,128 | ---- | M] () -- C:\Users\Ian Young\Saved Games\Desktop\dds.scr
[2011/01/01 22:51:28 | 000,293,144 | ---- | M] () -- C:\Users\Ian Young\Saved Games\Desktop\SoftonicDownloader_for_erunt.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/10 11:30:32 | 000,000,112 | ---- | C] () -- C:\ProgramData\6WODEbKw.dat
[2011/01/01 23:31:48 | 000,001,909 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launch Whitesmoke Translator.lnk
[2011/01/01 23:31:48 | 000,001,328 | ---- | C] () -- C:\Users\Public\Desktop\Buy Whitesmoke Translator.lnk
[2011/01/01 23:31:47 | 000,001,797 | ---- | C] () -- C:\Users\Public\Desktop\Launch WhiteSmoke Translator.lnk
[2011/01/01 23:23:23 | 000,000,945 | ---- | C] () -- C:\Users\Ian Young\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/01/01 23:17:26 | 000,002,607 | ---- | C] () -- C:\Users\Ian Young\Saved Games\Desktop\ian's Attach text.zip
[2011/01/01 22:58:19 | 000,624,128 | ---- | C] () -- C:\Users\Ian Young\Saved Games\Desktop\dds.scr
[2011/01/01 22:50:56 | 000,293,144 | ---- | C] () -- C:\Users\Ian Young\Saved Games\Desktop\SoftonicDownloader_for_erunt.exe
[2010/11/26 10:31:17 | 000,000,010 | ---- | C] () -- C:\Users\Ian Young\AppData\Roaming\install
[2010/11/26 08:40:03 | 000,000,218 | ---- | C] () -- C:\Users\Ian Young\AppData\Roaming\sdhkryu.bat
[2010/11/22 17:45:42 | 000,049,664 | -H-- | C] () -- C:\Windows\SysWow64\audition.dll
[2010/11/11 13:26:11 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\FastUv32.dll
[2010/11/11 09:15:41 | 000,000,120 | ---- | C] () -- C:\Users\Ian Young\AppData\Local\Cricoxut.dat
[2010/11/11 09:15:41 | 000,000,000 | ---- | C] () -- C:\Users\Ian Young\AppData\Local\Cmetuxeg.bin
[2010/09/18 14:45:43 | 000,424,616 | ---- | C] () -- C:\Users\Ian Young\AppData\Local\dd_vcredistMSI271D.txt
[2010/09/18 14:45:43 | 000,011,410 | ---- | C] () -- C:\Users\Ian Young\AppData\Local\dd_vcredistUI271D.txt
[2010/01/02 14:18:23 | 000,000,270 | ---- | C] () -- C:\Windows\game.ini
[2009/12/08 16:55:04 | 018,030,130 | ---- | C] () -- C:\ProgramData\vlc-1.0.3-win32.exe
[2009/08/19 13:38:11 | 018,015,723 | ---- | C] () -- C:\ProgramData\vlc-1.0.1-win32.exe
[2009/07/20 15:27:56 | 017,828,326 | ---- | C] () -- C:\ProgramData\vlc-1.0.0-win32.exe
[2009/06/19 22:45:40 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2009/06/16 13:58:59 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/06/16 13:58:03 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/03/16 13:36:48 | 013,264,160 | ---- | C] () -- C:\Program Files\dxnt.cab
[2009/03/16 13:36:48 | 004,162,622 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[2009/03/16 13:36:48 | 001,973,694 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x64.cab
[2009/03/16 13:36:48 | 001,906,870 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab
[2009/03/16 13:36:48 | 001,800,152 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab
[2009/03/16 13:36:48 | 001,794,076 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab
[2009/03/16 13:36:46 | 001,802,050 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab
[2009/03/16 13:36:46 | 001,792,600 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab
[2009/03/16 13:36:46 | 001,769,854 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab
[2009/03/16 13:36:44 | 001,709,352 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab
[2009/03/16 13:36:44 | 001,155,483 | ---- | C] () -- C:\Program Files\BDANT.cab
[2009/03/16 13:36:44 | 001,115,221 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
[2009/03/16 13:36:44 | 001,084,712 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab
[2009/03/16 13:36:42 | 001,350,534 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2009/03/16 13:36:42 | 001,127,209 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab
[2009/03/16 13:36:42 | 001,079,456 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2009/03/16 13:36:42 | 001,078,954 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2009/03/16 13:36:42 | 001,077,644 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2009/03/16 13:36:42 | 001,067,160 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x64.cab
[2009/03/16 13:36:42 | 001,064,917 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2009/03/16 13:36:42 | 001,040,745 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x86.cab
[2009/03/16 13:36:42 | 001,013,217 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2009/03/16 13:36:42 | 000,994,146 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab
[2009/03/16 13:36:40 | 001,607,766 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab
[2009/03/16 13:36:40 | 001,607,286 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab
[2009/03/16 13:36:40 | 001,347,346 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2009/03/16 13:36:38 | 001,708,144 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab
[2009/03/16 13:36:38 | 001,612,446 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x86.cab
[2009/03/16 13:36:38 | 001,607,358 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
[2009/03/16 13:36:38 | 001,606,039 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
[2009/03/16 13:36:38 | 001,574,376 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab
[2009/03/16 13:36:38 | 001,571,154 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab
[2009/03/16 13:36:38 | 001,550,796 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab
[2009/03/16 13:36:38 | 001,464,664 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab
[2009/03/16 13:36:38 | 001,463,878 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab
[2009/03/16 13:36:38 | 001,443,282 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab
[2009/03/16 13:36:38 | 001,412,894 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab
[2009/03/16 13:36:38 | 001,397,830 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
[2009/03/16 13:36:38 | 001,362,788 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab
[2009/03/16 13:36:38 | 001,357,976 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2009/03/16 13:36:38 | 001,335,994 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2009/03/16 13:36:38 | 001,247,499 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2009/03/16 13:36:38 | 000,975,148 | ---- | C] () -- C:\Program Files\BDAXP.cab
[2009/03/16 13:36:38 | 000,965,413 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab
[2009/03/16 13:36:38 | 000,916,422 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
[2009/03/16 13:36:38 | 000,867,828 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab
[2009/03/16 13:36:38 | 000,867,604 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab
[2009/03/16 13:36:36 | 000,864,592 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab
[2009/03/16 13:36:36 | 000,852,278 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab
[2009/03/16 13:36:36 | 000,849,919 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab
[2009/03/16 13:36:36 | 000,849,159 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab
[2009/03/16 13:36:34 | 000,844,884 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab
[2009/03/16 13:36:34 | 000,818,252 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab
[2009/03/16 13:36:34 | 000,803,884 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab
[2009/03/16 13:36:34 | 000,796,859 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab
[2009/03/16 13:36:34 | 000,698,612 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
[2009/03/16 13:36:34 | 000,698,472 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab
[2009/03/16 13:36:34 | 000,273,990 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab
[2009/03/16 13:36:32 | 000,699,036 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab
[2009/03/16 13:36:32 | 000,695,857 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
[2009/03/16 13:36:32 | 000,273,203 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab
[2009/03/16 13:36:32 | 000,271,360 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab
[2009/03/16 13:36:32 | 000,269,842 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab
[2009/03/16 13:36:32 | 000,269,620 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab
[2009/03/16 13:36:32 | 000,269,016 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab
[2009/03/16 13:36:30 | 000,275,036 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x64.cab
[2009/03/16 13:36:30 | 000,273,010 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x86.cab
[2009/03/16 13:36:30 | 000,251,194 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab
[2009/03/16 13:36:30 | 000,226,242 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab
[2009/03/16 13:36:30 | 000,212,799 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab
[2009/03/16 13:36:30 | 000,191,720 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab
[2009/03/16 13:36:28 | 000,198,088 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab
[2009/03/16 13:36:28 | 000,197,122 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab
[2009/03/16 13:36:28 | 000,196,754 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab
[2009/03/16 13:36:28 | 000,182,361 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab
[2009/03/16 13:36:28 | 000,180,777 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab
[2009/03/16 13:36:28 | 000,179,125 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
[2009/03/16 13:36:28 | 000,178,351 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab
[2009/03/16 13:36:26 | 000,195,758 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab
[2009/03/16 13:36:26 | 000,194,675 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab
[2009/03/16 13:36:26 | 000,192,475 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab
[2009/03/16 13:36:26 | 000,182,895 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab
[2009/03/16 13:36:26 | 000,151,225 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab
[2009/03/16 13:36:24 | 000,153,004 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab
[2009/03/16 13:36:24 | 000,152,909 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab
[2009/03/16 13:36:24 | 000,147,975 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab
[2009/03/16 13:36:22 | 000,148,264 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab
[2009/03/16 13:36:22 | 000,145,591 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab
[2009/03/16 13:36:22 | 000,138,017 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab
[2009/03/16 13:36:22 | 000,137,227 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab
[2009/03/16 13:36:20 | 000,133,663 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab
[2009/03/16 13:36:20 | 000,133,095 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
[2009/03/16 13:36:20 | 000,132,409 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab
[2009/03/16 13:36:20 | 000,122,328 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab
[2009/03/16 13:36:20 | 000,121,824 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab
[2009/03/16 13:36:20 | 000,121,746 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab
[2009/03/16 13:36:20 | 000,121,498 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x64.cab
[2009/03/16 13:36:20 | 000,121,046 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab
[2009/03/16 13:36:20 | 000,096,817 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab
[2009/03/16 13:36:20 | 000,093,726 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab
[2009/03/16 13:36:20 | 000,093,120 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab
[2009/03/16 13:36:20 | 000,093,004 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab
[2009/03/16 13:36:18 | 000,095,296 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2009/03/16 13:36:18 | 000,092,688 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab
[2009/03/16 13:36:16 | 000,092,732 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x86.cab
[2009/03/16 13:36:16 | 000,087,134 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab
[2009/03/16 13:36:16 | 000,087,093 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
[2009/03/16 13:36:16 | 000,086,029 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2009/03/16 13:36:14 | 000,055,154 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab
[2009/03/16 13:36:14 | 000,055,058 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab
[2009/03/16 13:36:14 | 000,053,302 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab
[2009/03/16 13:36:12 | 000,055,110 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab
[2009/03/16 13:36:12 | 000,054,592 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x64.cab
[2009/03/16 13:36:12 | 000,046,144 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab
[2009/03/16 13:36:12 | 000,046,050 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab
[2009/03/16 13:36:12 | 000,046,002 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
[2009/03/16 13:36:12 | 000,045,359 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2009/03/16 13:36:12 | 000,044,444 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2009/03/16 13:36:12 | 000,021,897 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab
[2009/03/16 13:36:12 | 000,021,867 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab
[2009/03/16 13:36:12 | 000,021,836 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab
[2009/03/16 13:36:12 | 000,018,488 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab
[2009/03/16 13:36:10 | 000,021,298 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x86.cab
[2009/01/07 18:32:32 | 000,000,680 | ---- | C] () -- C:\Users\Ian Young\AppData\Local\d3d9caps.dat
[2009/01/07 18:31:34 | 000,000,732 | ---- | C] () -- C:\Users\Ian Young\AppData\Local\d3d9caps64.dat
[2008/11/28 14:46:17 | 000,159,744 | ---- | C] () -- C:\Users\Ian Young\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/08 02:06:35 | 000,007,662 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/08/08 01:43:58 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008/08/08 01:43:58 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008/01/20 20:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/07/23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007/07/23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007/07/23 08:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007/07/23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007/07/23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007/07/23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007/07/23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007/07/23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007/07/23 08:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2007/04/27 08:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll

========== LOP Check ==========

[2010/11/08 14:56:37 | 000,000,000 | -HSD | M] -- C:\Users\Ian Young\AppData\Roaming\.#
[2010/08/26 09:23:26 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\Amazon
[2010/01/02 13:52:08 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\Azureus
[2008/11/30 19:23:14 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\BitTorrent
[2010/01/02 12:15:25 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\BitZipper
[2011/01/10 11:48:06 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\DNA
[2010/08/27 16:16:01 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\Free Audio Editor
[2009/07/08 07:05:33 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\IWeb Project
[2010/09/18 14:50:18 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\MAGIX
[2010/03/24 11:35:36 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\McGraw-HillLicensing
[2009/10/18 17:48:58 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\Mount&Blade
[2010/03/24 11:35:47 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\ProtectDisc
[2009/05/31 22:01:50 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\Sammsoft
[2009/05/04 12:48:33 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\Snapfish
[2010/10/31 14:26:46 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\Wal-Mart
[2009/03/23 21:54:01 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\WeatherBug
[2011/01/02 10:14:50 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\WhiteSmokeTranslator
[2008/11/28 15:24:44 | 000,000,000 | ---D | M] -- C:\Users\Ian Young\AppData\Roaming\WildTangent
[2011/01/10 11:43:28 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/11/26 03:00:00 | 000,000,350 | ---- | M] () -- C:\Windows\Tasks\Statistics (Fall 2008 Student Version) Updates.job
[2011/01/10 11:29:09 | 000,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2B569909-EA70-4117-81A1-F0AA99D8121D}.job

========== Purity Check ==========

< End of report >

igy31

2011-01-10, 20:48

from Extras.tex

OTL Extras logfile created on: 1/10/2011 11:49:51 AM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Ian Young\Saved Games\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 78.00% Memory free
16.00 Gb Paging File | 14.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.46 Gb Total Space | 346.49 Gb Free Space | 50.48% Space Free | Partition Type: NTFS
Drive D: | 12.18 Gb Total Space | 1.66 Gb Free Space | 13.66% Space Free | Partition Type: NTFS
Drive G: | 298.02 Gb Total Space | 139.02 Gb Free Space | 46.65% Space Free | Partition Type: FAT32
Drive N: | 970.13 Mb Total Space | 441.45 Mb Free Space | 45.50% Space Free | Partition Type: FAT

Computer Name: IANYOUNG-PC | User Name: Ian Young | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[b]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 88 C9 D0 0A BF EE C9 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016FF4C3-5794-4B16-B290-4F966FFD3F88}" = rport=138 | protocol=17 | dir=out | app=system |
"{107F847D-DCC6-4A3D-A0EA-6BD002F202C6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1DA21D4F-F069-4B76-81CC-0D3C46ADFA3A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{221C67ED-7101-4355-B947-8D95318A698D}" = lport=445 | protocol=6 | dir=in | app=system |
"{3CA6E193-648D-45FF-83EB-91318BE7FA75}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5807F806-7C9E-46F0-BBFC-54BCDFB08AB6}" = rport=139 | protocol=6 | dir=out | app=system |
"{5820C357-DD46-4E9A-9D1B-23B06080DA1D}" = lport=137 | protocol=17 | dir=in | app=system |
"{666A9A33-C416-494C-8FE8-646B3D3E87EE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6788A265-8CF4-4DFF-B8B4-ACA4850AB7B8}" = lport=138 | protocol=17 | dir=in | app=system |
"{931868EE-CCB0-47C9-884F-6C70AFB8EC9A}" = rport=445 | protocol=6 | dir=out | app=system |
"{A71E70EB-A588-4EB6-A44B-027737126C77}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B8486FA2-AFA0-4540-8A74-A039F7170498}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B9B8A7A1-292A-4BA2-9607-4C124A9AF993}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BC08AA93-FAA1-4E08-87E4-A4628FF48969}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DD0E78BC-0E53-4DCD-9F80-0D164DF28770}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{EF32C9AD-13CF-4554-8119-43683330D338}" = lport=139 | protocol=6 | dir=in | app=system |
"{F8BF7ABF-1F2A-49C7-B6EA-DDD53CBC6111}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F8CD703A-A234-456A-9C2A-49B8EE498613}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A47043-4943-461D-94D5-E11B0CB2E8A6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0F590DD7-8AF4-4562-ABD1-1AA47A3D96DA}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{1204EF77-9698-4C97-BBA1-6B02C9B84103}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{15E7F984-88DA-41F0-8999-C678D2E6320D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{162981DD-5101-462E-B8C8-B479551642A9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{173F98DA-D162-4673-B3F0-046967156BC7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{1A69B91E-D66A-4535-8452-129739695273}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{1D3D4FEB-DA46-46E5-BBC1-2A9F625D462C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{1E2ABA7C-9570-44FF-9D8F-1C167AC87EBC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{1F80F3E2-4378-4631-AB00-CFA31F323078}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{2BCF466A-289F-4C73-80CC-A4B4080F74CE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{2D07D91F-D174-4F95-9585-62477BAC97DB}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{32BD2553-B574-4A67-BE08-BFC427D525A1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age orgins character creator\daoriginslauncher.exe |
"{3D2CF8A8-2CA2-40F9-96B7-7A86C76AF707}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{497B8129-7BDE-4805-AEB5-D8A023A0213D}" = protocol=17 | dir=in | app=c:\windows\system32\dlbtcoms.exe |
"{4BEFB8AA-ABD5-4EED-9849-5864C7CC7FF1}" = protocol=6 | dir=in | app=c:\windows\system32\dlbtcoms.exe |
"{4FBF6BE6-A554-427D-B90E-A22CECFF72B7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loki demo 2\loki.exe |
"{50EBE299-AC51-4B25-B548-E8CF90AF90B4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{5141C360-F614-435D-8311-6A17393FAC8D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loki demo\loki.exe |
"{53E9CB9E-0B17-4FB2-8AA3-79625EF5B8B3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\dungeon siege 2\dungeonsiege2.exe |
"{53FE8A53-8A59-4719-84C2-A15A464EA1BD}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{5A8C6B83-C4FA-4E44-8ADA-EC80264DEFAA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragon age orgins character creator\daoriginslauncher.exe |
"{5CBC2F36-B510-4215-9B3D-32C56D2A0B83}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{5D2706B2-8B93-4E37-B1C7-32D648C70B31}" = protocol=17 | dir=in | app=c:\program files (x86)\reality pump\two worlds\twoworlds_radeon.exe |
"{63C97DC5-6E11-4B55-B65F-717FFCDE9251}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{6AD87479-16E0-4352-B1AA-1D01EF4CFE67}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loki demo\loki.exe |
"{74F2FCAC-B93E-451D-88AB-C84A43D23905}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{75217FB1-A7A1-419F-95D1-8F03D6CFEA3E}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{7FF6ED4F-8E2C-4382-9B6F-45EFD301B18C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{80CC38EF-40B0-4AD4-8C66-63C608D56852}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{849D82D5-77D9-49D8-A03A-034DF9D5D78E}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{8CEA802D-72CA-4FDE-8D89-A36912EC4B2A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{8EE849FF-4E19-49F9-A330-D62199BA6E9A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{8FA9AA8F-DFA4-4492-9A12-330BE7D1932F}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{90EEDFAF-11C3-47FC-9DA2-6BC589F2C8BD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{9A5C9F16-DC9C-4E2C-AC98-4FA0FA2AC1B2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{9A6061F6-D2D4-4D06-B4F7-87000B6FC29A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\risen - demo\bin\risen.exe |
"{9E28FEB8-A560-4F53-8C57-D0D6F5F18807}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\dungeon siege 2\dungeonsiege2.exe |
"{A36A728F-A0AD-48CE-9C00-61013592B051}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{A43048DD-C8D6-48A4-B361-DF3A2146C4E7}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{A9C37C3B-7234-49C6-8D65-57088B8EF38C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{AABFDFB1-080A-4A8F-A943-53005838E64C}" = protocol=17 | dir=in | app=c:\program files (x86)\reality pump\two worlds\twoworlds.exe |
"{AB95907C-3DF3-4192-BD3C-57D9494372AE}" = protocol=6 | dir=in | app=c:\program files (x86)\reality pump\two worlds\twoworlds_radeon.exe |
"{AEE50DB7-B0E3-4068-BF09-915F4320E697}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{B0514AEA-0311-418A-B8EA-629B7C7511DC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B15F89D7-EB5D-40D9-A8F1-BBF1945A2C74}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B1E22221-C13E-4B97-9674-BD809E1ECA5F}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{B239E302-AED0-4A0A-87EE-F21CD5FA72CF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\loki demo 2\loki.exe |
"{B4C7393F-FBCA-497A-9258-7ECDC556B779}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\risen - demo\bin\risen.exe |
"{B6ADDAEF-DFB6-412F-B3B4-2D764EF43A80}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{B86F2676-AA4F-4011-8733-61A53A099381}" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{BB30348D-CDE4-442F-962E-DE66D1FFDE30}" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{BC07DFB7-F20F-4943-AEF0-166A0E358F0B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BCA8028D-F8E8-4249-9388-152111895EC3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{D694CC36-EC0F-4398-A454-1F8F32C97099}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{D911211E-D635-41AC-87D5-91205CF39159}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"{DD2F21D0-A9AF-4D4E-B780-E2494028D593}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{E5841305-3B7D-4232-8169-CD246CE6B919}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{E6D7AC62-97BE-4C4A-8385-011836E7119E}" = protocol=6 | dir=in | app=c:\program files (x86)\reality pump\two worlds\twoworlds.exe |
"{E951A620-1B2B-4181-A82C-9C9CEFF69031}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{FC56457D-E4CD-4718-94FC-FEBEA2425F2F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead\left4dead.exe |
"TCP Query User{3A5CB8DA-D62E-4FE7-A714-2181927C84AB}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{43072628-AB23-4117-9FD3-84B97B0A9CFB}C:\program files (x86)\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"TCP Query User{459A85DC-76C7-4D5F-8E25-C568EF56FD1A}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{4F2E831B-6DF6-4715-8AFA-72E86EBED35F}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{5E9176B5-1AFD-4F01-AA52-BA6CD3151156}C:\users\ian young\saved games\desktop\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:\users\ian young\saved games\desktop\left 4 dead\left4dead.exe |
"TCP Query User{7C2471DE-1DB3-4DC9-986C-913BFB26A490}C:\program files (x86)\codemasters\rise of the argonauts\binaries\riseoftheargonauts.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\rise of the argonauts\binaries\riseoftheargonauts.exe |
"TCP Query User{7D1C9FB7-0D16-4A95-86D0-C35789B633B9}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{88D38CA4-47AC-4EF2-851C-3E94E2D69627}C:\users\ian young\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\ian young\program files (x86)\dna\btdna.exe |
"TCP Query User{ADE720A7-8974-439A-8235-035C0CF0002B}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{B033BF8B-047A-4BF6-B1A5-F019C2FBBAB2}C:\users\ian young\saved games\desktop\stronghold crusader extreme\stronghold crusader.exe" = protocol=6 | dir=in | app=c:\users\ian young\saved games\desktop\stronghold crusader extreme\stronghold crusader.exe |
"TCP Query User{BFBB28FF-3BE1-4AA5-A2AE-3A97EE84A6C9}C:\program files (x86)\reality pump\two worlds\twoworlds.exe" = protocol=6 | dir=in | app=c:\program files (x86)\reality pump\two worlds\twoworlds.exe |
"TCP Query User{BFDAAD23-3A06-4200-932B-43507F3960BB}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"TCP Query User{CBC3BA44-02C4-44F0-99F7-4836A6D8459D}C:\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"TCP Query User{DDE0156C-D353-4E7B-B021-BEC2BC3EFF9F}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{E3926D87-A216-446D-8034-58530312FB5B}C:\users\ian young\saved games\desktop\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=c:\users\ian young\saved games\desktop\left 4 dead\left4dead.exe |
"TCP Query User{FCCE47BE-BCE7-4C50-810A-D3C2370473E4}C:\program files (x86)\codemasters\rise of the argonauts\binaries\riseoftheargonauts.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\rise of the argonauts\binaries\riseoftheargonauts.exe |
"UDP Query User{0346B781-9A59-4AED-AA4F-6416D5C05963}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{148F41CC-5271-4ABD-8038-5150A7104807}C:\users\ian young\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\ian young\program files (x86)\dna\btdna.exe |
"UDP Query User{14E3AC41-743C-493E-A8CB-34B4D58BBE45}C:\users\ian young\saved games\desktop\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:\users\ian young\saved games\desktop\left 4 dead\left4dead.exe |
"UDP Query User{1D3DD8D1-2F7C-456A-9373-AB82B8D41D67}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{299C6C3C-4AD3-4BE8-B799-800AAC82DDDF}C:\program files (x86)\codemasters\rise of the argonauts\binaries\riseoftheargonauts.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\rise of the argonauts\binaries\riseoftheargonauts.exe |
"UDP Query User{4A7F2FE2-7AFE-44BD-986E-947AE79581DB}C:\users\ian young\saved games\desktop\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=c:\users\ian young\saved games\desktop\left 4 dead\left4dead.exe |
"UDP Query User{4AC63030-16C4-44EE-B8F2-D9D925DA89F0}C:\program files (x86)\codemasters\rise of the argonauts\binaries\riseoftheargonauts.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\rise of the argonauts\binaries\riseoftheargonauts.exe |
"UDP Query User{54F161E2-1714-48B8-94FD-1C332349E33A}C:\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"UDP Query User{83A1BA90-E98A-48EE-9936-50B34E57AC0D}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{83D0577C-1959-4319-B328-67DFBB7FD979}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{8F1E8F71-B37D-4FB5-ACBC-BB1E567C1020}C:\users\ian young\saved games\desktop\stronghold crusader extreme\stronghold crusader.exe" = protocol=17 | dir=in | app=c:\users\ian young\saved games\desktop\stronghold crusader extreme\stronghold crusader.exe |
"UDP Query User{9445B134-8D2B-431D-91E4-B2D99E4333C5}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"UDP Query User{D69B932B-6328-4396-9018-4E7B4BC41EA9}C:\program files (x86)\reality pump\two worlds\twoworlds.exe" = protocol=17 | dir=in | app=c:\program files (x86)\reality pump\two worlds\twoworlds.exe |
"UDP Query User{F7E1F3D1-E234-4FD3-8A26-CEF1C815DB0F}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{FBBA91D6-4AF2-4D6D-ABD6-3F6053D4E29C}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{FE998A6A-8841-40FA-B4AB-4EC8D9A9A294}C:\program files (x86)\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0167F157-DAB9-46b0-86C4-7C66DDA85B48}" = HP Deskjet F4400 All-In-One Driver Software 12.0 Rel .5
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{2BEA2CD8-1A5D-4ADC-B000-C2A3207A6FCD}" = MobileMe Control Panel
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{A800FCC9-8E1E-4D84-9CED-47870701FDE1}" = HP Deskjet F4400 Printer Driver 14.0 Rel. 5
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Microsoft Office Home and Student 60 day trial

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{1ADB7BF5-F8EB-4F76-98FD-65A7FFBEAECE}" = Whitesmoke Translator
"{1D601240-1E3C-11DE-8C30-0800200C9A66}" = Walmart Photo Manager
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2BA09774-34F7-4A06-8C7E-B69E44CB9EB0}" = DriverBoost
"{2DFF2906-52BB-4222-8062-1509259FC013}" = GUN (TM)
"{305D4B08-5807-4475-B1C8-D54685534864}" = LightScribeTemplateLabeler
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{5F624839-947D-46EA-BD63-FD847C1AC6F1}" = BearShare
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70DECFBF-9119-4434-B2D3-A3C283D15E45}" = WeatherBug
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84B7F740-F050-4BE4-A61F-40D7CCDD9A70}" = Statistics
"{86170243-41F2-4B2E-9BD6-2F404B2C8E46}" = TWC Customer Controls
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink Wireless LAN
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93089416-6549-44C6-99B1-B3B192902FBD}" = MAGIX Music Maker 16
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A563C4F4-BE36-4956-BA0B-E02BDD9F70D5}" = Dungeon Siege 2 Broken World
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A835C187-691C-4827-BCEA-1611179C96B9}" = DJ_AIO_05_F4400_Software_Min
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BEECD6CD-BB5F-4E13-A478-886CBD2BD4DC}" = College Algebra
"{BF2A74BF-8D12-47F1-8B19-22B30AF6B0D1}" = Linksys EasyLink Advisor
"{C09F1573-6262-47F2-8B90-5B2290A58B12}" = MAGIX Speed 2 (MSI)
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EC7EBCD9-0CB4-472B-BC64-364CDC3CAC4C}" = Rise of the Argonauts
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FB26A501-6BA6-459B-89AA-9736730752FB}" = VoiceOver Kit
"{FBDBC490-089D-4476-BF72-1F7A6368200A}" = Pure Networks Platform
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"ATT-HSI" = ATT-HSI
"Audacity_is1" = Audacity 1.2.6
"BearShare" = BearShare
"BearShare MediaBar" = MediaBar
"College Algebra (Fall 2008 Student Version)" = College Algebra (Fall 2008 Student Version)
"College Algebra (Fall 2009 Student Version)" = College Algebra (Fall 2009 Student Version)
"DungeonSiege2" = Dungeon Siege 2
"ERUNT_is1" = ERUNT 1.1j
"Fish Tycoon_is1" = Fish Tycoon
"Free Audio Editor" = Free Audio Editor
"FreeOnlineRadioPlayerRecorder Toolbar" = FreeOnlineRadioPlayerRecorder Toolbar
"Hamachi" = Hamachi 1.0.2.4
"Hitman: Contracts" = Hitman: Contracts
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{2DFF2906-52BB-4222-8062-1509259FC013}" = GUN (TM)
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"InstallShield_{EC7EBCD9-0CB4-472B-BC64-364CDC3CAC4C}" = Rise of the Argonauts
"Linksys EasyLink Advisor" = Linksys EasyLink Advisor
"MAGIX Screenshare US" = MAGIX Screenshare
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Medical Terminology for Health Professions_is1" = Medical Terminology for Health Professions
"mm16" = MAGIX Music Maker 16
"Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10)
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Search Toolbar" = Search Toolbar
"Statistics (Fall 2008 Student Version)" = Statistics (Fall 2008 Student Version)
"Steam App 11000" = Loki Norse Demo
"Steam App 1250" = Killing Floor
"Steam App 24920" = Dragon Age: Origins - Character Creator
"Steam App 40310" = Risen - Demo
"Steam App 500" = Left 4 Dead
"Steam App 7280" = Loki Egyptian Demo
"TubeDownloader" = TubeDownloader
"Two Worlds" = Two Worlds
"Vuze" = Vuze
"WildTangent hp Master Uninstall" = My HP Games

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"GeoGebra WebStart" = GeoGebra WebStart
"PowerTeacher Gradebook" = PowerTeacher Gradebook

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/22/2010 7:29:07 PM | Computer Name = IanYoung-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18975, time stamp
0x4c8710a6, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x7516a57d, process id 0x50bc, application start time
0x01cb8a9d0eecf731.

Error - 11/22/2010 7:45:03 PM | Computer Name = IanYoung-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18975, time stamp
0x4c8710a6, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x7516a57d, process id 0x5080, application start time
0x01cb8a9f48c02611.

Error - 11/22/2010 7:45:42 PM | Computer Name = IanYoung-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18975, time stamp
0x4c8710a6, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03824,
exception code 0xc0000374, fault offset 0x000ab0bf, process id 0x5164, application
start time 0x01cb8a9e6002ba51.

Error - 11/22/2010 7:45:42 PM | Computer Name = IanYoung-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18975, time stamp
0x4c8710a6, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03824,
exception code 0xc0000374, fault offset 0x000ab0bf, process id 0x50d4, application
start time 0x01cb8a9d14696271.

Error - 11/22/2010 7:46:00 PM | Computer Name = IanYoung-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18975, time stamp
0x4c8710a6, faulting module AcroIEHelper.dll, version 8.0.0.456, time stamp 0x453c6a72,
exception code 0xc0000005, fault offset 0x000072b8, process id 0x3c2c, application
start time 0x01cb8a9f687a4f81.

Error - 11/22/2010 7:48:20 PM | Computer Name = IanYoung-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18975, time stamp
0x4c8710a6, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x7516a57d, process id 0x5258, application start time
0x01cb8a9fbe197061.

Error - 11/22/2010 7:49:21 PM | Computer Name = IanYoung-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18975 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 190c Start Time: 01cb8a9f6542b3c1 Termination Time: 16

Error - 11/23/2010 1:08:09 AM | Computer Name = IanYoung-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18975, time stamp
0x4c8710a6, faulting module uweqehex.dll, version 1.4.0.0, time stamp 0x4aef73c8,
exception code 0xc0000005, fault offset 0x000072b8, process id 0x5d40, application
start time 0x01cb8acc6a9a4410.

Error - 11/25/2010 10:38:33 PM | Computer Name = IanYoung-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/25/2010 10:38:38 PM | Computer Name = IanYoung-PC | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 6.0.6000.16386, time stamp
0x4549b0e1, faulting module uweqehex.dll, version 1.4.0.0, time stamp 0x4aef73c8,
exception code 0xc0000005, fault offset 0x00012838, process id 0xb90, application
start time 0x01cb8d12f9caff2d.

[ Media Center Events ]
Error - 3/3/2010 4:02:37 PM | Computer Name = IanYoung-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 4/16/2010 5:42:53 PM | Computer Name = IanYoung-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.WaitForUploadComplete failed. Please
try to ping www.msn.com prior to filing a bug.; Win32 GetLastError returned 10000109
Process: DefaultDomain Object Name: Media Center Guide

Error - 5/4/2010 7:31:56 PM | Computer Name = IanYoung-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.WaitForUploadComplete failed. Please
try to ping www.msn.com prior to filing a bug.; Win32 GetLastError returned 10000109
Process: DefaultDomain Object Name: Media Center Guide

Error - 7/28/2010 2:40:27 PM | Computer Name = IanYoung-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.WaitForUploadComplete failed. Please
try to ping www.msn.com prior to filing a bug.; Win32 GetLastError returned 10000109
Process: DefaultDomain Object Name: Media Center Guide

Error - 7/29/2010 5:13:18 PM | Computer Name = IanYoung-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 8/25/2010 9:07:43 PM | Computer Name = IanYoung-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 8/27/2010 3:39:02 PM | Computer Name = IanYoung-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.WaitForUploadComplete failed. Please
try to ping www.msn.com prior to filing a bug.; Win32 GetLastError returned 10000109
Process: DefaultDomain Object Name: Media Center Guide

Error - 9/23/2010 1:01:11 PM | Computer Name = IanYoung-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 9/23/2010 1:10:26 PM | Computer Name = IanYoung-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 11/12/2010 2:08:41 PM | Computer Name = IanYoung-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

[ OSession Events ]
Error - 3/20/2010 8:59:18 AM | Computer Name = IanYoung-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 408
seconds with 300 seconds of active time. This session ended with a crash.

Error - 3/20/2010 9:35:59 AM | Computer Name = IanYoung-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 1/2/2011 1:37:37 AM | Computer Name = IanYoung-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 1/2/2011 1:37:37 AM | Computer Name = IanYoung-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/2/2011 12:12:57 PM | Computer Name = IanYoung-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 1/2/2011 12:13:12 PM | Computer Name = IanYoung-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 7A79059A4BDB. The following
error occurred: %%258. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 1/2/2011 12:13:14 PM | Computer Name = IanYoung-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description =

Error - 1/3/2011 1:28:18 PM | Computer Name = IanYoung-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 1/10/2011 1:27:43 PM | Computer Name = IanYoung-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 1/10/2011 1:31:37 PM | Computer Name = IanYoung-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 1/10/2011 1:31:37 PM | Computer Name = IanYoung-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/10/2011 1:45:45 PM | Computer Name = IanYoung-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

< End of report >

i have attached my new DDS LOG after i did all this

Thanks Ian

tashi

2011-01-10, 22:03

Hello igy31,

At that point, if you still require help, please start a new topic and include a new DDS log with a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh. http://forums.spybot.info/showpost.php?p=393296&postcount=3

Please do that. :) One post in the new topic as helpers look for a zero response. ;)

Best regards.