Welcome to Free PC Help, a free PC Help forum to get help with your computer problems.

Free PC Help is a community that offers free computer help and support for all users, all ages, worldwide.

In order to start asking questions or contribute on someone else's post you will first need to register. Don't worry - it's quick and easy and once you have registered you will have instant access to the entire forum.

If you do decide to join the forums you will not have the option to send Private Messages [ PMs ] or add a Signature until you have made 5 posts or more. This is an attempt to try to stop Spammers using the PM system or adding links to their Signature.

Register Log in

Series of (most probably) related issues on Vista PC.

L

ljordan

FPCH Member
Joined
Jun 8, 2011
Messages
13
Beginner
Hi all, having quite a few issues with my vista pc, and an currently stumped as to how to solve them. I was unsure whether this is a hardware issue or a software issue, but since i am able to do most of the things in safe mode that I cant do in normal mode, i presumed that it was more likely to be a software issue. Not quite sure where to start so ill just provide a description of my pc and a list of the current problems. Thanks for all the help you might be able to give.

PC description -

Windows 64 bit operating system
Intel quad processer Q6600 2.40 GHz
Nvidia 8800 gt

Problems -

- About 75% of the time the computer will freeze at some point after start up. This usually occurs when i open firefox. It doesnt crash or stop working, the cursor just displays a wheel and I cant click anything in firefox. If i try to click the taskbar, then that freezes and also displays a wheel - I am unable to close any programmes and so have to switch the computer off at the mains.
- Of the above 75% of the time, sometimes the computer will freeze completely. By this i mean nothing can be clicked, and the cursor simply displays an arrow.
- Of the times when firefox doesnt crash it may work for several hours and simply stop working, making the cursor display a wheel and losing all functionality
- Occasionally, no browser will open at all (yet oddly, other programmes seem to work fine)
- I am unable to install or uninstall any programme update, or driver.
- Upon startup I am notified that several programmes fail to start up, that they have stopped working, or that certain files are missing. These programmes are, apple synch notifier, commondo registry cleaner, occasionally logitech mouse and keyboard (although oddly, my keyboard and mouse still work when this happens). Once again, I assumed that this is something to do with the registry and so belongs in this forum.

Note - when i experience none of the problems when i start the computer in safe mode, except for the fact that i cannot use windows installer or install/unistall anything. Ive ran various virus and spyware checks with multiple registry cleaners, spydoctor (full version) and spyware search and destroy - all have come up clean, except for the registry cleaners, which tell me I need to pay to buy a full version to remove all the entries.

Ideally, I shouldnt want to reformat my computer unless absolutely necessary, and doing so would be currently impossible since the disk i need to do that is in a different location to where I am. Thats all I can think of at the moment, any help that anyone can give would be welcome as I'm quite a bit out of my depth here.

Thanks- Luke.
 
Last edited:
Hi and welcome to FpcH

Try "Last Known Good Configuration" from the Advanced Startup options ( where you selected Safe Mode fom ).

If this doesn't solve it....

Boot up.
Start > type in ....msconfig .....ENTER
Click on the Startup tab.
Uncheck everything EXCEPT the AntiVirus and Firewall entries,
OK the changes.

Reboot.
Let us know the result.

If this is recent you could tr System Restore to a date just prior to the start of your problem.

Also ...
Registry Cleaners - NOT a good idea.
The Registry is far to complex to entrust to a piece of software.
If it deletes the wrong keys your system can be rendered inoperable.
 
Thanks for all your help, the majority of my problems seem to have been fixed using your second suggestion. I have been able to uninstall several programmes, aswell as install a few more. However, my computer still refuses to shut down (I forgot to mention this in the first post), and hangs on the blue shutting down screen. I'm also unable to uninstall or modify certain programmes such as itunes. I'm told that when I try to uninstall some of these programmes that "the windows installer service could not be accessed". Other than that though, all the crashes seem to have been resolved and I'm happy that I can finally install other programmes. If you know of any way to solve the remaining problems, that would be great.
 
I downloaded malwarebytes and ran the scan a couple of times, but it froze each time i tried it. The computer was fine though, and i could just end the task via the task manager. Ill run the scan again and see if it works.
 
This is a cause for concern as it should run with no problems.

Try it in Safe Mode.
Switch on - constantly tap F8 about once per second.
Select Safe Mode from the list of options.
 
Tried a few times, was unable to start in safe mode. The system hung on the black screen that loads when safe mode comes up. The computer is running better than it has ever done in normal mode though.
 
You can't run MBAM or access Safe Mode.

I think I will ask Starbuck to have a look at this thread and see if it is worthwhile having a security expert advise you further.
 
The best I was able to do was a quick scan which revealved that there were indeed two infections. Ive still been unable to start the computer in safe mode, but ill keep trying. Ill post the log below.

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6818

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19048

11/06/2011 20:47:42
mbam-log-2011-06-11 (20-47-42).txt

Scan type: Quick scan
Objects scanned: 177193
Time elapsed: 3 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\program files (x86)\registry helper (Rogue.RegistryHelper) -> Quarantined and deleted successfully.

Files Infected:
c:\program files (x86)\registry helper\Starter.exe (Rogue.RegistryHelper) -> Quarantined and deleted successfully.

Thanks again, Luke.
 
Managed to get it to work in safe mode. Ran a scan, heres the log.

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6818

Windows 6.0.6001 Service Pack 1 (Safe Mode)
Internet Explorer 8.0.6001.19048

11/06/2011 22:01:55
mbam-log-2011-06-11 (22-01-55).txt

Scan type: Full scan (C:\|)
Objects scanned: 399213
Time elapsed: 1 hour(s), 4 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Gill\Desktop\Games\stress reducers.exe (Joke.Stressreducer) -> Quarantined and deleted successfully.
 
I have sent a PM to Starbuck. He is usually away at weekends so please have a little patience until he gets to you :)
 
Thanks for the message Ken.
Two_thumbs_up.gif


Hi ljordan

Let's see if this throws up anything:

Download RogueKiller and save it to your desktop.
  • Close all the running processes
  • Double click RogueKiller icon to run the program
    Vista/Win7 users should right click the icon and select Run as Administrator.
  • When prompted, type 1 (SCAN) and then press Enter
  • A report will open, please copy and paste this report in your next reply.
A copy of the RKreport.txt can be found on your desktop.

Note:
If RogueKiller is blocked, do not hesitate to try running it again.
If it still fails to run, right click on the downloaded icon and select 'Rename'.....rename it to winlogon and try again.


Please post the RKreport.txt in your next reply.

Thanks
 
Hi, ran that scan you suggested. Got the following report.

RogueKiller V5.2.2 [06/05/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html

Operating System: Windows Vista (6.0.6001 Service Pack 1) 64 bits version
Started in : Normal mode
User: Gill [Admin rights]
Mode: Scan -- Date : 06/13/2011 02:19:08

Bad processes: 0

Registry Entries: 2
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

HOSTS File:
127.0.0.1 localhost
::1 localhost
127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com
127.0.0.1 1001-search.info
127.0.0.1 www.1001-search.info
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
[...]


Finished : << RKreport[1].txt >>
RKreport[1].txt



Thanks, Luke.
 
Hi ljordan

The 2 registry entries found, are nothing to worry about.
They are to do with shared folders on the system.

The Hosts file looks ok. ( all bad links are being redirected to your own system, as it should be)

There's nothing to suggest the problems you are experiencing.
If you want us to take a closer look for you:

  • Download OTL to your desktop.
    right click on the link and select 'Save Link/Target As'.

    if you have problems, try this download link:
    OTL
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check
.

.
Otllatest.png


  • Now copy the lines in bold below.

    netsvcs
    msconfig
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\*
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT

  • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.

    scan-fix.png

    .
  • Click the Run Scan button.

    runscan.png

  • Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them with your next reply.

Thanks
 
Ok thanks - the otl.txt file

OTL logfile created on: 14/06/2011 12:41:02 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Gill\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 32.92% Memory free
6.20 Gb Paging File | 3.91 Gb Available in Paging File | 63.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 43.64 Gb Free Space | 18.74% Space Free | Partition Type: NTFS
Drive E: | 623.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LUKE-PC | User Name: Gill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Gill\Downloads\OTL.scr (OldTimer Tools)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
PRC - C:\Program Files (x86)\ThreatFire\TFTray.exe (PC Tools)
PRC - C:\Program Files (x86)\ThreatFire\TFService.exe (PC Tools)
PRC - C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
PRC - C:\Program Files (x86)\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Program Files (x86)\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
PRC - C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
PRC - C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe ()
PRC - C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe ()
PRC - C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
PRC - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - C:\Program Files (x86)\Kontiki\KService.exe (Kontiki Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)


========== Modules (SafeList) ==========

MOD - C:\Users\Gill\Downloads\OTL.scr (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\PC Tools Security\PCTGMhk.dll (PC Tools)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe ()
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (gpsvc) -- C:\Windows\SysNative\svchost.exe ()
SRV - (RapportMgmtService) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (ThreatFire) -- C:\Program Files (x86)\ThreatFire\TFService.exe (PC Tools)
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (sdCoreService) -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (Browser Defender Update Service) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
SRV - (sdAuxService) -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (ASKUpgrade) -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe ()
SRV - (ASKService) -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe ()
SRV - (HotspotShieldService) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe ()
SRV - (HssSrv) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (KService) -- C:\Program Files (x86)\Kontiki\KService.exe (Kontiki Inc.)
SRV - (Macromedia Licensing Service) -- C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (nTuneService) -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)


========== Driver Services (SafeList) ==========

DRV:64bit: - (RapportKE64) -- C:\Windows\SysNative\Drivers\RapportKE64.sys ()
DRV:64bit: - (TfSysMon) -- C:\Windows\SysNative\drivers\TfSysMon.sys ()
DRV:64bit: - (TfNetMon) -- C:\Windows\SysNative\drivers\TfNetMon.sys ()
DRV:64bit: - (TfFsMon) -- C:\Windows\SysNative\drivers\TfFsMon.sys ()
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys ()
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys ()
DRV:64bit: - (pctgntdi) -- C:\Windows\SysNative\drivers\pctgntdi64.sys ()
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys ()
DRV:64bit: - (pctplsg) -- C:\Windows\SysNative\drivers\pctplsg64.sys ()
DRV:64bit: - (PCTCore) -- C:\Windows\SysNative\drivers\PCTCore64.sys ()
DRV:64bit: - (iPodDrv) -- C:\Windows\SysNative\drivers\iPodDrv.sys ()
DRV:64bit: - (pctEFA) -- C:\Windows\SysNative\drivers\pctEFA64.sys ()
DRV:64bit: - (pctDS) -- C:\Windows\SysNative\drivers\pctDS64.sys ()
DRV:64bit: - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\SysNative\DRIVERS\tap0901t.sys ()
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\DRIVERS\hamachi.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys ()
DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\DRIVERS\mcdbus.sys ()
DRV:64bit: - (RMCAST) RMCAST (Pgm) -- C:\Windows\SysNative\DRIVERS\RMCAST.sys ()
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys ()
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys ()
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys ()
DRV:64bit: - (LMouKE) -- C:\Windows\SysNative\DRIVERS\LMouKE.Sys ()
DRV:64bit: - (L8042mou) -- C:\Windows\SysNative\DRIVERS\L8042mou.Sys ()
DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\DRIVERS\L8042Kbd.sys ()
DRV:64bit: - (ElbyDelay) -- C:\Windows\SysNative\Drivers\ElbyDelay.sys ()
DRV:64bit: - (RTL85n64) -- C:\Windows\SysNative\DRIVERS\RTL85n64.sys ()
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
DRV - (RapportPG64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys (Trusteer Ltd.)
DRV - (RapportEI64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys (Trusteer Ltd.)
DRV - (RivaTuner64) -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys ()
DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (ElbyDelay) -- C:\Windows\SysWOW64\drivers\ElbyDelay.sys (Elaborate Bytes AG)
DRV - (Klmc) -- C:\Windows\SysWOW64\drivers\klmc.sys (Kaspersky Lab)
DRV - (Klif) -- C:\Windows\SysWOW64\drivers\klif.sys (Kaspersky Labs)
DRV - (Klin) -- C:\Windows\System32\drivers\klin.sys (Kaspersky Labs)
DRV - (Klick) -- C:\Windows\System32\drivers\klick.sys (Kaspersky Labs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=antn&s={searchTerms}&f=4

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=antn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://start.facemoods.com/?a=antn"
FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:2.0.6
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4cd576eb&v=6.010.006.004&i=29&tp=ab&iy=&ychte=uk&lng=en-GB&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\FireFox\ [2011/02/08 01:23:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/04 13:50:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/04 13:50:01 | 000,000,000 | ---D | M]

[2008/06/17 21:58:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gill\AppData\Roaming\mozilla\Extensions
[2011/06/06 16:00:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gill\AppData\Roaming\mozilla\Firefox\Profiles\e7082dhv.default\extensions
[2009/09/03 15:28:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Gill\AppData\Roaming\mozilla\Firefox\Profiles\e7082dhv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/06 16:00:49 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Gill\AppData\Roaming\mozilla\Firefox\Profiles\e7082dhv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/05/04 14:59:38 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Gill\AppData\Roaming\mozilla\Firefox\Profiles\e7082dhv.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/08/15 20:43:44 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Gill\AppData\Roaming\mozilla\Firefox\Profiles\e7082dhv.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2011/02/08 01:30:10 | 000,002,696 | ---- | M] () -- C:\Users\Gill\AppData\Roaming\Mozilla\Firefox\Profiles\e7082dhv.default\searchplugins\search-defender.xml
[2011/05/04 13:50:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\USERS\GILL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E7082DHV.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.XPI
[2011/04/14 17:41:09 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 09:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2011/02/28 20:53:04 | 000,002,047 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrchantn.xml
[2010/01/01 09:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2008/02/04 22:55:49 | 000,224,358 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 7874 more lines...
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exe (PC Tools)
O4 - Startup: C:\Users\Gill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab (CDownloadCtrl Object)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.systemrequirementslab.com/sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Gill\Documents\hudf_150dpi.jpg
O24 - Desktop BackupWallPaper: C:\Users\Gill\Documents\hudf_150dpi.jpg
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [1996/11/07 18:19:30 | 000,450,560 | R--- | M] () - E:\automenu.exe -- [ CDFS ]
O32 - AutoRun File - [1999/10/07 19:11:58 | 000,011,902 | R--- | M] () - E:\autorun.apm -- [ CDFS ]
O32 - AutoRun File - [1999/02/03 03:02:00 | 000,167,936 | R--- | M] (Indigo Rose Corporation) - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [1999/04/15 15:40:06 | 000,000,029 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{549fe2b5-9230-11e0-a913-0011f57695d8}\Shell - "" = AutoRun
O33 - MountPoints2\{549fe2b5-9230-11e0-a913-0011f57695d8}\Shell\AutoRun\command - "" = E:\autorun.exe -- [1999/02/03 03:02:00 | 000,167,936 | R--- | M] (Indigo Rose Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe - (Logitech Inc.)
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe - (Logitech, Inc.)
MsConfig:64bit - StartUpFolder: C:^Users^Gill^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: kdx - hkey= - key= - C:\Program Files (x86)\Kontiki\KHost.exe (Kontiki Inc.)
MsConfig:64bit - StartUpReg: Kernel and Hardware Abstraction Layer - hkey= - key= - C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
MsConfig:64bit - StartUpReg: NvCplDaemon - hkey= - key= - C:\Windows\SysNative\rundll32.exe ()
MsConfig:64bit - StartUpReg: NVIDIA nTune - hkey= - key= - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
MsConfig:64bit - StartUpReg: NvMediaCenter - hkey= - key= - C:\Windows\SysNative\rundll32.exe ()
MsConfig:64bit - StartUpReg: NvSvc - hkey= - key= - C:\Windows\SysNative\rundll32.exe ()
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: Sidebar - hkey= - key= - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/06/13 02:19:08 | 000,000,000 | ---D | C] -- C:\Users\Gill\Desktop\RK_Quarantine
[2011/06/12 00:52:46 | 000,000,000 | ---D | C] -- C:\Users\Gill\Desktop\allied disk
[2011/06/11 23:47:05 | 000,000,000 | ---D | C] -- C:\Users\Gill\Desktop\EA Games
[2011/06/09 20:48:27 | 000,000,000 | ---D | C] -- C:\Users\Gill\Desktop\XP_Patch
[2011/06/09 20:46:17 | 000,000,000 | ---D | C] -- C:\Games
[2011/06/09 20:45:46 | 000,000,000 | ---D | C] -- C:\TBRASetup
[2011/06/09 12:28:40 | 000,000,000 | ---D | C] -- C:\Users\Gill\AppData\Roaming\Malwarebytes
[2011/06/09 12:28:27 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/09 12:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/09 12:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/09 12:28:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/09 05:22:00 | 000,000,000 | ---D | C] -- C:\Users\Gill\Documents\RedAlert1_AlliedDisc
[2011/06/09 02:21:36 | 000,000,000 | ---D | C] -- C:\Users\Gill\AppData\Roaming\WinRAR
[2011/06/09 02:21:36 | 000,000,000 | ---D | C] -- C:\Users\Gill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/09 02:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/09 02:21:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/06/09 01:43:30 | 000,000,000 | ---D | C] -- C:\Users\Gill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2011/06/09 01:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2011/06/09 01:27:24 | 000,000,000 | ---D | C] -- C:\Users\Gill\{b82e5b3e-408d-4c0e-b756-9a781c14568b}
[2011/06/09 01:08:38 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/06/08 18:44:27 | 000,000,000 | ---D | C] -- C:\Users\Gill\{3fc1cb4a-f134-4f86-ae0f-64cdbd1f84a3}
[2011/06/08 18:44:26 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys
[2011/06/08 18:44:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDisc
[2011/06/08 17:51:42 | 000,000,000 | ---D | C] -- C:\Users\Gill\{b6f5e937-d964-4e58-9668-db7a533453ff}
[2011/06/08 17:51:37 | 000,000,000 | ---D | C] -- C:\Users\Gill\Documents\Tunngle
[2011/06/08 17:51:37 | 000,000,000 | ---D | C] -- C:\Users\Gill\AppData\Roaming\Tunngle
[2011/06/08 17:51:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2011/06/08 17:51:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2011/06/08 17:51:28 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2011/06/08 17:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tunngle
[2011/06/07 17:28:16 | 000,000,000 | ---D | C] -- C:\ad8f3568418353640f9dbfa9e559
[2011/05/28 19:12:27 | 000,000,000 | ---D | C] -- C:\a21489a318c8a4277ba932
[2011/05/23 12:53:44 | 000,000,000 | ---D | C] -- C:\8d6501e2b89a5600342a0b24a2c1
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Gill\Documents\*.tmp files -> C:\Users\Gill\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/14 12:46:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{947F2976-1144-4A50-B1C3-84F7A01DC0E4}.job
[2011/06/14 12:40:17 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/14 12:39:10 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/06/14 12:33:58 | 000,003,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 12:33:58 | 000,003,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 12:33:57 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/14 12:33:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/14 12:33:47 | 3219,709,952 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/12 00:19:07 | 000,001,090 | ---- | M] () -- C:\Users\Gill\Desktop\Game - Shortcut.lnk
[2011/06/09 20:46:21 | 000,000,000 | ---- | M] () -- C:\MAIN.MIX
[2011/06/09 18:41:24 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/06/09 12:28:27 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/09 01:46:08 | 000,790,054 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/09 01:46:08 | 000,667,982 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/09 01:46:08 | 000,133,210 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/09 01:43:30 | 000,000,828 | ---- | M] () -- C:\Users\Gill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2011/06/09 01:43:30 | 000,000,792 | ---- | M] () -- C:\Users\Gill\Desktop\MagicDisc.lnk
[2011/06/09 01:39:59 | 000,000,792 | ---- | M] () -- C:\Users\Gill\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2011/06/09 01:39:59 | 000,000,768 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2011/06/08 17:54:45 | 000,293,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/07 11:36:45 | 000,000,000 | ---- | M] () -- C:\Users\Gill\AppData\Local\{8D906D26-82F1-4618-960A-0B6BBCD6D0D6}
[2011/06/06 21:43:32 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2011/06/03 23:09:34 | 000,000,000 | ---- | M] () -- C:\Users\Gill\AppData\Local\{854C6583-12DC-4602-92A6-A88B259211DB}
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Users\Gill\Documents\*.tmp files -> C:\Users\Gill\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/12 00:19:07 | 000,001,090 | ---- | C] () -- C:\Users\Gill\Desktop\Game - Shortcut.lnk
[2011/06/11 22:03:02 | 3219,709,952 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/09 20:46:21 | 000,000,000 | ---- | C] () -- C:\MAIN.MIX
[2011/06/09 20:36:24 | 654,348,288 | ---- | C] () -- C:\Users\Gill\Desktop\CD1_ALLIED_DISC.ISO
[2011/06/09 12:28:27 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/09 12:28:23 | 000,025,912 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2011/06/09 01:43:30 | 000,000,828 | ---- | C] () -- C:\Users\Gill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2011/06/09 01:43:30 | 000,000,792 | ---- | C] () -- C:\Users\Gill\Desktop\MagicDisc.lnk
[2011/06/08 18:44:26 | 000,255,552 | ---- | C] () -- C:\Windows\SysNative\drivers\mcdbus.sys
[2011/06/08 17:51:29 | 000,031,232 | ---- | C] () -- C:\Windows\SysNative\drivers\tap0901t.sys
[2011/06/08 17:51:29 | 000,000,792 | ---- | C] () -- C:\Users\Gill\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2011/06/08 17:51:29 | 000,000,768 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2011/06/07 11:36:45 | 000,000,000 | ---- | C] () -- C:\Users\Gill\AppData\Local\{8D906D26-82F1-4618-960A-0B6BBCD6D0D6}
[2011/06/03 23:09:34 | 000,000,000 | ---- | C] () -- C:\Users\Gill\AppData\Local\{854C6583-12DC-4602-92A6-A88B259211DB}
[2011/02/08 01:23:23 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/11/12 20:37:43 | 000,000,133 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2009/09/15 15:57:26 | 000,001,356 | ---- | C] () -- C:\Users\Gill\AppData\Local\d3d9caps.dat
[2008/07/22 12:49:04 | 000,000,092 | ---- | C] () -- C:\Users\Gill\AppData\Local\fusioncache.dat
[2008/07/22 12:37:29 | 000,735,162 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008/06/06 16:39:15 | 000,000,976 | ---- | C] () -- C:\Windows\eReg.dat
[2008/05/22 23:22:18 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/05/22 23:18:54 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll
[2008/04/13 12:08:26 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008/02/24 20:26:17 | 003,049,984 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll
[2008/02/24 20:26:17 | 000,404,480 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2008/02/24 20:26:17 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2008/02/24 20:26:17 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2008/02/02 00:29:16 | 000,052,224 | ---- | C] () -- C:\Users\Gill\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/16 17:10:59 | 000,000,732 | ---- | C] () -- C:\Users\Gill\AppData\Local\d3d9caps64.dat
[2007/12/24 19:49:52 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2007/12/12 18:45:25 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/12/12 18:45:17 | 000,100,043 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2007/12/12 18:45:15 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/03/12 13:01:30 | 000,273,408 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2007/03/10 12:51:48 | 000,282,624 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2007/02/06 01:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 16:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 13:26:55 | 000,018,271 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2006/11/02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/02/25 19:09:38 | 000,774,144 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[1996/02/23 22:34:48 | 000,014,629 | ---- | C] () -- C:\Windows\SysWow64\Declw.dll
[1996/02/22 20:09:20 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\Decln.dll

========== LOP Check ==========

[2011/05/13 01:10:14 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\.minecraft
[2008/07/22 12:38:14 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\2K Games
[2011/02/28 21:24:24 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\Azureus
[2009/07/20 20:12:38 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\blinkx
[2011/02/28 20:53:04 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\ChemTable Software
[2008/06/12 11:35:03 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\Command & Conquer 3 Kane's Wrath
[2008/08/19 20:02:11 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011/02/21 16:40:15 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\Dropbox
[2011/01/17 21:57:40 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\eBookPro6
[2011/01/17 21:57:48 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\GetRightToGo
[2011/06/09 01:57:10 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\GlarySoft
[2011/05/04 13:36:02 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\PCTools
[2009/03/27 18:22:14 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\Red Alert 3
[2008/08/12 14:11:03 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\Red Alert 3 Beta
[2011/02/28 20:40:24 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\Registry Mechanic
[2008/09/06 13:32:59 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\SPORE
[2008/09/05 22:37:25 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\SPORE Creature Creator
[2010/08/03 13:05:22 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\SystemRequirementsLab
[2011/01/20 22:23:10 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\Trusteer
[2011/05/04 14:15:16 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\TuneUpMedia
[2011/06/12 19:34:53 | 000,000,000 | ---D | M] -- C:\Users\Gill\AppData\Roaming\Tunngle
[2011/02/28 20:33:53 | 000,000,264 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job
[2011/05/03 22:47:40 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/06/14 12:46:00 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{947F2976-1144-4A50-B1C3-84F7A01DC0E4}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2008/01/19 08:45:45 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008/01/16 20:58:46 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2008/02/24 20:32:53 | 000,009,833 | ---- | M] () -- C:\Cucu_Video_log.txt
[2011/06/14 12:33:47 | 3219,709,952 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/03 13:07:54 | 000,012,125 | ---- | M] () -- C:\hs_err_pid5460.log
[2008/08/01 17:00:27 | 000,000,102 | ---- | M] () -- C:\LevelParTimes.csv
[2011/06/09 20:46:21 | 000,000,000 | ---- | M] () -- C:\MAIN.MIX
[2006/12/02 00:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2011/06/14 12:33:46 | 3533,447,168 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/12/23 13:43:08 | 000,171,520 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wintrust.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\* >
[2008/06/07 02:42:39 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/04/14 17:41:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/04/14 17:41:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/04/14 17:41:11 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2011/04/14 17:41:09 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2011/04/14 17:41:09 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2011/04/14 17:41:09 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2011/06/06 06:28:58 | 001,011,768 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2011/06/06 06:28:58 | 001,011,768 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/06/06 06:28:58 | 001,011,768 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2011/06/06 06:28:58 | 001,011,768 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -hide [2011/02/22 05:43:42 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -show [2011/02/22 05:43:42 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -reinstall [2011/02/22 05:43:42 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/02/22 07:21:12 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/02/22 07:21:12 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Safari\Safari.exe" /reinstall [2008/06/17 16:16:14 | 003,463,976 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /hideicons [2008/06/17 16:16:14 | 003,463,976 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Safari\Safari.exe" /showicons [2008/06/17 16:16:14 | 003,463,976 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files (x86)\Safari\Safari.exe" [2008/06/17 16:16:14 | 003,463,976 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/02/22 06:15:33 | 000,070,656 | ---- | M] ()
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/02/22 06:15:33 | 000,070,656 | ---- | M] ()
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/02/22 06:15:33 | 000,070,656 | ---- | M] ()
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/02/22 07:21:12 | 000,638,232 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/02/22 07:21:12 | 000,638,232 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 195 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
 
The extras.txt file.

OTL Extras logfile created on: 14/06/2011 12:41:02 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Gill\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 32.92% Memory free
6.20 Gb Paging File | 3.91 Gb Available in Paging File | 63.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 43.64 Gb Free Space | 18.74% Space Free | Partition Type: NTFS
Drive E: | 623.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LUKE-PC | User Name: Gill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l ()
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 90 44 84 54 3F C8 C8 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04454B1B-CEB0-40B1-9EE8-1AD116A120EF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{05748618-F2B2-41C9-A392-1BDDF330CA6E}" = lport=3702 | protocol=17 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{12D4D372-8BEC-4660-98A7-D25F08E61A5B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2195F25B-4395-4BE1-AE34-9F97CC2CC487}" = rport=10244 | protocol=6 | dir=out | app=system |
"{259CEDDB-9102-461C-A974-7A07648CFD1B}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{293BC4DF-9451-4214-AAC6-61FFA8440FD8}" = rport=3702 | protocol=17 | dir=out | svc=bits | app=c:\windows\system32\svchost.exe |
"{2F21B8B2-09A0-4084-A16C-1F6D6985E7A0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2FD989A7-25BF-4F23-A734-EE167BF75F23}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{30504BA7-11A1-4906-85DE-8257D7E8A2CC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{321413CF-056B-4A0E-B779-F62905051F8D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D29000A-B3D0-42C4-A0B0-0E0A117990E5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{42D45D0B-808C-427E-923E-AD7314601DF4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{44648BE1-1992-42E1-8345-68E1263269D2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{466182AA-A6CE-4165-9D2B-8BF54459CC1D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4822EA0A-5098-4054-A56E-2441FF3D4843}" = rport=2178 | protocol=6 | dir=out | app=system |
"{48AB99F2-05DF-4F50-BAA5-3218E604C34D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{49884EB7-BC94-4296-ACA1-75C43572D93E}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4D2382CD-7F25-4050-A4E5-34FC1D1B6735}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4EA1FD8C-0158-4473-81BE-402D4B53931C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{52AC8FD8-22C1-438C-8D21-598AEE90C5F9}" = lport=rpc | protocol=6 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{532F19C5-59C8-4BF4-80E1-ECB2B0021227}" = rport=2869 | protocol=6 | dir=out | app=system |
"{5C5872DF-1FB9-4BA7-BC51-239DE3824DE2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6503E575-0F1E-4320-9BAC-22EB3AA0D88F}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{78162531-67EC-4E24-95B1-D8848CF2D059}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7B56CAB2-16C8-4DB9-9DF9-3DECF00F6446}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{7BD1431B-49A2-473C-905C-89A950A8AE57}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{86ABD41A-851F-4858-9234-2D0EB8D22F9C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8A7A8FC1-074A-4A7E-8F6C-16B2DF43A200}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B5002F0-257E-4880-944C-957EA583F2C8}" = rport=10244 | protocol=6 | dir=out | app=system |
"{8D4018E7-F85F-4DFA-B638-E461764789D2}" = lport=2178 | protocol=6 | dir=in | app=system |
"{922CC534-482D-432C-83F3-1F15B81FA8DE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9AFA6AB0-5EF9-414C-9F7C-8AFEC5DA1129}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{9C2DD3D8-26A4-4516-8B32-D09A54EDE3F0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9EB94EED-C62E-42EA-A272-BD7EEF6413B6}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{A186686A-8659-45A4-A42A-6C71E9768685}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A23C5AC4-5DAE-48F4-93CC-D98CE92495B2}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{A444F0C9-AE74-4736-87E7-D8CC9EE2CABA}" = lport=10244 | protocol=6 | dir=in | app=system |
"{AC05D5AB-F080-4DFF-AFD5-726CBC2AC7F2}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
"{B6263804-1AA3-444E-AD0A-07F6AC9EE6C2}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B693F5B4-E0CD-43B5-A0C4-89EAE234B9D8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B9DA3941-5B25-472D-A5EB-3FA50F70D9B6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C735A5DE-9D30-47F3-A871-BA6D8ADEF495}" = lport=3390 | protocol=6 | dir=in | app=system |
"{CBEFE5DA-EDDE-4CD3-B65E-B78EFF915931}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{CC5C7EB0-5D8B-4DF8-BC25-87F2B9948ED1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D3B594B4-842A-48B7-9F65-1BE4B7B5F5D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D6E5424D-DBBD-47C4-AE45-8F84CF12A466}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D7C79722-C539-4F3D-85D0-6D912F7D72C1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC45D307-0E3E-4EED-BE36-01935B89ED7B}" = lport=10244 | protocol=6 | dir=in | app=system |
"{F0F9FF11-00A4-4169-949D-E24F71CC58F4}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{F16159A3-BBA0-4A43-8663-97562524F0A2}" = lport=3390 | protocol=6 | dir=in | app=system |
"{F735C835-3CFD-494B-B5CB-9120FEC4D888}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FBB76F75-E4CE-46F6-9255-9DD0038D6B77}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FCB92B01-D1EF-4FBF-9372-468BB4D6B882}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CBB940-F989-48F6-8C1E-A191EABDD8CB}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander - forged alliance\bin\forgedalliance.exe |
"{021A4F6F-0038-4340-98FE-3653A5068023}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{02367ABD-2C9A-402C-BC67-96850EB944BB}" = dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"{02E55F7F-49BD-47E8-B2DF-3B0C4B31051B}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra entertainment\world in conflict\wic_ds.exe |
"{09575E6E-82A6-4A0A-A518-1DF873C6943D}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra entertainment\world in conflict\wic_ds.exe |
"{0AB9DDB0-CB0E-4D68-9D4C-E535857E495D}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{0C98B1C7-582F-4B18-8A01-04905B097DB7}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{0CBF385A-D6BF-4223-81C2-74C2AD00545E}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra entertainment\world in conflict\wic.exe |
"{0DEDB192-BFE4-4B4B-A5B3-92407BA7407F}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{0E2F7BCF-3C2B-49FF-9AC1-D262359CC83D}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{13B853B6-22D5-45FA-B833-29EB914439B2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1605CDC1-AED0-47BE-97E6-59B8E66F2E4B}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{17041CF5-69EA-44A4-9361-55944F6C4302}" = protocol=6 | dir=in | app=c:\users\gill\appdata\roaming\dropbox\bin\dropbox.exe |
"{17183E7B-A1B2-4A6A-B137-7E3D084C26C4}" = protocol=17 | dir=in | app=c:\users\gill\appdata\roaming\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe |
"{1B56699A-E44F-4E37-87B1-E490C7FC82CA}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{1C97B409-87D1-4A16-AB80-B6F1412BC7F3}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{22C330ED-2DCB-4AF2-BA44-8EE457C56B91}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2A400E37-CB3A-4A67-A4CB-C5C359B95609}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2A62E57B-3044-410B-B861-8D4BDF5FF0B9}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{2C9EC4CC-7C2E-4224-9309-519EBE460CF9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{37924BED-A411-46E7-B27B-31A18D57FBCF}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3BBCD54E-8031-47B5-8462-3AE17A9461AD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3D87CBD6-C735-4A04-8727-C7707EBD0448}" = dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3 kane's wrath\retailexe\1.1\cnc3ep1.dat |
"{41FD1CCF-E44D-49C1-9748-F73704191D11}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{466A5363-7D6F-4482-9F1B-5F2B8E6C8335}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4A0CCD6F-6975-4C4A-BC5F-B49AB7E0753F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4A796959-0ABA-49A2-A59C-1E051DC593DC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4E18708B-476B-4B87-8738-E20D53D3FC6A}" = protocol=17 | dir=in | app=c:\users\gill\appdata\roaming\dropbox\bin\dropbox.exe |
"{56E3D0A3-60FC-4CB3-A67E-A68F597CB3CB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5935A222-2389-46BD-AFAC-70EC1A7FF906}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{5A21D8F7-93C0-47D9-A023-3136477E0D6D}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{5E6F57F0-B445-4305-A225-3FC7531E60C3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6522F94F-8622-49B5-869A-5CBA57B17084}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6A0B1A39-9E12-4CBA-A057-9E91F6534D2C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6AFCD639-CDCE-4DF3-B590-B561618CA1A0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C1DDB6C-C780-4B5D-92F7-D98D3898E08D}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra entertainment\world in conflict\wic.exe |
"{6C56F9DB-E8FB-4750-A674-96DCDECEA72D}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{71BFABA4-FD76-4C82-91B3-A430DA49F3D8}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{744E3F08-3DD6-4531-B48F-CAB7805A410E}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{753F21DA-F1D1-40C1-95EC-133222216855}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{766C9972-5B3B-4685-ACC0-4C586904DF52}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{775B6153-0213-402C-A064-12861702B545}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{77C5FBD1-8CAC-483C-9EB7-4B169BFFD080}" = protocol=17 | dir=in | app=c:\users\gill\appdata\roaming\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe |
"{785F7087-EC59-47FB-828C-3FCAFD1F169E}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{79DAB1B7-5092-4934-84B9-641EF94439F9}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra entertainment\world in conflict\wic_online.exe |
"{80E64483-E5F0-4752-99DC-9BFF4ECEECBD}" = protocol=6 | dir=in | app=c:\program files (x86)\kontiki\kservice.exe |
"{86264DC4-1094-49A5-9CCB-EFCBBA197D38}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{86F8B203-B56A-4A76-9A52-9C1AC8A57AFE}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{8D5F1F83-EA38-447A-A393-B59DEC5EE232}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8DFE1B53-5D83-463F-A846-2898622BDD51}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{8EB17E3B-4A5B-4A31-B530-5D37434E6DC3}" = protocol=17 | dir=in | app=c:\program files (x86)\kontiki\kservice.exe |
"{91DA049F-53FB-436F-98BC-4D6B1154F74D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9CB6AE10-3562-4689-87C3-A9E5FB0E29F1}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{9E6090BB-85C5-49E9-A531-6F9D9FF24F33}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A618413A-2E9C-483F-BD35-3EBC93334CD7}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{ABDECB86-9828-4EE7-9B7B-8949FD735383}" = protocol=6 | dir=out | app=system |
"{AD1D22D4-E344-4693-99BB-BA7C24663BC9}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{B1502BDB-F5B6-4C09-828E-BA0B505A49D6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B3FA5519-501E-4877-9626-C80EC7E64C47}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{B6668E2D-598E-475A-87AE-4450447DDE94}" = protocol=17 | dir=in | app=c:\users\gill\appdata\roaming\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe |
"{B7794E01-DC57-476E-91E3-4DB35B1B908E}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B7BAC4D1-61F4-4C17-83D1-5948DEADC7D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BC1E252B-C23D-4692-BD71-00B75C6C7C2C}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{C3D6BFD6-85D9-413B-857C-C65D8F913F69}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{C8A7A273-B6D4-4142-96C2-F00B0FDFD44E}" = protocol=6 | dir=in | app=c:\users\gill\appdata\roaming\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe |
"{CFE4B0D4-BFB4-45F6-B515-80B756BC21F9}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{D1304231-91DE-4855-8BC8-E572A28DD1B7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D4C51E4D-168E-4BFF-8484-6889508CCCF1}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{D9AA7ED4-DCC6-4AD8-9B7B-46F235C56049}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB0672F4-77F1-4957-A3E5-A0E42B6987FF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DBCFBAD7-F3AC-43A5-8830-6D980FBB9B3C}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{DD4A01B8-60D6-43EF-B3BD-0556BC716B12}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander - forged alliance\bin\forgedalliance.exe |
"{DF221444-F9F9-4B63-87E4-BD9B3222F587}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{E158BE96-489F-41A0-A33C-6CDEF9EF97BA}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{E16895FE-1CF7-481D-85F5-B15A579BB0B7}" = protocol=6 | dir=in | app=c:\users\gill\appdata\roaming\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe |
"{E80B2C95-C017-4C42-9223-26969FDD7B75}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{EA082D3C-1E97-40F0-B804-4F3EC827481D}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra entertainment\world in conflict\wic_online.exe |
"{EA663305-1723-4FE0-8A58-C6EE136500C5}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{F5122D6B-A96E-4CD1-91AC-4E3810C73994}" = protocol=6 | dir=in | app=c:\users\gill\appdata\roaming\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe |
"{FB8C00EB-6CDF-4501-B148-3F69C8F999CA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FCCA756F-86AA-4CE4-8B8D-2CAED30A90D6}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{FD4B5303-1E1F-4BBE-8507-BCE444A3631E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"TCP Query User{00DF9888-CC65-4143-ADC2-3A65E77F5B1D}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{09156CEA-8B17-4251-A1F7-BAC7CE4F4052}C:\program files (x86)\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"TCP Query User{0A801C87-8AE9-4769-B20E-904CA9AF2F24}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game |
"TCP Query User{0F1B10C8-E5AB-47AD-B9A9-2BB68C0409CA}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game |
"TCP Query User{137659F1-2767-4516-988F-947FFE69078F}C:\program files (x86)\defcon\defcon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\defcon\defcon.exe |
"TCP Query User{1BEF415A-7143-4BA5-B0D4-D98350028E95}C:\program files (x86)\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"TCP Query User{2034BD15-0664-499A-9575-6765100CE7CE}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.0.game" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.0.game |
"TCP Query User{271CCF05-4733-41B7-BDC0-F5AA57A9312B}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"TCP Query User{31CD180E-887F-4964-ADBF-55AA347B779A}C:\program files (x86)\ea games\red alert 3 beta\retailexe\1.2\ra3game.dat" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\red alert 3 beta\retailexe\1.2\ra3game.dat |
"TCP Query User{39D921BD-DCEA-4115-990A-5A2A71126B73}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{4D7574CC-5056-4A7B-AFA2-2E64F41745F8}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{5D98EF6A-ED40-47D2-B9FF-25285E50D7CF}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game |
"TCP Query User{64CBB57B-9E15-468C-847C-45AF2104C480}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"TCP Query User{714CE16B-B105-4AB5-93A7-40ADBA499DE9}C:\westwood\ra2\gamemd.exe" = protocol=6 | dir=in | app=c:\westwood\ra2\gamemd.exe |
"TCP Query User{770535FC-E973-4958-BDCA-A9D468E62237}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{83689605-B9D2-4648-B010-DAA834B054F5}C:\program files (x86)\sega\universe at war earth assault (demo)\uawea.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sega\universe at war earth assault (demo)\uawea.exe |
"TCP Query User{87BE12F1-E1DA-45D8-B9DB-6D3A87A939E1}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{89ED09A5-3314-4736-BA17-F61502985CCA}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{9A8FAF4B-671E-47E0-B56C-4D892CD09A45}C:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"TCP Query User{AD310B80-9388-4403-930F-0C0DE57BE2F1}C:\program files (x86)\blinkx\blinkx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\blinkx\blinkx.exe |
"TCP Query User{B1D545B6-DD48-4E91-81B3-79051BAB1AD2}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{BB09174A-382C-42CA-9457-3AC942C8F81B}C:\program files (x86)\defcon\defcon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\defcon\defcon.exe |
"TCP Query User{C3855681-160F-454C-8083-203C9B1171E4}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"TCP Query User{C66C26EC-AC48-4373-B2C1-A41E22B5A7A7}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{CB077D4E-24BC-4E70-A4B0-F2A20BF731AA}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{D25583EC-C0D8-445C-82ED-7B2251E62524}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{D7FB63D1-60A8-4C8B-99F8-DF79590D2540}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game |
"TCP Query User{DACBB89B-B888-4FD6-90A4-53706910BD59}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{DE5AC0FA-D4AA-4DCF-A1EA-BCE06F746CA9}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"TCP Query User{E094EA4C-0713-4A39-BBBF-E047C570F7E0}C:\program files (x86)\blinkx\blinkx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\blinkx\blinkx.exe |
"TCP Query User{E3EAD1F2-D4B0-4440-A041-F589DC95D6B7}C:\westwood\ra2\gamemd.exe" = protocol=6 | dir=in | app=c:\westwood\ra2\gamemd.exe |
"UDP Query User{0D420FB6-B3A1-4E20-9BB3-EC28AC9AF817}C:\program files (x86)\ea games\red alert 3 beta\retailexe\1.2\ra3game.dat" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\red alert 3 beta\retailexe\1.2\ra3game.dat |
"UDP Query User{0FFD8987-389B-4663-B1E6-86139EDA9BD2}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"UDP Query User{103539B8-B0DD-45EC-9884-4298A83A9844}C:\program files (x86)\sega\universe at war earth assault (demo)\uawea.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sega\universe at war earth assault (demo)\uawea.exe |
"UDP Query User{293781E0-8590-4EB0-B658-D356A39208CD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{2C854E25-143E-438C-BA94-FCE2C6D6F52D}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{2F2C2AF5-D97E-4E5E-AE2B-4EACE25FF916}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{3612A75C-A7C3-4C0E-98D7-F15705539279}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{3BB4E487-89B2-4922-9D92-3B86BE02D79E}C:\program files (x86)\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"UDP Query User{3E424C5E-3948-44C1-8D8F-C350A140B4A1}C:\program files (x86)\blinkx\blinkx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\blinkx\blinkx.exe |
"UDP Query User{49DE1576-DE2D-4C12-A5C6-F789258D06CA}C:\program files (x86)\defcon\defcon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\defcon\defcon.exe |
"UDP Query User{595AF5C6-3188-41F0-B5CC-E810B8C392ED}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game |
"UDP Query User{63F52BB8-1160-49C1-8498-8673A9E4905E}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game |
"UDP Query User{67BDF871-2EAD-4E80-9778-31F50437AC38}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"UDP Query User{681485CD-3B49-48EE-A1FB-03EC53C5B447}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game |
"UDP Query User{73ADB552-896D-4D66-B81A-014EA1430DB9}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{7AB100E3-3856-43C3-ADB2-46084E91B84E}C:\westwood\ra2\gamemd.exe" = protocol=17 | dir=in | app=c:\westwood\ra2\gamemd.exe |
"UDP Query User{7B7E3C0C-69AE-45AB-8BF6-FE9CA5B55327}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{7BE9CBCD-F1E7-4523-9E07-2F24D774FAD1}C:\program files (x86)\blinkx\blinkx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\blinkx\blinkx.exe |
"UDP Query User{7CBB746C-CD23-4950-A03C-EE72317D4981}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game |
"UDP Query User{7F0088BB-454F-4E1D-9A49-139FED697626}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{86CD479A-7B58-4F6D-8DA4-8E0B66C033A5}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{8E681437-DAD8-4951-A032-F58CBE326628}C:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"UDP Query User{972DCCCE-8028-4898-A5AB-E20D54E4D356}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{975A4BD1-B937-4452-B744-0E2E41CACF94}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{9AB1262C-9663-4366-805A-A899B3EF22C4}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{9D609BA7-CEDE-4D83-9776-7045CFF8DB77}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{BCD084DF-4405-44E7-A890-353976069CF6}C:\program files (x86)\defcon\defcon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\defcon\defcon.exe |
"UDP Query User{E2E8A752-6511-47CC-B555-B36039E46860}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.0.game" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.0.game |
"UDP Query User{E55DF367-56B9-4898-BF74-AECAB77C32BB}C:\program files (x86)\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"UDP Query User{F02F62D1-4B97-4283-8B72-CAA4210F802F}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{FC69E38D-F97C-4BDD-A111-9E42158C6068}C:\westwood\ra2\gamemd.exe" = protocol=17 | dir=in | app=c:\westwood\ra2\gamemd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{4174CFCC-49C1-478B-9D83-3F7BE61CBBDF}" = 64-bit MathLink Libraries (6.0.2.1009485)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B6EFD9A5-2ECE-4C22-BAEC-D16E73EA2013}" = iTunes
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{14C35072-D7D0-4B29-B5BF-C94E426D77E9}" = Sky Broadband
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}" = Supreme Commander
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31D95937-B237-405D-920C-A3EF4E482395}" = Supreme Commander - Forged Alliance
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{389E2A0A-403D-4DDC-B2FA-269D26999395}" = Universe at War Earth Assault (DEMO)
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4B41AE13-BA0E-4328-8E83-AD2A0BEB33EB}" = Sky Player
"{5B38B88D-1A17-42A1-A8CB-E784C0E7D242}" = BT Voyager 1055
"{5BBD0D3F-E4B2-4EE4-806A-07A95D4E2683}" = Sky Broadband Browser Branding
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B98A34C0-A6A2-4087-B272-557C1C6D0A07}" = Microsoft Flight Simulator X Demo
"{BB0EB7D5-D1C7-41D1-B974-32F6596A7164}" = Mathematica Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C194D333-B84A-4BB7-B35E-060732D98DC4}" = GPGNet
"{C1F97FD4-1BD9-45BE-A580-0174BBA8B7F5}" = Command & Conquer™ Red Alert™ 3 Beta
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CA1AB30E-8B9F-4739-A0F7-5BC1226D2BA3}" = Starship Troopers
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kane's Wrath
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{E583ED6F-BD99-4066-A420-C815BF692B69}" = Macromedia Fireworks MX 2004
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = World in Conflict
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Any FLV Player" = Any FLV Player 1.1.3
"Ask Toolbar_is1" = Vuze Toolbar
"blinkx beat" = blinkx beat
"Browser Defender_is1" = Browser Defender 3.0
"CinemaForge" = CinemaForge
"CloneDVD2" = CloneDVD2
"Defcon_is1" = Defcon v1.43
"doubleTwist" = doubleTwist
"Download Manager" = Download Manager 2.3.6
"EADM" = EA Download Manager
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"Galactic Civilizations II" = Galactic Civilizations II
"GanttProject" = GanttProject
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Hamachi" = Hamachi 1.0.3.0
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HotspotShield" = Hotspot Shield 1.12
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{389E2A0A-403D-4DDC-B2FA-269D26999395}" = Universe at War Earth Assault (DEMO)
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}" = Microsoft Flight Simulator X Demo
"InstallShield_{BB0EB7D5-D1C7-41D1-B974-32F6596A7164}" = Mathematica Player
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"KeepV Flash Converter_is1" = KeepV Flash Converter
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 4.0.1 (x86 en-GB)" = Mozilla Firefox 4.0.1 (x86 en-GB)
"PFPortChecker" = PFPortChecker 1.0.30
"PokerStars" = PokerStars
"Rapport_msi" = Rapport
"Red Alert 2" = Command & Conquer Red Alert 2
"Registry Mechanic_is1" = Registry Mechanic 10.0
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"Spyware Doctor" = Spyware Doctor
"StarCraft II" = StarCraft II
"StuffPlug3" = StuffPlug 3
"SystemRequirementsLab" = System Requirements Lab
"TuneUpMedia" = TuneUp Companion 1.5.9
"Tunngle beta_is1" = Tunngle beta
"WinLiveSuite_Wave3" = Windows Live Essentials
"WOLAPI" = Westwood Shared Internet Components
"WonderWebWare Screen Ruler_is1" = WonderWebWare Screen Ruler 4.0
"Yuri's Revenge" = Command && Conquer Red Alert 2 - Yuri's Revenge

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}" = Sid Meier's Civilization 4 Complete
"3038469762.skyplayer.sky.com" = Sky Player Desktop
"Dropbox" = Dropbox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/06/2011 15:36:27 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

[ Media Center Events ]
Error - 16/04/2008 07:59:16 | Computer Name = Luke-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 17/04/2008 14:30:20 | Computer Name = Luke-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 25/05/2008 15:37:59 | Computer Name = Luke-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 21/06/2008 14:57:05 | Computer Name = Luke-PC | Source = Mcx2Dvcs | ID = 401
Description =

Error - 26/06/2008 17:41:42 | Computer Name = Luke-PC | Source = McrMgr | ID = 109
Description =

[ OSession Events ]
Error - 21/04/2008 18:43:59 | Computer Name = Luke-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 11336728
seconds with 4140 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 13/06/2011 19:06:47 | Computer Name = Luke-PC | Source = bowser | ID = 8003
Description =

Error - 14/06/2011 07:33:44 | Computer Name = Luke-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\klmc.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 14/06/2011 07:33:44 | Computer Name = Luke-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\klif.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 14/06/2011 07:33:53 | Computer Name = Luke-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 00:52:55 on 14/06/2011 was unexpected.

Error - 14/06/2011 07:33:55 | Computer Name = Luke-PC | Source = HTTP | ID = 15016
Description =

Error - 14/06/2011 07:34:21 | Computer Name = Luke-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 14/06/2011 07:34:21 | Computer Name = Luke-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 14/06/2011 07:34:37 | Computer Name = Luke-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 14/06/2011 07:36:49 | Computer Name = Luke-PC | Source = ipnathlp | ID = 31004
Description = The DNS proxy agent was unable to allocate 0 bytes of memory. This
may indicate that the system is low on virtual memory, or that the memory manager
has encountered an internal error.

Error - 14/06/2011 07:41:57 | Computer Name = Luke-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =


< End of report >


Thanks again, Luke.
 
The extras.txt file.

OTL Extras logfile created on: 14/06/2011 12:41:02 - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Gill\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 32.92% Memory free
6.20 Gb Paging File | 3.91 Gb Available in Paging File | 63.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 43.64 Gb Free Space | 18.74% Space Free | Partition Type: NTFS
Drive E: | 623.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LUKE-PC | User Name: Gill | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l ()
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 90 44 84 54 3F C8 C8 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04454B1B-CEB0-40B1-9EE8-1AD116A120EF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{05748618-F2B2-41C9-A392-1BDDF330CA6E}" = lport=3702 | protocol=17 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{12D4D372-8BEC-4660-98A7-D25F08E61A5B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2195F25B-4395-4BE1-AE34-9F97CC2CC487}" = rport=10244 | protocol=6 | dir=out | app=system |
"{259CEDDB-9102-461C-A974-7A07648CFD1B}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{293BC4DF-9451-4214-AAC6-61FFA8440FD8}" = rport=3702 | protocol=17 | dir=out | svc=bits | app=c:\windows\system32\svchost.exe |
"{2F21B8B2-09A0-4084-A16C-1F6D6985E7A0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2FD989A7-25BF-4F23-A734-EE167BF75F23}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{30504BA7-11A1-4906-85DE-8257D7E8A2CC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{321413CF-056B-4A0E-B779-F62905051F8D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D29000A-B3D0-42C4-A0B0-0E0A117990E5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{42D45D0B-808C-427E-923E-AD7314601DF4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{44648BE1-1992-42E1-8345-68E1263269D2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{466182AA-A6CE-4165-9D2B-8BF54459CC1D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4822EA0A-5098-4054-A56E-2441FF3D4843}" = rport=2178 | protocol=6 | dir=out | app=system |
"{48AB99F2-05DF-4F50-BAA5-3218E604C34D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{49884EB7-BC94-4296-ACA1-75C43572D93E}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4D2382CD-7F25-4050-A4E5-34FC1D1B6735}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4EA1FD8C-0158-4473-81BE-402D4B53931C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{52AC8FD8-22C1-438C-8D21-598AEE90C5F9}" = lport=rpc | protocol=6 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{532F19C5-59C8-4BF4-80E1-ECB2B0021227}" = rport=2869 | protocol=6 | dir=out | app=system |
"{5C5872DF-1FB9-4BA7-BC51-239DE3824DE2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6503E575-0F1E-4320-9BAC-22EB3AA0D88F}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{78162531-67EC-4E24-95B1-D8848CF2D059}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7B56CAB2-16C8-4DB9-9DF9-3DECF00F6446}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{7BD1431B-49A2-473C-905C-89A950A8AE57}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{86ABD41A-851F-4858-9234-2D0EB8D22F9C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8A7A8FC1-074A-4A7E-8F6C-16B2DF43A200}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B5002F0-257E-4880-944C-957EA583F2C8}" = rport=10244 | protocol=6 | dir=out | app=system |
"{8D4018E7-F85F-4DFA-B638-E461764789D2}" = lport=2178 | protocol=6 | dir=in | app=system |
"{922CC534-482D-432C-83F3-1F15B81FA8DE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9AFA6AB0-5EF9-414C-9F7C-8AFEC5DA1129}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{9C2DD3D8-26A4-4516-8B32-D09A54EDE3F0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9EB94EED-C62E-42EA-A272-BD7EEF6413B6}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{A186686A-8659-45A4-A42A-6C71E9768685}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A23C5AC4-5DAE-48F4-93CC-D98CE92495B2}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{A444F0C9-AE74-4736-87E7-D8CC9EE2CABA}" = lport=10244 | protocol=6 | dir=in | app=system |
"{AC05D5AB-F080-4DFF-AFD5-726CBC2AC7F2}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
"{B6263804-1AA3-444E-AD0A-07F6AC9EE6C2}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B693F5B4-E0CD-43B5-A0C4-89EAE234B9D8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B9DA3941-5B25-472D-A5EB-3FA50F70D9B6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C735A5DE-9D30-47F3-A871-BA6D8ADEF495}" = lport=3390 | protocol=6 | dir=in | app=system |
"{CBEFE5DA-EDDE-4CD3-B65E-B78EFF915931}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{CC5C7EB0-5D8B-4DF8-BC25-87F2B9948ED1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D3B594B4-842A-48B7-9F65-1BE4B7B5F5D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D6E5424D-DBBD-47C4-AE45-8F84CF12A466}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D7C79722-C539-4F3D-85D0-6D912F7D72C1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC45D307-0E3E-4EED-BE36-01935B89ED7B}" = lport=10244 | protocol=6 | dir=in | app=system |
"{F0F9FF11-00A4-4169-949D-E24F71CC58F4}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{F16159A3-BBA0-4A43-8663-97562524F0A2}" = lport=3390 | protocol=6 | dir=in | app=system |
"{F735C835-3CFD-494B-B5CB-9120FEC4D888}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FBB76F75-E4CE-46F6-9255-9DD0038D6B77}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FCB92B01-D1EF-4FBF-9372-468BB4D6B882}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CBB940-F989-48F6-8C1E-A191EABDD8CB}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander - forged alliance\bin\forgedalliance.exe |
"{021A4F6F-0038-4340-98FE-3653A5068023}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{02367ABD-2C9A-402C-BC67-96850EB944BB}" = dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"{02E55F7F-49BD-47E8-B2DF-3B0C4B31051B}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra entertainment\world in conflict\wic_ds.exe |
"{09575E6E-82A6-4A0A-A518-1DF873C6943D}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra entertainment\world in conflict\wic_ds.exe |
"{0AB9DDB0-CB0E-4D68-9D4C-E535857E495D}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{0C98B1C7-582F-4B18-8A01-04905B097DB7}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{0CBF385A-D6BF-4223-81C2-74C2AD00545E}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra entertainment\world in conflict\wic.exe |
"{0DEDB192-BFE4-4B4B-A5B3-92407BA7407F}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{0E2F7BCF-3C2B-49FF-9AC1-D262359CC83D}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{13B853B6-22D5-45FA-B833-29EB914439B2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1605CDC1-AED0-47BE-97E6-59B8E66F2E4B}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{17041CF5-69EA-44A4-9361-55944F6C4302}" = protocol=6 | dir=in | app=c:\users\gill\appdata\roaming\dropbox\bin\dropbox.exe |
"{17183E7B-A1B2-4A6A-B137-7E3D084C26C4}" = protocol=17 | dir=in | app=c:\users\gill\appdata\roaming\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe |
"{1B56699A-E44F-4E37-87B1-E490C7FC82CA}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{1C97B409-87D1-4A16-AB80-B6F1412BC7F3}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{22C330ED-2DCB-4AF2-BA44-8EE457C56B91}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2A400E37-CB3A-4A67-A4CB-C5C359B95609}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2A62E57B-3044-410B-B861-8D4BDF5FF0B9}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{2C9EC4CC-7C2E-4224-9309-519EBE460CF9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{37924BED-A411-46E7-B27B-31A18D57FBCF}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3BBCD54E-8031-47B5-8462-3AE17A9461AD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3D87CBD6-C735-4A04-8727-C7707EBD0448}" = dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3 kane's wrath\retailexe\1.1\cnc3ep1.dat |
"{41FD1CCF-E44D-49C1-9748-F73704191D11}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{466A5363-7D6F-4482-9F1B-5F2B8E6C8335}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4A0CCD6F-6975-4C4A-BC5F-B49AB7E0753F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4A796959-0ABA-49A2-A59C-1E051DC593DC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4E18708B-476B-4B87-8738-E20D53D3FC6A}" = protocol=17 | dir=in | app=c:\users\gill\appdata\roaming\dropbox\bin\dropbox.exe |
"{56E3D0A3-60FC-4CB3-A67E-A68F597CB3CB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5935A222-2389-46BD-AFAC-70EC1A7FF906}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{5A21D8F7-93C0-47D9-A023-3136477E0D6D}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{5E6F57F0-B445-4305-A225-3FC7531E60C3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6522F94F-8622-49B5-869A-5CBA57B17084}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6A0B1A39-9E12-4CBA-A057-9E91F6534D2C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6AFCD639-CDCE-4DF3-B590-B561618CA1A0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C1DDB6C-C780-4B5D-92F7-D98D3898E08D}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra entertainment\world in conflict\wic.exe |
"{6C56F9DB-E8FB-4750-A674-96DCDECEA72D}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{71BFABA4-FD76-4C82-91B3-A430DA49F3D8}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{744E3F08-3DD6-4531-B48F-CAB7805A410E}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{753F21DA-F1D1-40C1-95EC-133222216855}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{766C9972-5B3B-4685-ACC0-4C586904DF52}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{775B6153-0213-402C-A064-12861702B545}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{77C5FBD1-8CAC-483C-9EB7-4B169BFFD080}" = protocol=17 | dir=in | app=c:\users\gill\appdata\roaming\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe |
"{785F7087-EC59-47FB-828C-3FCAFD1F169E}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{79DAB1B7-5092-4934-84B9-641EF94439F9}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra entertainment\world in conflict\wic_online.exe |
"{80E64483-E5F0-4752-99DC-9BFF4ECEECBD}" = protocol=6 | dir=in | app=c:\program files (x86)\kontiki\kservice.exe |
"{86264DC4-1094-49A5-9CCB-EFCBBA197D38}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{86F8B203-B56A-4A76-9A52-9C1AC8A57AFE}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{8D5F1F83-EA38-447A-A393-B59DEC5EE232}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8DFE1B53-5D83-463F-A846-2898622BDD51}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{8EB17E3B-4A5B-4A31-B530-5D37434E6DC3}" = protocol=17 | dir=in | app=c:\program files (x86)\kontiki\kservice.exe |
"{91DA049F-53FB-436F-98BC-4D6B1154F74D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9CB6AE10-3562-4689-87C3-A9E5FB0E29F1}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{9E6090BB-85C5-49E9-A531-6F9D9FF24F33}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A618413A-2E9C-483F-BD35-3EBC93334CD7}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{ABDECB86-9828-4EE7-9B7B-8949FD735383}" = protocol=6 | dir=out | app=system |
"{AD1D22D4-E344-4693-99BB-BA7C24663BC9}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{B1502BDB-F5B6-4C09-828E-BA0B505A49D6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B3FA5519-501E-4877-9626-C80EC7E64C47}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{B6668E2D-598E-475A-87AE-4450447DDE94}" = protocol=17 | dir=in | app=c:\users\gill\appdata\roaming\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe |
"{B7794E01-DC57-476E-91E3-4DB35B1B908E}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B7BAC4D1-61F4-4C17-83D1-5948DEADC7D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BC1E252B-C23D-4692-BD71-00B75C6C7C2C}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{C3D6BFD6-85D9-413B-857C-C65D8F913F69}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{C8A7A273-B6D4-4142-96C2-F00B0FDFD44E}" = protocol=6 | dir=in | app=c:\users\gill\appdata\roaming\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe |
"{CFE4B0D4-BFB4-45F6-B515-80B756BC21F9}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{D1304231-91DE-4855-8BC8-E572A28DD1B7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D4C51E4D-168E-4BFF-8484-6889508CCCF1}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{D9AA7ED4-DCC6-4AD8-9B7B-46F235C56049}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB0672F4-77F1-4957-A3E5-A0E42B6987FF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DBCFBAD7-F3AC-43A5-8830-6D980FBB9B3C}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{DD4A01B8-60D6-43EF-B3BD-0556BC716B12}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander - forged alliance\bin\forgedalliance.exe |
"{DF221444-F9F9-4B63-87E4-BD9B3222F587}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{E158BE96-489F-41A0-A33C-6CDEF9EF97BA}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{E16895FE-1CF7-481D-85F5-B15A579BB0B7}" = protocol=6 | dir=in | app=c:\users\gill\appdata\roaming\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe |
"{E80B2C95-C017-4C42-9223-26969FDD7B75}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{EA082D3C-1E97-40F0-B804-4F3EC827481D}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra entertainment\world in conflict\wic_online.exe |
"{EA663305-1723-4FE0-8A58-C6EE136500C5}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{F5122D6B-A96E-4CD1-91AC-4E3810C73994}" = protocol=6 | dir=in | app=c:\users\gill\appdata\roaming\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe |
"{FB8C00EB-6CDF-4501-B148-3F69C8F999CA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FCCA756F-86AA-4CE4-8B8D-2CAED30A90D6}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{FD4B5303-1E1F-4BBE-8507-BCE444A3631E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"TCP Query User{00DF9888-CC65-4143-ADC2-3A65E77F5B1D}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{09156CEA-8B17-4251-A1F7-BAC7CE4F4052}C:\program files (x86)\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"TCP Query User{0A801C87-8AE9-4769-B20E-904CA9AF2F24}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game |
"TCP Query User{0F1B10C8-E5AB-47AD-B9A9-2BB68C0409CA}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game |
"TCP Query User{137659F1-2767-4516-988F-947FFE69078F}C:\program files (x86)\defcon\defcon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\defcon\defcon.exe |
"TCP Query User{1BEF415A-7143-4BA5-B0D4-D98350028E95}C:\program files (x86)\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"TCP Query User{2034BD15-0664-499A-9575-6765100CE7CE}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.0.game" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.0.game |
"TCP Query User{271CCF05-4733-41B7-BDC0-F5AA57A9312B}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"TCP Query User{31CD180E-887F-4964-ADBF-55AA347B779A}C:\program files (x86)\ea games\red alert 3 beta\retailexe\1.2\ra3game.dat" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\red alert 3 beta\retailexe\1.2\ra3game.dat |
"TCP Query User{39D921BD-DCEA-4115-990A-5A2A71126B73}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{4D7574CC-5056-4A7B-AFA2-2E64F41745F8}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{5D98EF6A-ED40-47D2-B9FF-25285E50D7CF}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game |
"TCP Query User{64CBB57B-9E15-468C-847C-45AF2104C480}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"TCP Query User{714CE16B-B105-4AB5-93A7-40ADBA499DE9}C:\westwood\ra2\gamemd.exe" = protocol=6 | dir=in | app=c:\westwood\ra2\gamemd.exe |
"TCP Query User{770535FC-E973-4958-BDCA-A9D468E62237}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{83689605-B9D2-4648-B010-DAA834B054F5}C:\program files (x86)\sega\universe at war earth assault (demo)\uawea.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sega\universe at war earth assault (demo)\uawea.exe |
"TCP Query User{87BE12F1-E1DA-45D8-B9DB-6D3A87A939E1}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{89ED09A5-3314-4736-BA17-F61502985CCA}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{9A8FAF4B-671E-47E0-B56C-4D892CD09A45}C:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"TCP Query User{AD310B80-9388-4403-930F-0C0DE57BE2F1}C:\program files (x86)\blinkx\blinkx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\blinkx\blinkx.exe |
"TCP Query User{B1D545B6-DD48-4E91-81B3-79051BAB1AD2}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{BB09174A-382C-42CA-9457-3AC942C8F81B}C:\program files (x86)\defcon\defcon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\defcon\defcon.exe |
"TCP Query User{C3855681-160F-454C-8083-203C9B1171E4}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"TCP Query User{C66C26EC-AC48-4373-B2C1-A41E22B5A7A7}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{CB077D4E-24BC-4E70-A4B0-F2A20BF731AA}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{D25583EC-C0D8-445C-82ED-7B2251E62524}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{D7FB63D1-60A8-4C8B-99F8-DF79590D2540}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game |
"TCP Query User{DACBB89B-B888-4FD6-90A4-53706910BD59}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{DE5AC0FA-D4AA-4DCF-A1EA-BCE06F746CA9}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"TCP Query User{E094EA4C-0713-4A39-BBBF-E047C570F7E0}C:\program files (x86)\blinkx\blinkx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\blinkx\blinkx.exe |
"TCP Query User{E3EAD1F2-D4B0-4440-A041-F589DC95D6B7}C:\westwood\ra2\gamemd.exe" = protocol=6 | dir=in | app=c:\westwood\ra2\gamemd.exe |
"UDP Query User{0D420FB6-B3A1-4E20-9BB3-EC28AC9AF817}C:\program files (x86)\ea games\red alert 3 beta\retailexe\1.2\ra3game.dat" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\red alert 3 beta\retailexe\1.2\ra3game.dat |
"UDP Query User{0FFD8987-389B-4663-B1E6-86139EDA9BD2}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"UDP Query User{103539B8-B0DD-45EC-9884-4298A83A9844}C:\program files (x86)\sega\universe at war earth assault (demo)\uawea.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sega\universe at war earth assault (demo)\uawea.exe |
"UDP Query User{293781E0-8590-4EB0-B658-D356A39208CD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{2C854E25-143E-438C-BA94-FCE2C6D6F52D}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{2F2C2AF5-D97E-4E5E-AE2B-4EACE25FF916}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{3612A75C-A7C3-4C0E-98D7-F15705539279}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{3BB4E487-89B2-4922-9D92-3B86BE02D79E}C:\program files (x86)\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"UDP Query User{3E424C5E-3948-44C1-8D8F-C350A140B4A1}C:\program files (x86)\blinkx\blinkx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\blinkx\blinkx.exe |
"UDP Query User{49DE1576-DE2D-4C12-A5C6-F789258D06CA}C:\program files (x86)\defcon\defcon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\defcon\defcon.exe |
"UDP Query User{595AF5C6-3188-41F0-B5CC-E810B8C392ED}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game |
"UDP Query User{63F52BB8-1160-49C1-8498-8673A9E4905E}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game |
"UDP Query User{67BDF871-2EAD-4E80-9778-31F50437AC38}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"UDP Query User{681485CD-3B49-48EE-A1FB-03EC53C5B447}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.10.game |
"UDP Query User{73ADB552-896D-4D66-B81A-014EA1430DB9}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{7AB100E3-3856-43C3-ADB2-46084E91B84E}C:\westwood\ra2\gamemd.exe" = protocol=17 | dir=in | app=c:\westwood\ra2\gamemd.exe |
"UDP Query User{7B7E3C0C-69AE-45AB-8BF6-FE9CA5B55327}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{7BE9CBCD-F1E7-4523-9E07-2F24D774FAD1}C:\program files (x86)\blinkx\blinkx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\blinkx\blinkx.exe |
"UDP Query User{7CBB746C-CD23-4950-A03C-EE72317D4981}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.9.game |
"UDP Query User{7F0088BB-454F-4E1D-9A49-139FED697626}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{86CD479A-7B58-4F6D-8DA4-8E0B66C033A5}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{8E681437-DAD8-4951-A032-F58CBE326628}C:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.9\cnc3game.dat |
"UDP Query User{972DCCCE-8028-4898-A5AB-E20D54E4D356}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{975A4BD1-B937-4452-B744-0E2E41CACF94}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{9AB1262C-9663-4366-805A-A899B3EF22C4}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{9D609BA7-CEDE-4D83-9776-7045CFF8DB77}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{BCD084DF-4405-44E7-A890-353976069CF6}C:\program files (x86)\defcon\defcon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\defcon\defcon.exe |
"UDP Query User{E2E8A752-6511-47CC-B555-B36039E46860}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.0.game" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.0.game |
"UDP Query User{E55DF367-56B9-4898-BF74-AECAB77C32BB}C:\program files (x86)\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hamachi\hamachi.exe |
"UDP Query User{F02F62D1-4B97-4283-8B72-CAA4210F802F}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{FC69E38D-F97C-4BDD-A111-9E42158C6068}C:\westwood\ra2\gamemd.exe" = protocol=17 | dir=in | app=c:\westwood\ra2\gamemd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{4174CFCC-49C1-478B-9D83-3F7BE61CBBDF}" = 64-bit MathLink Libraries (6.0.2.1009485)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B6EFD9A5-2ECE-4C22-BAEC-D16E73EA2013}" = iTunes
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"{14C35072-D7D0-4B29-B5BF-C94E426D77E9}" = Sky Broadband
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}" = Supreme Commander
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31D95937-B237-405D-920C-A3EF4E482395}" = Supreme Commander - Forged Alliance
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{389E2A0A-403D-4DDC-B2FA-269D26999395}" = Universe at War Earth Assault (DEMO)
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4B41AE13-BA0E-4328-8E83-AD2A0BEB33EB}" = Sky Player
"{5B38B88D-1A17-42A1-A8CB-E784C0E7D242}" = BT Voyager 1055
"{5BBD0D3F-E4B2-4EE4-806A-07A95D4E2683}" = Sky Broadband Browser Branding
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B98A34C0-A6A2-4087-B272-557C1C6D0A07}" = Microsoft Flight Simulator X Demo
"{BB0EB7D5-D1C7-41D1-B974-32F6596A7164}" = Mathematica Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C194D333-B84A-4BB7-B35E-060732D98DC4}" = GPGNet
"{C1F97FD4-1BD9-45BE-A580-0174BBA8B7F5}" = Command & Conquer™ Red Alert™ 3 Beta
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CA1AB30E-8B9F-4739-A0F7-5BC1226D2BA3}" = Starship Troopers
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kane's Wrath
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{E583ED6F-BD99-4066-A420-C815BF692B69}" = Macromedia Fireworks MX 2004
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = World in Conflict
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Any FLV Player" = Any FLV Player 1.1.3
"Ask Toolbar_is1" = Vuze Toolbar
"blinkx beat" = blinkx beat
"Browser Defender_is1" = Browser Defender 3.0
"CinemaForge" = CinemaForge
"CloneDVD2" = CloneDVD2
"Defcon_is1" = Defcon v1.43
"doubleTwist" = doubleTwist
"Download Manager" = Download Manager 2.3.6
"EADM" = EA Download Manager
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"Galactic Civilizations II" = Galactic Civilizations II
"GanttProject" = GanttProject
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Hamachi" = Hamachi 1.0.3.0
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HotspotShield" = Hotspot Shield 1.12
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals
"InstallShield_{389E2A0A-403D-4DDC-B2FA-269D26999395}" = Universe at War Earth Assault (DEMO)
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}" = Microsoft Flight Simulator X Demo
"InstallShield_{BB0EB7D5-D1C7-41D1-B974-32F6596A7164}" = Mathematica Player
"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and ConquerTM Generals Zero Hour
"KeepV Flash Converter_is1" = KeepV Flash Converter
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 4.0.1 (x86 en-GB)" = Mozilla Firefox 4.0.1 (x86 en-GB)
"PFPortChecker" = PFPortChecker 1.0.30
"PokerStars" = PokerStars
"Rapport_msi" = Rapport
"Red Alert 2" = Command & Conquer Red Alert 2
"Registry Mechanic_is1" = Registry Mechanic 10.0
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"Spyware Doctor" = Spyware Doctor
"StarCraft II" = StarCraft II
"StuffPlug3" = StuffPlug 3
"SystemRequirementsLab" = System Requirements Lab
"TuneUpMedia" = TuneUp Companion 1.5.9
"Tunngle beta_is1" = Tunngle beta
"WinLiveSuite_Wave3" = Windows Live Essentials
"WOLAPI" = Westwood Shared Internet Components
"WonderWebWare Screen Ruler_is1" = WonderWebWare Screen Ruler 4.0
"Yuri's Revenge" = Command && Conquer Red Alert 2 - Yuri's Revenge

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}" = Sid Meier's Civilization 4 Complete
"3038469762.skyplayer.sky.com" = Sky Player Desktop
"Dropbox" = Dropbox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/06/2011 15:36:27 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

Error - 12/06/2011 15:36:56 | Computer Name = Luke-PC | Source = TnglCtrl.exe | ID = 0
Description =

[ Media Center Events ]
Error - 16/04/2008 07:59:16 | Computer Name = Luke-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 17/04/2008 14:30:20 | Computer Name = Luke-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 25/05/2008 15:37:59 | Computer Name = Luke-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 21/06/2008 14:57:05 | Computer Name = Luke-PC | Source = Mcx2Dvcs | ID = 401
Description =

Error - 26/06/2008 17:41:42 | Computer Name = Luke-PC | Source = McrMgr | ID = 109
Description =

[ OSession Events ]
Error - 21/04/2008 18:43:59 | Computer Name = Luke-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 11336728
seconds with 4140 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 13/06/2011 19:06:47 | Computer Name = Luke-PC | Source = bowser | ID = 8003
Description =

Error - 14/06/2011 07:33:44 | Computer Name = Luke-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\klmc.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 14/06/2011 07:33:44 | Computer Name = Luke-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\drivers\klif.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 14/06/2011 07:33:53 | Computer Name = Luke-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 00:52:55 on 14/06/2011 was unexpected.

Error - 14/06/2011 07:33:55 | Computer Name = Luke-PC | Source = HTTP | ID = 15016
Description =

Error - 14/06/2011 07:34:21 | Computer Name = Luke-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 14/06/2011 07:34:21 | Computer Name = Luke-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 14/06/2011 07:34:37 | Computer Name = Luke-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 14/06/2011 07:36:49 | Computer Name = Luke-PC | Source = ipnathlp | ID = 31004
Description = The DNS proxy agent was unable to allocate 0 bytes of memory. This
may indicate that the system is low on virtual memory, or that the memory manager
has encountered an internal error.

Error - 14/06/2011 07:41:57 | Computer Name = Luke-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =


< End of report >


Thanks again, Luke.
 
Hi ljordan

Thanks for the OTL reports, they do suggest a little work.

P2P Warning
Please note that as long as you're using any form of Peer-to-Peer networking ( Frostwire, Vuze, Bit Torrent etc.) and downloading files from non-documented sources, you can expect infestations of malware to occur.
Once upon a time, P2P file sharing was fairly safe. That is no longer true.
P2P programmes form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P programme is not configured correctly you may be sharing more files than you realise. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured programme.

Many of the programmes come bundled with other unwanted programmes, but even the ones free of any bundled software are not safe to use.
When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these Downloads are being targeted to carry infections.

You may decide to continue P2P sharing, but keep in mind that this practice may be the source of future malware infestation.
If we clean your computer of infection, and you return to us a short time later with an infection contracted by the use of P2P programmes, we may refuse to help you.


I see there is still traces of Kaspersky security on the system.
The error reports also show problems with this, we'll remove the leftover items along with a few other registry entries.

Step 1
Recommendation.

As you have Pc Tools security, Rapport and Windows Defender.... Spybot Search & Destroy is not needed. ( it may even conflict)
Most 'Helpers' don't even recommend it any more.
I suggest you uninstall it.

You have the Ask toolbar installed: (installed under the name of Vuze Toolbar)
Please read this and decide if you want to uninstall it.
http://www.benedelman.org/spyware/ask-toolbars/

Step 2
Double click on OTL to run it.
Copy the lines in the codebox below. (make sure that :Otl is on the first line )
Code: 
:otl
DRV - (Klmc) -- C:\Windows\SysWOW64\drivers\klmc.sys (Kaspersky Lab)
DRV - (Klif) -- C:\Windows\SysWOW64\drivers\klif.sys (Kaspersky Labs)
DRV - (Klin) -- C:\Windows\System32\drivers\klin.sys (Kaspersky Labs)
DRV - (Klick) -- C:\Windows\System32\drivers\klick.sys (Kaspersky Labs)
[2011/05/04 13:50:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- 
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - File not found
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.systemrequirementslab.com/sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/Driver...aSmartScan.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary...t.cab56907.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary...r.cab56986.cab (Reg Error: Key error.)
O33 - MountPoints2\{549fe2b5-9230-11e0-a913-0011f57695d8}\Shell - "" = AutoRun
O33 - MountPoints2\{549fe2b5-9230-11e0-a913-0011f57695d8}\Shell\AutoRun\command - "" = E:\autorun.exe -- [1999/02/03 03:02:00 | 000,167,936 | R--- | M] (Indigo Rose Corporation)
[2011/06/07 11:36:45 | 000,000,000 | ---- | C] () -- C:\Users\Gill\AppData\Local\{8D906D26-82F1-4618-960A-0B6BBCD6D0D6}
[2011/06/03 23:09:34 | 000,000,000 | ---- | C] () -- C:\Users\Gill\AppData\Local\{854C6583-12DC-4602-92A6-A88B259211DB}
@Alternate Data Stream - 195 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:D1B5B4F1

:Files
ipconfig /flushdns /c

:commands
[emptytemp]
[purity]
[RESETHOSTS]
[EMPTYFLASH]
  • Return to OTL,
  • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.

    scan-fix.png

  • Click the red Run Fix button.

    runfixbutton.png

  • OTL will reboot your system once the fix has completed.
  • After the reboot, you may need to double click OTL to launch the program and retrieve the log.

Copy and paste the contents of the OTL log that comes up after the fix in your next reply.

if you lose the report, there will be a copy here:
C:\_OTL\MovedFiles


Step 3
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) 6 Update 26 and save it to your desktop.
  • Scroll down to where it says "Java SE 6 Update 26".
  • Click the "Download JRE" button to the right.
  • Accept the license agreement.
  • select 'Windows x64'offline (for a 64 bit system) from the list.
  • Save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
    .
    Java(TM) 6 Update 14
    Java(TM) 6 Update 3
    Java(TM) 6 Update 5
    Java(TM) 6 Update 7
    .
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u26-windows-i586-p.exe to install the newest version.


In your next reply, please submit:
Otl fix report
and let me know if there's been any improvement in the system.


Thanks.
 
My computer has taken a turn for the worse. Since my last post Ive been attempting to fix Windows installer by installing the 4.5 update, I don't know what I've done but now I'm unable to boot my computer at all. Doing so results in it loading a black screen in which I can only use the cursor and nothing else. Computer won't boot in safe mode and I'm unable to choose a last known config option. Sadly I won't be able to access the Vista disk until next week so I'm at a loss as what to do. I'm thus unable to attempt any of the suggestions above due to this problem.
 
Oh I also typed some things into the run box on the recommendation of others. Not sure of everything I typed, but definitely MSIExec.exe and some other things like it. Quite a frustrating experience so far. Any help you can lend is appreciated.
 

Similar threads

Jammie Dodger
Logon screen stuck on corrupt profile
Replies
0
Views
241
Jammie Dodger
Jammie Dodger
S
Epson prints keep getting stuck in queue
Replies
15
Views
1K
seahermit
S
V
Potential Ghosting - Image Persistance (temporary only)
Replies
2
Views
376
PCProb
P
J
White screen of death
Replies
5
Views
611
KenB
KenB
madon37s
Mouse cursor icon problems
Replies
3
Views
1K
Starbuck
Starbuck
Back
Top