Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Another Fake Garda Virus

  • 23-07-2012 11:19am
    #1
    Registered Users Posts: 597 ✭✭✭


    Hi ASJ, I have the fake Garda Virus on my machine. I booted into safe mode with networking and have ran MBAM, log is below. I am downloading OTL and will post them logs as soon as they are finished. thanks

    Malwarebytes Anti-Malware 1.62.0.1300
    www.malwarebytes.org

    Database version: v2012.07.23.06

    Windows 7 x64 NTFS (Safe Mode/Networking)
    Internet Explorer 8.0.7600.16385
    aiden :: AIDEN-PC [administrator]

    23/07/2012 11:17:12
    mbam-log-2012-07-23 (12-07-53).txt

    Scan type: Full scan (C:\|D:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 380658
    Time elapsed: 47 minute(s), 24 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 84
    HKCR\CLSID\{100EB1FD-D03E-47fd-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
    HKCR\TypeLib\{E343EDFC-1E6C-4cb5-AA29-E9C922641C80} (Adware.ShopperReports) -> No action taken.
    HKCR\Interface\{D8560AC2-21B5-4C1A-BDD4-BD12BC83B082} (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.RprtCtrl (Adware.ShopperReports) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> No action taken.
    HKCR\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> No action taken.
    HKCR\CLSID\{20EA9658-6BC3-4599-A87D-6371FE9295FC} (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.HbAx.1 (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.HbAx (Adware.ShopperReports) -> No action taken.
    HKCR\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C} (Adware.ShopperReports) -> No action taken.
    HKCR\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB} (Adware.ShopperReports) -> No action taken.
    HKCR\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7} (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> No action taken.
    HKCR\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> No action taken.
    HKCR\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46} (Adware.ShopperReports) -> No action taken.
    HKCR\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F} (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> No action taken.
    HKCR\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470} (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.KOPFF.1 (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.KOPFF (Adware.ShopperReports) -> No action taken.
    HKCR\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.Scopes.1 (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.Scopes (Adware.ShopperReports) -> No action taken.
    HKCR\CLSID\{A16AD1E9-F69A-45af-9462-B1C286708842} (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.IEButtonA (Adware.ShopperReports) -> No action taken.
    HKCR\CLSID\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.HbInfoBand (Adware.ShopperReports) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> No action taken.
    HKCR\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57} (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.Stock.1 (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.Stock (Adware.ShopperReports) -> No action taken.
    HKCR\CLSID\{C9CCBB35-D123-4a31-AFFC-9B2933132116} (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.IEButton.1 (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.IEButton (Adware.ShopperReports) -> No action taken.
    HKCR\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D} (Adware.ShopperReports) -> No action taken.
    HKCR\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9} (Adware.ShopperReports) -> No action taken.
    HKCR\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9} (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.CntntDic.1 (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.CntntDic (Adware.ShopperReports) -> No action taken.
    HKCR\CLSID\{CFC16189-8A92-4a29-A940-60248385F426} (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.CntntDisp.1 (Adware.ShopperReports) -> No action taken.
    HKCR\ShopperReports.CntntDisp (Adware.ShopperReports) -> No action taken.
    HKCR\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB} (Adware.ShopperReports) -> No action taken.
    HKCR\Typelib\{3277CD27-4001-4EF8-9D96-C6CA745AC2F9} (Adware.7FaSSt) -> No action taken.
    HKCR\Interface\{38493F7F-2922-4C6C-9A9A-8DA2C940D0EE} (Adware.7FaSSt) -> No action taken.
    HKCR\CLSID\{E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} (Adware.7FaSSt) -> No action taken.
    HKCR\BBar.BBarBand.1 (Adware.7FaSSt) -> No action taken.
    HKCR\BBar.BBarBand (Adware.7FaSSt) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} (Adware.7FaSSt) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} (Adware.7FaSSt) -> No action taken.
    HKCR\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> No action taken.
    HKCR\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> No action taken.
    HKCR\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> No action taken.
    HKCR\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> No action taken.
    HKCR\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> No action taken.
    HKCR\AppID\BRNstIE.DLL (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\CmndFF.DLL (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\mozillaps.dll (Adware.ClickPotato) -> No action taken.
    HKCR\AppID\Pltfrm.DLL (Adware.ClickPotato) -> No action taken.
    HKCU\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> No action taken.
    HKLM\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> No action taken.
    HKLM\SYSTEM\CurrentControlSet\Services\ScanQuery Service (Adware.ScanQuery) -> No action taken.

    Registry Values Detected: 7
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|rxfvtcocbsfdiqu (Trojan.Winlock.P) -> Data: C:\ProgramData\rxfvtcoc.exe -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{E5A1ECE5-3E3D-4FE7-8447-78CB1FD377C6} (Adware.7FaSSt) -> Data: BBar -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{35662E8F-5A9D-2F4F-C2E2-C203C626374B} (Trojan.ZbotR.Gen) -> Data: C:\Users\aiden\AppData\Roaming\Giohg\siomqo.exe -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|ShopperReports 3.0.517.0 (Adware.HotBar) -> Data: -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|SRS_IT_E8790777B4765A5535AB99 (Malware.Trace) -> Data: -> No action taken.
    HKLM\SOFTWARE\Mozilla\Firefox\extensions|ShopperReports@ShopperReports.com (ShopperReports) -> Data: C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions -> No action taken.
    HKLM\SOFTWARE\Mozilla\Firefox\extensions|ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Data: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.668.0\firefox\extensions -> No action taken.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 14
    C:\Users\aiden\AppData\Roaming\ShopperReports3 (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3 (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0 (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> No action taken.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64} (Adware.ScanQuery) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\chrome (Adware.ScanQuery) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\defaults (Adware.ScanQuery) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\defaults\preferences (Adware.ScanQuery) -> No action taken.

    Files Detected: 26
    C:\ProgramData\rxfvtcoc.exe (Trojan.Winlock.P) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\mozillaps.dll (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\CmndFF.dll (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\CntntCntr.dll (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\BRNstIE.dll (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\blinkx Remote Toolbar\the_blinkx_toolbar.dll (Adware.7FaSSt) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\ShopperReportsUninstaller.exe (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> No action taken.
    C:\Users\aiden\0.7665084305361457.exe (Trojan.Winlock.P) -> No action taken.
    C:\Users\aiden\AppData\Local\Temp\bjbA6E8.tmp (Adware.Casino) -> No action taken.
    C:\Users\aiden\AppData\Local\Temp\rEBxnFzX.exe.part (Adware.Casino) -> No action taken.
    C:\Users\aiden\AppData\Local\Temp\0.6712967405393793 (Exploit.Drop.9) -> No action taken.
    C:\Users\aiden\AppData\Roaming\Giohg\siomqo.exe (Trojan.ZbotR.Gen) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\link.ico (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> No action taken.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\About Us.lnk (Adware.ShopperReports) -> No action taken.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\Customer Support.lnk (Adware.ShopperReports) -> No action taken.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\ShopperReports Uninstall Instructions.lnk (Adware.ShopperReports) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\chrome.manifest (Adware.ScanQuery) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\install.rdf (Adware.ScanQuery) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\chrome\scanquery.jar (Adware.ScanQuery) -> No action taken.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}\defaults\preferences\prefs.js (Adware.ScanQuery) -> No action taken.

    (end)


Comments

  • Site Banned Posts: 1,167 ✭✭✭ASJ112


    you can let MBAM fix those


  • Registered Users Posts: 597 ✭✭✭one man clappin


    I have deleted those with MBAM. Below is log of OTL:

    OTL logfile created on: 7/23/2012 12:21:08 PM - Run 1
    OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\aiden\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: Ireland | Language: IRE | Date Format: dd/MM/yyyy

    3.80 Gb Total Physical Memory | 3.10 Gb Available Physical Memory | 81.49% Memory free
    7.60 Gb Paging File | 6.95 Gb Available in Paging File | 91.37% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 283.34 Gb Total Space | 187.07 Gb Free Space | 66.02% Space Free | Partition Type: NTFS

    Computer Name: AIDEN-PC | User Name: aiden | Logged in as Administrator.
    Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/07/23 12:16:14 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\aiden\Downloads\OTL.exe
    PRC - [2012/07/20 17:48:39 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/07/20 17:48:39 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    MOD - [2012/02/22 18:26:33 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2010/09/23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2010/06/18 06:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2010/02/03 07:13:10 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Stopped] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
    SRV:64bit: - [2009/06/09 15:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Stopped] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
    SRV:64bit: - [2009/03/03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
    SRV - [2012/07/20 17:48:39 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/07/02 16:25:14 | 002,232,504 | ---- | M] (Giraffic) [Auto | Stopped] -- C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe -- (Giraffic)
    SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
    SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
    SRV - [2011/08/18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
    SRV - [2011/04/17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)
    SRV - [2010/06/08 17:49:30 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
    SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/03 21:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
    SRV - [2010/03/03 21:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
    SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/06/06 01:07:28 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2012/03/01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/10/15 14:42:49 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
    DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
    DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
    DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
    DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
    DRV:64bit: - [2011/04/21 02:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symnets.sys -- (SymNetS)
    DRV:64bit: - [2011/03/31 04:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtsp64.sys -- (SRTSP)
    DRV:64bit: - [2011/03/31 04:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
    DRV:64bit: - [2011/03/15 03:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symefa64.sys -- (SymEFA)
    DRV:64bit: - [2011/03/11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2011/01/27 07:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\symds64.sys -- (SymDS)
    DRV:64bit: - [2010/11/16 02:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1207020.003\ironx64.sys -- (SymIRON)
    DRV:64bit: - [2010/08/30 13:17:36 | 000,289,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
    DRV:64bit: - [2010/08/25 21:36:02 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2010/08/12 17:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
    DRV:64bit: - [2010/06/18 06:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2010/06/08 17:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2010/03/17 22:44:44 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2010/03/17 22:41:48 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2010/03/17 22:29:52 | 000,232,480 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV:64bit: - [2010/02/27 01:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
    DRV:64bit: - [2010/02/03 07:13:08 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
    DRV:64bit: - [2010/02/03 07:13:08 | 000,020,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
    DRV:64bit: - [2010/02/03 07:13:06 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2009/09/17 19:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
    DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
    DRV:64bit: - [2009/07/09 10:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
    DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2006/11/01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
    DRV - [2012/04/28 01:18:20 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120511.001\IDSviA64.sys -- (IDSVia64)
    DRV - [2012/04/21 13:08:36 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120512.016\EX64.SYS -- (NAVEX15)
    DRV - [2012/04/21 13:08:36 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
    DRV - [2012/04/21 13:08:36 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120512.016\ENG64.SYS -- (NAVENG)
    DRV - [2012/04/03 00:38:04 | 001,160,824 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120507.001\BHDrvx64.sys -- (BHDrvx64)
    DRV - [2012/02/04 13:47:02 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
    DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchPage =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/USCON/2
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ga-ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CD 93 39 56 DB 61 CD 01 [binary data]
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultthis.engineName: "Veoh Web Player Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2653012&SearchSource=3&q={searchTerms}"
    FF - prefs.js..browser.startup.homepage: "http://www.google.ie/"
    FF - prefs.js..extensions.enabledItems: toolbar@blinkx.com:1.0
    FF - prefs.js..extensions.enabledItems: ShopperReports@ShopperReports.com:3.0.517.0
    FF - prefs.js..extensions.enabledItems: {DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}:1.0
    FF - prefs.js..extensions.enabledItems: ClickPotatoLite@ClickPotatoLite.com:10.0.668.0
    FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
    FF - prefs.js..extensions.enabledItems: {cd90bf73-20f6-44ef-993d-bb920303bd2e}:3.6.0.10
    FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:3.6.0.10
    FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
    FF - prefs.js..extensions.enabledItems: 5
    FF - prefs.js..extensions.enabledItems: 3
    FF - prefs.js..extensions.enabledItems: 1
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"


    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\aiden\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\aiden\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\aiden\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\aiden\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\aiden\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/12/12 15:29:32 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2012/02/04 13:11:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_10_1 [2012/07/23 10:54:55 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/20 17:48:39 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/23 12:13:33 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/20 17:48:39 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/23 12:13:33 | 000,000,000 | ---D | M]

    [2011/02/26 00:36:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aiden\AppData\Roaming\Mozilla\Extensions
    [2012/07/15 18:46:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aiden\AppData\Roaming\Mozilla\Firefox\Profiles\pbv2gb97.default\extensions
    [2012/07/15 18:46:08 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\aiden\AppData\Roaming\Mozilla\Firefox\Profiles\pbv2gb97.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
    [2012/07/15 18:46:09 | 000,000,000 | ---D | M] (Veoh Web Player Community Toolbar) -- C:\Users\aiden\AppData\Roaming\Mozilla\Firefox\Profiles\pbv2gb97.default\extensions\{cd90bf73-20f6-44ef-993d-bb920303bd2e}
    [2011/05/03 19:50:54 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\aiden\AppData\Roaming\Mozilla\Firefox\Profiles\pbv2gb97.default\extensions\firefox@tvunetworks.com
    [2011/03/21 14:46:56 | 000,000,933 | ---- | M] () -- C:\Users\aiden\AppData\Roaming\Mozilla\Firefox\Profiles\pbv2gb97.default\searchplugins\conduit.xml
    [2011/10/30 18:16:08 | 000,002,472 | ---- | M] () -- C:\Users\aiden\AppData\Roaming\Mozilla\Firefox\Profiles\pbv2gb97.default\searchplugins\safesearch.xml
    [2012/07/23 12:13:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2012/07/20 17:48:39 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2009/11/06 16:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
    [2012/02/22 18:52:22 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2009/11/06 16:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
    [2012/06/25 11:30:24 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
    [2012/06/25 11:30:24 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2012/06/25 11:30:24 | 000,000,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
    [2012/06/25 11:30:24 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
    [2012/06/25 11:30:24 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
    [2012/06/25 11:30:24 | 000,001,121 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

    O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
    O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
    O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\aiden\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
    O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
    O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - Startup: C:\Users\aiden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\aiden\Desktop\PartyPoker.lnk File not found
    O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\aiden\Desktop\PartyPoker.lnk File not found
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: riaenvia.net ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: riafinancial.com ([]* in Trusted sites)
    O16 - DPF: {1169E0CD-9E76-11D7-B1D8-FB63945DE96D} https://fxonline.riaenvia.net/Plugins/VSTwain.dll (VintaSoftTwain Control v5.1)
    O16 - DPF: {22571E97-956A-4CDD-AF8D-AE9C26597683} https://fxonline.riaenvia.net/Plugins/99510060.CAB (ctlUSBHID.USBHID)
    O16 - DPF: {2489E566-F550-47E1-9EC6-462B13BFB268} https://fxonline.riaenvia.net/Plugins/URLUpload.CAB (URLUpload.Upload)
    O16 - DPF: {44B019DE-19F4-4A37-B2AB-815655927BB0} https://fxonline.riaenvia.net/Plugins/99510064-104.0002.CAB (KbdWedgeOCX.KbdWedge)
    O16 - DPF: {7206EAAC-5CFA-43A3-9F61-E27E8E51E42F} http://lai.liveblockauctions.com/container_repository/laiexec.cab (laiExcuter Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {9E8EBAA8-573C-45D2-A64C-DD93489744DE} https://fxonline.riaenvia.net/Plugins/MTMicrImage.CAB (MTMicrImage.MicrImage)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20549A0B-1A77-4A55-9E7B-9F1F53E1E03C}: DhcpNameServer = 192.168.10.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8058A41E-B460-488F-B1E9-5FC185105813}: DhcpNameServer = 192.168.1.254
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/07/23 11:16:34 | 000,000,000 | ---D | C] -- C:\Users\aiden\AppData\Roaming\Malwarebytes
    [2012/07/23 11:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012/07/23 11:16:26 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2012/07/23 11:16:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2012/07/23 11:16:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2012/07/22 20:22:10 | 000,000,000 | ---D | C] -- C:\Users\aiden\AppData\Local\CrashDumps
    [2012/07/22 16:43:21 | 000,000,000 | ---D | C] -- C:\Users\aiden\AppData\Roaming\Giohg
    [2012/07/22 16:43:21 | 000,000,000 | ---D | C] -- C:\Users\aiden\AppData\Roaming\Ceymz
    [2012/07/22 16:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\mkzdbtwkbnyctqp
    [2012/07/15 23:35:46 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
    [2012/07/11 19:36:02 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
    [2012/06/23 19:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
    [2012/06/23 19:38:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

    ========== Files - Modified Within 30 Days ==========

    [2012/07/23 12:10:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/07/23 12:10:31 | 3062,915,072 | -HS- | M] () -- C:\hiberfil.sys
    [2012/07/23 11:16:27 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/07/23 11:06:24 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job
    [2012/07/23 11:06:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/07/23 11:02:06 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/07/23 11:02:06 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/07/23 10:55:13 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/07/23 10:11:46 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2801790525-1181544261-1216082320-1001UA.job
    [2012/07/22 16:42:49 | 000,000,051 | ---- | M] () -- C:\ProgramData\pcvuuyuptedhonx
    [2012/07/22 15:51:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2801790525-1181544261-1216082320-1001Core.job
    [2012/07/22 01:17:34 | 534,839,758 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2012/07/20 17:48:41 | 000,002,050 | ---- | M] () -- C:\Users\aiden\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2012/07/19 20:27:19 | 000,031,720 | ---- | M] () -- C:\Users\aiden\Documents\bacpol 19072012.pdf
    [2012/07/19 15:13:45 | 000,727,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/07/19 15:13:45 | 000,616,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/07/19 15:13:45 | 000,106,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/07/14 11:33:08 | 000,062,103 | ---- | M] () -- C:\Users\aiden\Documents\lituanian driver.pdf
    [2012/07/12 08:04:40 | 000,310,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2012/07/05 11:42:09 | 000,031,728 | ---- | M] () -- C:\Users\aiden\Documents\bacpolpayment05072012.pdf
    [2012/07/05 11:34:36 | 000,031,725 | ---- | M] () -- C:\Users\aiden\Documents\kimhutpayment5072012.pdf
    [2012/07/04 15:48:43 | 000,852,350 | ---- | M] () -- C:\Users\aiden\Documents\turban1.pdf
    [2012/07/04 15:47:58 | 000,903,808 | ---- | M] () -- C:\Users\aiden\Documents\turban.pdf
    [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2012/06/26 14:52:18 | 000,283,607 | ---- | M] () -- C:\Users\aiden\Documents\em.pdf

    ========== Files Created - No Company Name ==========

    [2012/07/23 11:16:27 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/07/22 16:42:42 | 000,000,051 | ---- | C] () -- C:\ProgramData\pcvuuyuptedhonx
    [2012/07/19 20:27:19 | 000,031,720 | ---- | C] () -- C:\Users\aiden\Documents\bacpol 19072012.pdf
    [2012/07/15 23:35:38 | 534,839,758 | ---- | C] () -- C:\Windows\MEMORY.DMP
    [2012/07/05 11:42:09 | 000,031,728 | ---- | C] () -- C:\Users\aiden\Documents\bacpolpayment05072012.pdf
    [2012/07/05 11:34:36 | 000,031,725 | ---- | C] () -- C:\Users\aiden\Documents\kimhutpayment5072012.pdf
    [2012/07/04 15:48:43 | 000,852,350 | ---- | C] () -- C:\Users\aiden\Documents\turban1.pdf
    [2012/07/04 15:47:57 | 000,903,808 | ---- | C] () -- C:\Users\aiden\Documents\turban.pdf
    [2012/06/26 14:52:18 | 000,283,607 | ---- | C] () -- C:\Users\aiden\Documents\em.pdf
    [2012/06/13 19:57:13 | 000,000,146 | ---- | C] () -- C:\Windows\ODBC.INI
    [2012/06/13 19:51:35 | 000,000,027 | ---- | C] () -- C:\Windows\BarCode.ini
    [2012/02/17 16:29:33 | 000,110,456 | ---- | C] () -- C:\Users\aiden\g2ax_customer_downloadhelper_win32_x86.exe
    [2011/12/11 15:39:08 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI
    [2011/12/11 15:39:08 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2030.DAT
    [2011/04/18 16:47:12 | 000,735,726 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2011/04/05 16:25:47 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
    [2011/04/05 16:25:47 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
    [2011/03/11 11:06:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2010/12/12 16:06:20 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
    [2010/12/12 16:06:20 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
    [2010/12/12 16:06:20 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
    [2010/12/12 16:06:20 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
    [2010/12/12 16:06:19 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
    [2010/12/12 16:02:53 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
    [2010/12/12 16:02:53 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
    [2010/12/12 16:02:53 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
    [2010/12/12 16:02:53 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
    [2010/12/12 16:02:53 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
    [2010/12/12 16:02:53 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
    [2010/12/12 16:02:53 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini

    < End of report >


  • Registered Users Posts: 597 ✭✭✭one man clappin


    Extras Log:

    OTL Extras logfile created on: 7/23/2012 12:21:08 PM - Run 1
    OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\aiden\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: Ireland | Language: IRE | Date Format: dd/MM/yyyy

    3.80 Gb Total Physical Memory | 3.10 Gb Available Physical Memory | 81.49% Memory free
    7.60 Gb Paging File | 6.95 Gb Available in Paging File | 91.37% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 283.34 Gb Total Space | 187.07 Gb Free Space | 66.02% Space Free | Partition Type: NTFS

    Computer Name: AIDEN-PC | User Name: aiden | Logged in as Administrator.
    Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{05EE50CD-FD1B-4643-9B95-76EE98F30339}" = lport=138 | protocol=17 | dir=in | app=system |
    "{10A56532-46A1-4FA3-8E31-0CF0DAD822D5}" = rport=137 | protocol=17 | dir=out | app=system |
    "{114691FE-1BCA-4B97-963D-4BD597B8BFA6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{134ACC62-7E31-4127-A999-C220BC997863}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{19C43D64-D4C3-4527-9854-B98616D80B71}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{1C3569B9-C5BC-4C29-B80B-A8F5A4D9A8B4}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{3A0338AE-087C-43D7-BB4D-273BB3B3D264}" = lport=445 | protocol=6 | dir=in | app=system |
    "{3C0F8F6C-E045-4C98-9DB4-AFB8B226A2B2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{4140B1C8-2B85-404B-A7AE-3A4EAB8361FD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{5247F521-56DF-462B-85A0-A13C0075FA27}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{645E2378-058D-4C11-BC28-F8471950A201}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{87C7B15D-4610-4017-A159-B61E7088DAF3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{8836E9D6-50FF-4C02-BB8D-356E6BEBB8E9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{887EEDF8-1B70-481C-BC92-28428108C6B7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{9E1F21A8-A112-4B98-A03A-0736EED73ED4}" = rport=139 | protocol=6 | dir=out | app=system |
    "{A963A45D-E968-40FF-97B8-E3BBB4F97674}" = lport=137 | protocol=17 | dir=in | app=system |
    "{B1F6F36F-89E6-4600-86FD-5EB178BF2327}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{BE4841B1-9225-4575-AABA-8B2F2741E112}" = lport=139 | protocol=6 | dir=in | app=system |
    "{C080FC62-FFA7-4158-8843-8EC1CDCBA0F1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{CFC4669E-4686-4B69-8EC9-6FDD366BA048}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{D342C71D-4FEF-46E0-A03F-9B3EABBC8CE3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{DEE35F72-928C-4DDC-993A-550C2685A29D}" = rport=445 | protocol=6 | dir=out | app=system |
    "{EEEBAE48-FCC0-43FE-BD9C-ECD3E43B26AB}" = rport=138 | protocol=17 | dir=out | app=system |
    "{F4F789F5-8E5C-430D-A36C-CFCD3F11E9F1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{F780AF82-18C6-449C-AF77-7F22EA8674E5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0561EC3D-8744-4DAB-A8A9-CBBE860859F2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{062E341C-A58C-4C2B-8D1C-2058387EB4FC}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
    "{065B5912-AB59-4054-85F8-E2CC45B60A93}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{0D44F584-D66E-4C9C-8CD4-467AD196C2FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{1610D92C-143D-4381-BDC6-371974769E63}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
    "{16238889-FD09-4CC3-8AE9-A1DDD8ACC6AA}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
    "{2468230B-7A96-4393-890F-9411395F975E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{251C2430-7B4E-4596-BEC5-BB7B1CCB8ED4}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
    "{2E77AC01-FF89-4AC2-9C89-02C2BFCC8194}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{38BEEAA9-28BD-4EBC-9BB5-19DA5F1E8E97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{38E89A0E-3415-4868-9F12-B10CCFA678D2}" = protocol=6 | dir=in | app=c:\program files (x86)\giraffic\veoh_giraffic.exe |
    "{464D103B-3612-4E2F-83FD-7F27D4856FBD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{56B74252-37E3-4C30-840C-A737D07450BD}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{5BC7B79D-18E7-4247-8795-90FB2EC418E2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{5F3845D8-CEBC-472D-8003-F76DDC3A48B0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{70DB5790-1570-43D3-A7FD-89DEE3F39FAF}" = protocol=17 | dir=in | app=c:\program files (x86)\giraffic\veoh_giraffic.exe |
    "{7CC04E41-6848-4D61-B21B-B34DABF7FEEB}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
    "{84CE6919-D64B-478C-84ED-DA66C0C53B45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{8CFA2BEA-8536-4D7D-A40B-6F2AA76302FC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{8DABA407-E508-46EF-B9C5-EEE74347549E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{9486E3FF-DF15-4983-86FE-1AF0E0EB0FF8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{9EBF73A3-AC58-46D2-9ECC-AE20F9241913}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{9F803CAF-735B-4975-BDB9-5DDDADD2BCCF}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
    "{AA40A295-DB43-4739-A24C-346810AF78A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{AFAEE58F-7194-4542-90CC-2D6FC179BCA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B449608D-AD6F-42F4-B4DD-36B810D3A3FD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{C4A199A7-E055-42BA-A4E2-68943599471E}" = protocol=17 | dir=in | app=c:\program files (x86)\giraffic\veoh_girafficwatchdog.exe |
    "{CA4CE259-6F00-4ABD-94DA-B5CE98B44508}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{CD69AF1C-CAEB-4C8D-A738-DD6E60A84105}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{CDC6046D-D389-4593-B0C0-39C9A97813D0}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
    "{D41919B0-5995-4471-975A-2C95135153C4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{DBB983FC-FE57-4E71-8F9A-51A75E8FFE4C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{DCDF84B3-7F2D-45A8-A798-788649E6184F}" = protocol=6 | dir=in | app=c:\program files (x86)\giraffic\veoh_girafficwatchdog.exe |
    "{E0E5574A-C284-42AF-A4B3-1C021DDC5D53}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{E3493439-ED6D-44D6-B87C-32187B81FC69}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E856DB20-2EC8-4EC6-AAA7-F22C79C5E632}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
    "{ECEAFF03-0A1A-4169-9D73-F6AFB1BB0947}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{F01A838C-07C3-4BEA-AD81-9C3926A4E53F}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
    "{F3666B52-8BFB-475B-BDB9-D306C5155ACD}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
    "{F5BF0708-FBCC-4BD5-A348-5A8B5F7E87DA}" = protocol=6 | dir=out | app=system |
    "{F7513B6F-B265-42D7-8B71-8EAEE8F06999}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
    "{FF18F664-9858-414C-9490-1F91CE1E14B8}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
    "{FF6CF16E-A9F9-4859-A623-848EEC764EFD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{650AF771-456D-418F-BFC7-F6FFC9D0235C}" = HP Deskjet 3050 J610 series Basic Device Software
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    "{B9C3D27C-D72A-4F48-A0A4-8E1758219735}" = TEC-IT TBarCode Office 10
    "{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{FEB2C4AA-661E-483F-9626-21A8ACFD10F2}" = HP Deskjet 3050 J610 series Product Improvement Study
    "Dell Support Center" = Dell Support Center
    "DW WLAN Card Utility" = DW WLAN Card Utility
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "SynTPDeinstKey" = Synaptics Pointing Device Driver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{33CBA936-14BD-4FD9-9E67-9B94201BB6C7}" = TEC-IT TFORMer 7.0
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{3F15E203-BC3E-3597-84CD-EDF99546C917}" = Google Talk Plugin
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
    "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
    "{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
    "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
    "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
    "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
    "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
    "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
    "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{DFC3E171-965F-4C07-AA42-05F6F5B7380B}_is1" = RAR Opener version 1.0
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
    "{F11DD279-BC82-4234-A8B8-AADCA1A8B308}" = Virtual Com for USB Driver V1.0.3
    "{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help
    "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "8461-7759-5462-8226" = Vuze
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Advanced Audio FX Engine" = Advanced Audio FX Engine
    "conduitEngine" = Conduit Engine
    "Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
    "Dell Dock" = Dell Dock
    "Dell Webcam Central" = Dell Webcam Central
    "Giraffic" = Veoh Giraffic Video Accelerator
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "HP Photo Creations" = HP Photo Creations
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
    "Mozilla Firefox 14.0.1 (x86 en-GB)" = Mozilla Firefox 14.0.1 (x86 en-GB)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "NIS" = Norton Internet Security
    "Office14.Click2Run" = Microsoft Office Click-to-Run 2010
    "PartyPoker" = PartyPoker
    "SmartDraw 2012" = SmartDraw 2012
    "Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
    "Vuze_Remote Toolbar" = Vuze Remote Toolbar
    "WildTangent dell Master Uninstall" = WildTangent Games
    "WinLiveSuite" = Windows Live Essentials
    "Xvid_is1" = Xvid 1.2.1 final uninstall

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "6019B71A5A75B58CE85C0186950C1D941142E4EC" = TECIT.TBarCode.ExcelAddIn
    "F80C393CE1229535BC84582CD13B70388ABABEFC" = TECIT.TBarCode.WordAddIn
    "Octoshape Streaming Services" = Octoshape Streaming Services
    "William Hill CASINO CLUB" = William Hill CASINO CLUB

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 6/22/2012 5:36:26 AM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 6/23/2012 4:58:25 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 6/24/2012 5:12:28 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4622
    Description =

    Error - 6/27/2012 4:59:07 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 6/29/2012 5:18:02 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 7/3/2012 9:52:21 AM | Computer Name = aiden-PC | Source = CVHSVC | ID = 100
    Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
    DownloadLatest Failed: The operation timed out

    Error - 7/3/2012 5:00:08 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4622
    Description =

    Error - 7/5/2012 4:02:19 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 7/5/2012 4:13:47 PM | Computer Name = aiden-PC | Source = CVHSVC | ID = 100
    Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
    DownloadLatest Failed: The server name or address could not be resolved

    Error - 7/5/2012 5:06:19 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 7/7/2012 5:08:22 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    [ Broadcom Wireless LAN Events ]
    Error - 7/19/2012 4:26:44 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 09:26:44, Thu, Jul 19, 12 Error - P2P: Failed to set APSTA mode

    Error - 7/19/2012 10:11:23 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 15:11:22, Thu, Jul 19, 12 Error - Unable to gain access to user store


    Error - 7/21/2012 8:19:38 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 01:19:38, Sun, Jul 22, 12 Error - Unable to gain access to user store


    Error - 7/22/2012 12:01:01 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 17:01:01, Sun, Jul 22, 12 Error - Unable to get current user admin
    status

    Error - 7/22/2012 12:10:38 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 17:10:38, Sun, Jul 22, 12 Error - Unable to get current user admin
    status

    Error - 7/22/2012 12:26:58 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 17:26:58, Sun, Jul 22, 12 Error - Unable to get current user admin
    status

    Error - 7/22/2012 1:42:58 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 18:42:58, Sun, Jul 22, 12 Error - Unable to get current user admin
    status

    Error - 7/23/2012 5:14:03 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 10:14:03, Mon, Jul 23, 12 Error - Unable to get current user admin
    status

    Error - 7/23/2012 5:15:47 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 10:15:47, Mon, Jul 23, 12 Error - Unable to get current user admin
    status

    Error - 7/23/2012 6:00:40 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 11:00:40, Mon, Jul 23, 12 Error - Unable to get current user admin
    status

    [ Dell Events ]
    Error - 2/25/2011 7:37:34 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 3/8/2011 5:26:22 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 3/8/2011 5:26:22 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 5/18/2011 9:19:03 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 5/18/2011 9:19:03 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 9/1/2011 12:16:28 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 9/1/2011 12:16:28 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 11/10/2011 1:08:08 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 11/10/2011 1:08:08 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 11/13/2011 11:17:15 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    [ Media Center Events ]
    Error - 5/10/2011 10:44:06 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 03:44:06 - Error connecting to the internet. 03:44:06 - Unable
    to contact server..

    Error - 5/10/2011 10:44:16 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 03:44:11 - Error connecting to the internet. 03:44:11 - Unable
    to contact server..

    Error - 5/10/2011 11:44:20 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 04:44:20 - Error connecting to the internet. 04:44:20 - Unable
    to contact server..

    Error - 5/10/2011 11:44:26 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 04:44:25 - Error connecting to the internet. 04:44:25 - Unable
    to contact server..

    Error - 5/11/2011 12:44:31 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 05:44:31 - Error connecting to the internet. 05:44:31 - Unable
    to contact server..

    Error - 5/11/2011 12:44:37 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 05:44:36 - Error connecting to the internet. 05:44:36 - Unable
    to contact server..

    Error - 5/11/2011 1:44:42 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 06:44:42 - Error connecting to the internet. 06:44:42 - Unable
    to contact server..

    Error - 5/11/2011 1:44:48 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 06:44:47 - Error connecting to the internet. 06:44:47 - Unable
    to contact server..

    [ System Events ]
    Error - 7/23/2012 7:10:42 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7003
    Description = The IKE and AuthIP IPsec Keying Modules service depends the following
    service: BFE. This service might not be installed.

    Error - 7/23/2012 7:10:42 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7003
    Description = The IPsec Policy Agent service depends the following service: BFE.
    This service might not be installed.

    Error - 7/23/2012 7:10:42 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7001
    Description = The Client Virtualization Handler service depends on the Application
    Virtualization Client service which failed to start because of the following error:
    %%1068

    Error - 7/23/2012 7:10:45 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    BHDrvx64 discache eeCtrl IDSVia64 spldr SRTSPX SymIRON SymNetS Wanarpv6

    Error - 7/23/2012 7:10:51 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
    Description =

    Error - 7/23/2012 7:10:58 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
    Description =

    Error - 7/23/2012 7:11:00 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
    Description =

    Error - 7/23/2012 7:11:00 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
    Description =

    Error - 7/23/2012 7:11:00 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7001
    Description = The HomeGroup Provider service depends on the Function Discovery Provider
    Host service which failed to start because of the following error: %%1068

    Error - 7/23/2012 7:11:01 AM | Computer Name = aiden-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
    Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll
    Error
    Code: 21


    < End of report >


  • Site Banned Posts: 1,167 ✭✭✭ASJ112


    oipen OTL copy and paste this in the custom scan/fixes box



    :OTL
    FF - prefs.js..extensions.enabledItems: ShopperReports@ShopperReports.com:3.0.517.0
    FF - prefs.js..extensions.enabledItems: {DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}:1.0
    [2012/07/22 16:43:21 | 000,000,000 | ---D | C] -- C:\Users\aiden\AppData\Roaming\Giohg
    [2012/07/22 16:43:21 | 000,000,000 | ---D | C] -- C:\Users\aiden\AppData\Roaming\Ceymz
    [2012/07/22 16:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\mkzdbtwkbnyctqp
    [2012/07/22 16:42:49 | 000,000,051 | ---- | M] () -- C:\ProgramData\pcvuuyuptedhonx


    :Commands
    [PURITY]
    [EMPTYTEMP]
    [EMPTYFLASH]
    [RESETHOSTS]
    [EMPTYJAVA]
    [CREATERESTOREPOINT]
    [Reboot]
    :Files
    ipconfig /flushdns /c


    click run fix, reboot, and tell me how its running.


  • Registered Users Posts: 597 ✭✭✭one man clappin


    Thanks a million ASJ. That seems to have worked perfect. Below is the final log of OTL on reboot:

    All processes killed
    ========== OTL ==========
    Prefs.js: ShopperReports@ShopperReports.com:3.0.517.0 removed from extensions.enabledItems
    Prefs.js: {DE9265D8-D55D-4286-9DC4-F8D8A0CA2F64}:1.0 removed from extensions.enabledItems
    C:\Users\aiden\AppData\Roaming\Giohg folder moved successfully.
    C:\Users\aiden\AppData\Roaming\Ceymz folder moved successfully.
    C:\ProgramData\mkzdbtwkbnyctqp folder moved successfully.
    C:\ProgramData\pcvuuyuptedhonx moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: aiden
    ->Temp folder emptied: 537416989 bytes
    ->Temporary Internet Files folder emptied: 727874636 bytes
    ->Java cache emptied: 2272956 bytes
    ->FireFox cache emptied: 1139130834 bytes
    ->Flash cache emptied: 2583 bytes

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 516871956 bytes
    %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33304 bytes
    %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36050602 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 2,823.00 mb


    [EMPTYFLASH]

    User: aiden
    ->Flash cache emptied: 0 bytes

    User: All Users

    User: Default

    User: Default User

    User: Public

    Total Flash Files Cleaned = 0.00 mb

    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYJAVA]

    User: aiden
    ->Java cache emptied: 0 bytes

    User: All Users

    User: Default

    User: Default User

    User: Public

    Total Java Files Cleaned = 0.00 mb

    Unable to start System Restore Service. Error code 1084
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\aiden\Downloads\cmd.bat deleted successfully.
    C:\Users\aiden\Downloads\cmd.txt deleted successfully.

    OTL by OldTimer - Version 3.2.54.0 log created on 07232012_124441

    Files\Folders moved on Reboot...
    C:\Users\aiden\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    PendingFileRenameOperations files...
    File C:\Users\aiden\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

    Registry entries deleted on Reboot...


  • Advertisement
  • Site Banned Posts: 1,167 ✭✭✭ASJ112


    play around with it and let me know if there are any issues left


    if not, open OTL click the CleanUp! button and that's it.


  • Registered Users Posts: 38 paddybongo


    Go download superantispyware it will clean all them spyware and anything mbam has left,then go download Ccleaner and run it,that should do the trick.:cool:
    http://www.superantispyware.com/
    http://www.piriform.com/CCLEANER


  • Registered Users Posts: 9,286 ✭✭✭seligehgit


    Extras Log:

    OTL Extras logfile created on: 7/23/2012 12:21:08 PM - Run 1
    OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\aiden\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: Ireland | Language: IRE | Date Format: dd/MM/yyyy

    3.80 Gb Total Physical Memory | 3.10 Gb Available Physical Memory | 81.49% Memory free
    7.60 Gb Paging File | 6.95 Gb Available in Paging File | 91.37% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 283.34 Gb Total Space | 187.07 Gb Free Space | 66.02% Space Free | Partition Type: NTFS

    Computer Name: AIDEN-PC | User Name: aiden | Logged in as Administrator.
    Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{05EE50CD-FD1B-4643-9B95-76EE98F30339}" = lport=138 | protocol=17 | dir=in | app=system |
    "{10A56532-46A1-4FA3-8E31-0CF0DAD822D5}" = rport=137 | protocol=17 | dir=out | app=system |
    "{114691FE-1BCA-4B97-963D-4BD597B8BFA6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{134ACC62-7E31-4127-A999-C220BC997863}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{19C43D64-D4C3-4527-9854-B98616D80B71}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{1C3569B9-C5BC-4C29-B80B-A8F5A4D9A8B4}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{3A0338AE-087C-43D7-BB4D-273BB3B3D264}" = lport=445 | protocol=6 | dir=in | app=system |
    "{3C0F8F6C-E045-4C98-9DB4-AFB8B226A2B2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{4140B1C8-2B85-404B-A7AE-3A4EAB8361FD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{5247F521-56DF-462B-85A0-A13C0075FA27}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{645E2378-058D-4C11-BC28-F8471950A201}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{87C7B15D-4610-4017-A159-B61E7088DAF3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{8836E9D6-50FF-4C02-BB8D-356E6BEBB8E9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{887EEDF8-1B70-481C-BC92-28428108C6B7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{9E1F21A8-A112-4B98-A03A-0736EED73ED4}" = rport=139 | protocol=6 | dir=out | app=system |
    "{A963A45D-E968-40FF-97B8-E3BBB4F97674}" = lport=137 | protocol=17 | dir=in | app=system |
    "{B1F6F36F-89E6-4600-86FD-5EB178BF2327}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{BE4841B1-9225-4575-AABA-8B2F2741E112}" = lport=139 | protocol=6 | dir=in | app=system |
    "{C080FC62-FFA7-4158-8843-8EC1CDCBA0F1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{CFC4669E-4686-4B69-8EC9-6FDD366BA048}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{D342C71D-4FEF-46E0-A03F-9B3EABBC8CE3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{DEE35F72-928C-4DDC-993A-550C2685A29D}" = rport=445 | protocol=6 | dir=out | app=system |
    "{EEEBAE48-FCC0-43FE-BD9C-ECD3E43B26AB}" = rport=138 | protocol=17 | dir=out | app=system |
    "{F4F789F5-8E5C-430D-A36C-CFCD3F11E9F1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{F780AF82-18C6-449C-AF77-7F22EA8674E5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0561EC3D-8744-4DAB-A8A9-CBBE860859F2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{062E341C-A58C-4C2B-8D1C-2058387EB4FC}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
    "{065B5912-AB59-4054-85F8-E2CC45B60A93}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{0D44F584-D66E-4C9C-8CD4-467AD196C2FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{1610D92C-143D-4381-BDC6-371974769E63}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
    "{16238889-FD09-4CC3-8AE9-A1DDD8ACC6AA}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
    "{2468230B-7A96-4393-890F-9411395F975E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{251C2430-7B4E-4596-BEC5-BB7B1CCB8ED4}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
    "{2E77AC01-FF89-4AC2-9C89-02C2BFCC8194}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{38BEEAA9-28BD-4EBC-9BB5-19DA5F1E8E97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{38E89A0E-3415-4868-9F12-B10CCFA678D2}" = protocol=6 | dir=in | app=c:\program files (x86)\giraffic\veoh_giraffic.exe |
    "{464D103B-3612-4E2F-83FD-7F27D4856FBD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{56B74252-37E3-4C30-840C-A737D07450BD}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{5BC7B79D-18E7-4247-8795-90FB2EC418E2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{5F3845D8-CEBC-472D-8003-F76DDC3A48B0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{70DB5790-1570-43D3-A7FD-89DEE3F39FAF}" = protocol=17 | dir=in | app=c:\program files (x86)\giraffic\veoh_giraffic.exe |
    "{7CC04E41-6848-4D61-B21B-B34DABF7FEEB}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
    "{84CE6919-D64B-478C-84ED-DA66C0C53B45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{8CFA2BEA-8536-4D7D-A40B-6F2AA76302FC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{8DABA407-E508-46EF-B9C5-EEE74347549E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{9486E3FF-DF15-4983-86FE-1AF0E0EB0FF8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{9EBF73A3-AC58-46D2-9ECC-AE20F9241913}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{9F803CAF-735B-4975-BDB9-5DDDADD2BCCF}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
    "{AA40A295-DB43-4739-A24C-346810AF78A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{AFAEE58F-7194-4542-90CC-2D6FC179BCA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B449608D-AD6F-42F4-B4DD-36B810D3A3FD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{C4A199A7-E055-42BA-A4E2-68943599471E}" = protocol=17 | dir=in | app=c:\program files (x86)\giraffic\veoh_girafficwatchdog.exe |
    "{CA4CE259-6F00-4ABD-94DA-B5CE98B44508}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{CD69AF1C-CAEB-4C8D-A738-DD6E60A84105}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{CDC6046D-D389-4593-B0C0-39C9A97813D0}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
    "{D41919B0-5995-4471-975A-2C95135153C4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{DBB983FC-FE57-4E71-8F9A-51A75E8FFE4C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{DCDF84B3-7F2D-45A8-A798-788649E6184F}" = protocol=6 | dir=in | app=c:\program files (x86)\giraffic\veoh_girafficwatchdog.exe |
    "{E0E5574A-C284-42AF-A4B3-1C021DDC5D53}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{E3493439-ED6D-44D6-B87C-32187B81FC69}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E856DB20-2EC8-4EC6-AAA7-F22C79C5E632}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
    "{ECEAFF03-0A1A-4169-9D73-F6AFB1BB0947}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{F01A838C-07C3-4BEA-AD81-9C3926A4E53F}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
    "{F3666B52-8BFB-475B-BDB9-D306C5155ACD}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
    "{F5BF0708-FBCC-4BD5-A348-5A8B5F7E87DA}" = protocol=6 | dir=out | app=system |
    "{F7513B6F-B265-42D7-8B71-8EAEE8F06999}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
    "{FF18F664-9858-414C-9490-1F91CE1E14B8}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
    "{FF6CF16E-A9F9-4859-A623-848EEC764EFD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
    "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{650AF771-456D-418F-BFC7-F6FFC9D0235C}" = HP Deskjet 3050 J610 series Basic Device Software
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    "{B9C3D27C-D72A-4F48-A0A4-8E1758219735}" = TEC-IT TBarCode Office 10
    "{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{FEB2C4AA-661E-483F-9626-21A8ACFD10F2}" = HP Deskjet 3050 J610 series Product Improvement Study
    "Dell Support Center" = Dell Support Center
    "DW WLAN Card Utility" = DW WLAN Card Utility
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "SynTPDeinstKey" = Synaptics Pointing Device Driver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{33CBA936-14BD-4FD9-9E67-9B94201BB6C7}" = TEC-IT TFORMer 7.0
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{3F15E203-BC3E-3597-84CD-EDF99546C917}" = Google Talk Plugin
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
    "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
    "{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
    "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
    "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
    "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
    "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
    "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
    "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{DFC3E171-965F-4C07-AA42-05F6F5B7380B}_is1" = RAR Opener version 1.0
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
    "{F11DD279-BC82-4234-A8B8-AADCA1A8B308}" = Virtual Com for USB Driver V1.0.3
    "{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help
    "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "8461-7759-5462-8226" = Vuze
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Advanced Audio FX Engine" = Advanced Audio FX Engine
    "conduitEngine" = Conduit Engine
    "Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
    "Dell Dock" = Dell Dock
    "Dell Webcam Central" = Dell Webcam Central
    "Giraffic" = Veoh Giraffic Video Accelerator
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "HP Photo Creations" = HP Photo Creations
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
    "Mozilla Firefox 14.0.1 (x86 en-GB)" = Mozilla Firefox 14.0.1 (x86 en-GB)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "NIS" = Norton Internet Security
    "Office14.Click2Run" = Microsoft Office Click-to-Run 2010
    "PartyPoker" = PartyPoker
    "SmartDraw 2012" = SmartDraw 2012
    "Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
    "Vuze_Remote Toolbar" = Vuze Remote Toolbar
    "WildTangent dell Master Uninstall" = WildTangent Games
    "WinLiveSuite" = Windows Live Essentials
    "Xvid_is1" = Xvid 1.2.1 final uninstall

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "6019B71A5A75B58CE85C0186950C1D941142E4EC" = TECIT.TBarCode.ExcelAddIn
    "F80C393CE1229535BC84582CD13B70388ABABEFC" = TECIT.TBarCode.WordAddIn
    "Octoshape Streaming Services" = Octoshape Streaming Services
    "William Hill CASINO CLUB" = William Hill CASINO CLUB

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 6/22/2012 5:36:26 AM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 6/23/2012 4:58:25 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 6/24/2012 5:12:28 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4622
    Description =

    Error - 6/27/2012 4:59:07 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 6/29/2012 5:18:02 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 7/3/2012 9:52:21 AM | Computer Name = aiden-PC | Source = CVHSVC | ID = 100
    Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
    DownloadLatest Failed: The operation timed out

    Error - 7/3/2012 5:00:08 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4622
    Description =

    Error - 7/5/2012 4:02:19 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 7/5/2012 4:13:47 PM | Computer Name = aiden-PC | Source = CVHSVC | ID = 100
    Description = Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}):
    DownloadLatest Failed: The server name or address could not be resolved

    Error - 7/5/2012 5:06:19 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 7/7/2012 5:08:22 PM | Computer Name = aiden-PC | Source = EventSystem | ID = 4621
    Description =

    [ Broadcom Wireless LAN Events ]
    Error - 7/19/2012 4:26:44 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 09:26:44, Thu, Jul 19, 12 Error - P2P: Failed to set APSTA mode

    Error - 7/19/2012 10:11:23 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 15:11:22, Thu, Jul 19, 12 Error - Unable to gain access to user store


    Error - 7/21/2012 8:19:38 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 01:19:38, Sun, Jul 22, 12 Error - Unable to gain access to user store


    Error - 7/22/2012 12:01:01 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 17:01:01, Sun, Jul 22, 12 Error - Unable to get current user admin
    status

    Error - 7/22/2012 12:10:38 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 17:10:38, Sun, Jul 22, 12 Error - Unable to get current user admin
    status

    Error - 7/22/2012 12:26:58 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 17:26:58, Sun, Jul 22, 12 Error - Unable to get current user admin
    status

    Error - 7/22/2012 1:42:58 PM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 18:42:58, Sun, Jul 22, 12 Error - Unable to get current user admin
    status

    Error - 7/23/2012 5:14:03 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 10:14:03, Mon, Jul 23, 12 Error - Unable to get current user admin
    status

    Error - 7/23/2012 5:15:47 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 10:15:47, Mon, Jul 23, 12 Error - Unable to get current user admin
    status

    Error - 7/23/2012 6:00:40 AM | Computer Name = aiden-PC | Source = WLAN-Tray | ID = 0
    Description = 11:00:40, Mon, Jul 23, 12 Error - Unable to get current user admin
    status

    [ Dell Events ]
    Error - 2/25/2011 7:37:34 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 3/8/2011 5:26:22 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 3/8/2011 5:26:22 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 5/18/2011 9:19:03 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 5/18/2011 9:19:03 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 9/1/2011 12:16:28 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 9/1/2011 12:16:28 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 11/10/2011 1:08:08 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 11/10/2011 1:08:08 PM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    Error - 11/13/2011 11:17:15 AM | Computer Name = aiden-PC | Source = DataSafe | ID = 17
    Description = The process was interrupted before completion.

    [ Media Center Events ]
    Error - 5/10/2011 10:44:06 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 03:44:06 - Error connecting to the internet. 03:44:06 - Unable
    to contact server..

    Error - 5/10/2011 10:44:16 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 03:44:11 - Error connecting to the internet. 03:44:11 - Unable
    to contact server..

    Error - 5/10/2011 11:44:20 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 04:44:20 - Error connecting to the internet. 04:44:20 - Unable
    to contact server..

    Error - 5/10/2011 11:44:26 PM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 04:44:25 - Error connecting to the internet. 04:44:25 - Unable
    to contact server..

    Error - 5/11/2011 12:44:31 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 05:44:31 - Error connecting to the internet. 05:44:31 - Unable
    to contact server..

    Error - 5/11/2011 12:44:37 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 05:44:36 - Error connecting to the internet. 05:44:36 - Unable
    to contact server..

    Error - 5/11/2011 1:44:42 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 06:44:42 - Error connecting to the internet. 06:44:42 - Unable
    to contact server..

    Error - 5/11/2011 1:44:48 AM | Computer Name = aiden-PC | Source = MCUpdate | ID = 0
    Description = 06:44:47 - Error connecting to the internet. 06:44:47 - Unable
    to contact server..

    [ System Events ]
    Error - 7/23/2012 7:10:42 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7003
    Description = The IKE and AuthIP IPsec Keying Modules service depends the following
    service: BFE. This service might not be installed.

    Error - 7/23/2012 7:10:42 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7003
    Description = The IPsec Policy Agent service depends the following service: BFE.
    This service might not be installed.

    Error - 7/23/2012 7:10:42 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7001
    Description = The Client Virtualization Handler service depends on the Application
    Virtualization Client service which failed to start because of the following error:
    %%1068

    Error - 7/23/2012 7:10:45 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    BHDrvx64 discache eeCtrl IDSVia64 spldr SRTSPX SymIRON SymNetS Wanarpv6

    Error - 7/23/2012 7:10:51 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
    Description =

    Error - 7/23/2012 7:10:58 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
    Description =

    Error - 7/23/2012 7:11:00 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
    Description =

    Error - 7/23/2012 7:11:00 AM | Computer Name = aiden-PC | Source = DCOM | ID = 10005
    Description =

    Error - 7/23/2012 7:11:00 AM | Computer Name = aiden-PC | Source = Service Control Manager | ID = 7001
    Description = The HomeGroup Provider service depends on the Function Discovery Provider
    Host service which failed to start because of the following error: %%1068

    Error - 7/23/2012 7:11:01 AM | Computer Name = aiden-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
    Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll
    Error
    Code: 21


    < End of report >

    Hi guys
    Forgive my ignorance but I have a very limited knowlege of this area.How does one interpret this log?I scan my laptop with MSE and MBAM and run an adware extension on Google Chrome.Am I to understand that MBAM failed to remove adware(no action taken)?Where is it indicated that there is trojan virus???I have now installed OTL,superantispyware,cCleaner?Overkill?Not entirely sure what I should and should not do with them????


  • Site Banned Posts: 1,167 ✭✭✭ASJ112


    You need to tell MBAM to fix the things it finds

    I have now installed OTL,superantispyware,cCleaner?Overkill?Not entirely sure what I should and should not do with them????
    You don't need OTL. With the others just run them once every few weeks. If they find anything let them fix it.


  • Registered Users Posts: 9,286 ✭✭✭seligehgit


    I realise that but I understand from the OP that MBAM failed to remove these suspicious programs after been instructed?


  • Advertisement
  • Site Banned Posts: 1,167 ✭✭✭ASJ112


    No it did remove the malware it found, the user just waited to confirm it with me before clicking Fix, which is why it shows up in the log as No action taken.


  • Closed Accounts Posts: 1,455 ✭✭✭RUCKING FETARD


    What sites are people picking up these viruses from???


  • Registered Users Posts: 1 Mum4Stressed


    It not people it's kids going on to things because it says it's FREE. Spent the last 4 hours trying to delete it out of my Reg. Kids are not grounded with no TV or computer. Humf


Advertisement