Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adaware and other cleanupp software would not run ...


  • Please log in to reply
3 replies to this topic

#1 JohanPotgieter

JohanPotgieter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 12 November 2009 - 01:28 AM

Please help - this is the very first time I have used a forum like this and I feel very lost. I read on the forum that I should use OTL, which I did, and then I had to register here on the forum and now I do not know where the rest about the OTL logs are to be found....

If I have to post in a different spot, please let me know.

Like with many others, Firefox failed, then IE (I'm running Chrome here) and then Ad-aware would not run (just stops after a few minutes).

So here are the OTL logs: First OTL.txt:

OTL logfile created on: 11/12/2009 12:08:04 AM - Run 1
OTL by OldTimer - Version 3.1.5.0 Folder = C:\Users\Johan\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.70 Gb Available Physical Memory | 84.94% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 283.40 Gb Total Space | 103.88 Gb Free Space | 36.65% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 9.54 Gb Free Space | 65.11% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 465.64 Gb Total Space | 442.97 Gb Free Space | 95.13% Space Free | Partition Type: FAT32

Computer Name: JOHAN-PC
Current User Name: Johan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/12 00:07:11 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\Johan\Downloads\OTL.exe
PRC - [2009/11/10 00:11:34 | 00,172,032 | ---- | M] () -- C:\Windows\msa.exe
PRC - [2009/11/10 00:11:31 | 00,160,768 | ---- | M] () -- C:\Users\Johan\AppData\Local\Temp\b.exe
PRC - [2009/11/01 23:33:24 | 00,525,296 | ---- | M] (Google Inc.) -- C:\Users\Johan\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/11/01 23:33:24 | 00,525,296 | ---- | M] (Google Inc.) -- C:\Users\Johan\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/11/01 23:33:24 | 00,525,296 | ---- | M] (Google Inc.) -- C:\Users\Johan\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/11/01 23:33:24 | 00,525,296 | ---- | M] (Google Inc.) -- C:\Users\Johan\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/11/01 23:33:24 | 00,525,296 | ---- | M] (Google Inc.) -- C:\Users\Johan\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/11/01 07:05:38 | 00,136,176 | ---- | M] (Google Inc.) -- C:\Users\Johan\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009/10/28 19:21:26 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/10/28 19:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/09/04 22:29:54 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/09/04 12:16:54 | 00,158,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2009/07/31 14:23:21 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/14 11:45:07 | 00,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2009/07/07 09:23:00 | 01,779,952 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/06/03 13:46:38 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/06 03:11:20 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2009/04/30 15:01:10 | 00,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/04/11 00:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009/04/11 00:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/11 00:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/07 11:51:50 | 00,024,576 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/01/05 16:19:10 | 00,824,560 | ---- | M] (Dell Inc.) -- c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
PRC - [2009/01/05 16:19:08 | 00,173,296 | ---- | M] (SingleClick Systems) -- C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/10/04 12:58:04 | 00,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/09/23 21:09:52 | 00,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/06/13 05:34:08 | 00,675,840 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2008/06/13 05:34:08 | 00,675,840 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2008/01/20 20:35:20 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008/01/20 20:35:20 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/01/20 20:33:00 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/20 20:32:59 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2007/09/21 12:26:34 | 00,015,872 | ---- | M] (Apache Software Foundation) -- C:\Program Files\Common Files\Dell\apache\bin\httpd.exe
PRC - [2007/09/21 12:26:34 | 00,015,872 | ---- | M] (Apache Software Foundation) -- C:\Program Files\Common Files\Dell\apache\bin\httpd.exe
PRC - [2007/09/14 12:35:04 | 05,730,304 | ---- | M] () -- C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe
PRC - [2007/07/17 10:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2007/07/17 10:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2007/05/11 07:26:44 | 04,452,352 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/11/03 16:07:04 | 00,537,480 | ---- | M] ( ) -- C:\Windows\System32\dlcxcoms.exe


========== Modules (SafeList) ==========

MOD - [2009/11/12 00:07:11 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Users\Johan\Downloads\OTL.exe
MOD - [2009/04/11 00:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/10 21:34:35 | 00,320,760 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/10/28 19:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/24 05:17:32 | 01,169,232 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/09/04 12:17:00 | 00,447,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2009/09/04 12:16:54 | 05,893,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/05/06 03:11:20 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2009/04/30 15:01:10 | 00,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/04/07 22:25:18 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-092308-165331)
SRV - [2009/03/29 22:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/29 22:42:10 | 00,031,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2009/03/23 21:04:07 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/03/07 11:51:50 | 00,024,576 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/02/18 12:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/02/18 12:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/02/18 12:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2009/01/05 16:19:10 | 00,824,560 | ---- | M] (Dell Inc.) -- c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2009/01/05 16:19:08 | 00,173,296 | ---- | M] (SingleClick Systems) -- C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe -- (dsl-fs-sync)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/20 13:18:52 | 00,136,120 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/04 12:58:04 | 00,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2008/09/23 21:09:52 | 00,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/08/08 20:10:46 | 00,061,440 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/06/13 05:34:08 | 00,675,840 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2008/03/24 06:35:22 | 00,074,384 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2008/01/20 20:35:20 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008/01/20 20:33:00 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/21 12:26:34 | 00,015,872 | ---- | M] (Apache Software Foundation) -- C:\Program Files\Common Files\Dell\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2007/09/14 12:35:04 | 05,730,304 | ---- | M] () -- C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe -- (dsl-db)
SRV - [2006/11/03 16:07:04 | 00,537,480 | ---- | M] ( ) -- C:\Windows\System32\dlcxcoms.exe -- (dlcx_device)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/04/03 23:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2009/09/23 06:55:23 | 00,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/04/30 15:00:12 | 00,025,624 | ---- | M] () -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/04/10 22:42:54 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio)
DRV - [2009/04/10 22:42:52 | 00,031,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/06/17 10:01:06 | 00,022,016 | ---- | M] (SingleClick Systems) -- C:\Windows\System32\drivers\packet.sys -- (Packet)
DRV - [2008/06/13 05:34:12 | 03,592,704 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/06/13 05:34:12 | 03,592,704 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/01/20 20:32:53 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 20:32:53 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 20:32:52 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 20:32:52 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 20:32:52 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 20:32:52 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 20:32:51 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 20:32:51 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 20:32:50 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 20:32:50 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60)
DRV - [2008/01/20 20:32:50 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 20:32:49 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 20:32:49 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 20:32:49 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 20:32:49 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 20:32:49 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 20:32:48 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 20:32:48 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 20:32:47 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 20:32:47 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 20:32:46 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 20:32:45 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 20:32:21 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 20:32:21 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 20:32:21 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/11/14 02:00:00 | 00,043,840 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2007/05/11 16:31:36 | 03,580,832 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2007/05/11 16:31:22 | 00,041,888 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/05/11 07:26:46 | 01,773,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService)
DRV - [2007/04/29 02:42:24 | 00,228,224 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/04/26 04:41:38 | 00,304,920 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2006/11/02 03:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 03:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 03:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 03:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 03:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 03:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 03:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 03:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 03:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 03:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 03:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 02:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid)
DRV - [2006/11/02 02:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 02:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 02:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 02:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 02:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 01:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2005/12/21 09:14:52 | 00,019,712 | ---- | M] (Pinnacle Systems, Inc.) -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2005/12/21 08:14:52 | 00,100,957 | ---- | M] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 08:14:52 | 00,005,245 | ---- | M] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 08:14:52 | 00,004,493 | ---- | M] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/06/02 17:28:38 | 00,171,008 | ---- | M] (Pinnacle Systems GmbH) -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005/02/09 10:59:00 | 00,014,165 | ---- | M] (Pinnacle Systems GmbH) -- C:\Windows\System32\drivers\Pclepci.sys -- (PCLEPCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000\S-1-5-21-2785142996-2003239822-1693863824-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000\S-1-5-21-2785142996-2003239822-1693863824-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005\S-1-5-21-2785142996-2003239822-1693863824-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005\S-1-5-21-2785142996-2003239822-1693863824-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/24 02:00:41 | 00,000,000 | ---D | M]

[2009/11/11 07:51:50 | 00,000,000 | ---D | M] -- C:\Users\Johan\AppData\Roaming\Mozilla\Extensions
[2009/06/06 10:05:53 | 00,000,000 | ---D | M] -- C:\Users\Johan\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2009/11/11 07:51:50 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/04/18 07:44:02 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/06/15 20:05:19 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/09/02 05:23:06 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/10/21 06:32:45 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/05/01 15:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[2009/07/31 14:23:11 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009/05/12 12:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2009/05/18 16:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2006/10/26 19:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2009/02/27 11:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009/09/04 22:30:05 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009/09/16 11:39:01 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/09/16 11:39:01 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/09/16 11:39:01 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/09/16 11:39:01 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/09/16 11:39:01 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/09/16 11:39:01 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/09/16 11:39:01 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2009/09/04 22:30:23 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2009/09/04 22:30:00 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2009/05/01 15:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DLCXCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL ()
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [PCLEUSBTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000..\Run: [Google Update] C:\Users\Johan\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000..\Run: [TurboNet] C:\Users\Johan\AppData\Local\Temp\b.exe ()
O4 - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005..\Run: [Google Update] C:\Users\Johan\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Wilhelm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Wilhelm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2785142996-2003239822-1693863824-1000\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-2785142996-2003239822-1693863824-1005\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://www.blueprintonline.co.za/public/BP...ing/ScriptX.cab (MeadCo ScriptX)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} http://simcity.ea.com/play/classic/SimCityX.cab (SimCityX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/18 19:59:24 | 00,000,122 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/11/05 13:19:36 | 00,000,052 | RHS- | M] () - K:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009/01/23 15:01:08 | 00,000,000 | ---D | M] - K:\autorun -- [ FAT32 ]
O33 - MountPoints2\{528117f4-40dc-11de-83c9-0024e801d251}\Shell\AutoRun\command - "" = K:\Setup.exe -- [2008/12/03 13:38:50 | 00,319,488 | ---- | M] (Western Digital Corporation)
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\Setup.exe -- [2008/12/03 13:38:50 | 00,319,488 | ---- | M] (Western Digital Corporation)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/11/11 23:52:06 | 00,000,000 | ---D | C] -- C:\Users\Johan\AppData\Roaming\Malwarebytes
[2009/11/11 23:52:03 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/11/11 23:52:02 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/11/11 23:52:02 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/11 23:52:02 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/11 23:52:02 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/11 22:56:13 | 00,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2009/11/11 22:55:08 | 00,000,000 | -H-D | C] -- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/11/11 22:55:08 | 00,000,000 | -H-D | C] -- C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2009/11/11 22:54:59 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/11/11 22:54:59 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/11/11 22:54:59 | 00,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2009/11/10 23:53:32 | 00,000,000 | ---D | C] -- C:\Program Files\Zappit
[2009/11/10 17:33:05 | 02,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009/11/10 17:33:00 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2009/11/10 00:12:43 | 00,000,000 | ---D | C] -- C:\Windows\Sun
[2009/11/08 12:47:12 | 00,000,000 | ---D | C] -- C:\Program Files\Duplicate Cleaner
[2009/11/03 20:31:44 | 03,599,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/10/30 23:10:32 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/10/29 22:01:00 | 02,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2009/10/29 22:01:00 | 01,929,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[2009/10/29 22:01:00 | 00,053,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[2009/10/29 22:01:00 | 00,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2009/10/29 22:00:47 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2009/10/29 22:00:47 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2009/10/29 22:00:47 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2009/10/29 22:00:42 | 00,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2009/10/29 22:00:42 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2009/10/29 21:52:27 | 00,000,000 | ---D | C] -- C:\Users\Johan\AppData\Local\Microsoft Games
[2009/10/29 18:29:08 | 02,146,304 | ---- | C] (Google Inc.) -- C:\Windows\System32\GPhotos.scr
[2009/10/27 13:57:48 | 10,627,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
[2009/10/27 13:57:47 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2009/10/27 13:57:46 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/10/21 06:32:44 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/10/21 06:32:44 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/10/21 06:32:44 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/10/20 04:51:50 | 00,000,000 | ---D | C] -- C:\DataTandy
[2009/10/16 14:58:43 | 00,000,000 | ---D | C] -- C:\Program Files\Activision
[2009/10/13 12:35:28 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
[2009/10/13 12:35:24 | 01,176,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/10/13 12:35:24 | 00,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/10/13 12:35:23 | 06,079,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/10/13 12:35:21 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2009/10/13 12:35:21 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/10/13 12:35:21 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2009/10/13 12:35:14 | 03,600,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/10/13 12:35:14 | 03,548,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/10/13 12:35:08 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
[2009/10/13 12:35:07 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys
[2009/10/13 12:35:05 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2009/07/23 19:48:55 | 08,270,752 | ---- | C] (Dell, Inc. ) -- C:\Users\Johan\AppData\Roaming\DataSafeDotNet.exe
[2006/10/11 17:01:40 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcxpmui.dll
[2006/10/11 16:59:56 | 01,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcxserv.dll
[2006/10/11 16:54:10 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomm.dll
[2006/10/11 16:52:34 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcxlmpm.dll
[2006/10/11 16:51:16 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcxiesc.dll
[2006/10/11 16:48:58 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcxpplc.dll
[2006/10/11 16:48:14 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomc.dll
[2006/10/11 16:47:42 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcxprox.dll
[2006/10/11 16:41:42 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcxinpa.dll
[2006/10/11 16:41:04 | 00,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcxusb1.dll
[2006/10/11 16:37:14 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcxhbn3.dll
[27 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[27 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/11/12 00:09:13 | 02,883,584 | -HS- | M] () -- C:\Users\Johan\NTUSER.DAT
[2009/11/11 23:57:31 | 00,000,282 | -H-- | M] () -- C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2009/11/11 23:56:25 | 00,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/11 23:45:59 | 00,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2785142996-2003239822-1693863824-1003UA.job
[2009/11/11 23:12:01 | 00,000,240 | -H-- | M] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2009/11/11 23:10:00 | 00,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2785142996-2003239822-1693863824-1000UA.job
[2009/11/11 23:05:08 | 00,747,142 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/11/11 23:05:08 | 00,633,850 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/11/11 23:05:08 | 00,117,038 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/11/11 22:58:55 | 00,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/11 22:58:55 | 00,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/11 22:58:54 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/11/11 22:58:51 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/11/11 22:58:51 | 00,000,000 | ---- | M] () -- C:\Windows\win32k.sys
[2009/11/11 22:58:50 | 00,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2009/11/11 22:58:41 | 34,856,59136 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/11 22:57:40 | 00,524,288 | -HS- | M] () -- C:\Users\Johan\NTUSER.DAT{1fede381-347f-11de-afb2-0024e801d251}.TMContainer00000000000000000001.regtrans-ms
[2009/11/11 22:57:40 | 00,065,536 | -HS- | M] () -- C:\Users\Johan\NTUSER.DAT{1fede381-347f-11de-afb2-0024e801d251}.TM.blf
[2009/11/11 22:57:38 | 04,089,465 | -H-- | M] () -- C:\Users\Johan\AppData\Local\IconCache.db
[2009/11/11 22:55:05 | 00,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2009/11/11 22:20:37 | 00,000,680 | ---- | M] () -- C:\Users\Johan\AppData\Local\d3d9caps.dat
[2009/11/11 21:27:18 | 00,212,480 | ---- | M] () -- C:\Users\Johan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/11 19:48:13 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{EFB5E56B-D834-4F7C-A5BE-7495746AA0BD}.job
[2009/11/11 14:16:11 | 00,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{22367A3E-C42C-440A-814E-17DD0B57FA93}.job
[2009/11/11 07:10:00 | 00,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2785142996-2003239822-1693863824-1000Core.job
[2009/11/11 04:46:00 | 00,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2785142996-2003239822-1693863824-1003Core.job
[2009/11/11 04:06:00 | 00,000,244 | ---- | M] () -- C:\Windows\tasks\System Cleanup by Zappit.job
[2009/11/11 03:00:00 | 00,000,436 | ---- | M] () -- C:\Windows\tasks\SyncBack JNPFotoArgief.job
[2009/11/10 23:14:02 | 00,582,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/11/10 00:11:34 | 00,172,032 | ---- | M] () -- C:\Windows\msa.exe
[2009/11/08 02:29:59 | 00,000,442 | ---- | M] () -- C:\Windows\tasks\SyncBack JNPScannedArgief.job
[2009/11/08 02:14:59 | 00,000,444 | ---- | M] () -- C:\Windows\tasks\SyncBack JNPGinaDocsArgief.job
[2009/11/08 01:59:59 | 00,000,436 | ---- | M] () -- C:\Windows\tasks\SyncBack JNPDocsArgief.job
[2009/11/08 01:30:00 | 00,000,448 | ---- | M] () -- C:\Windows\tasks\SyncBack JNPGeneaologyArgief.job
[2009/11/08 01:10:00 | 00,000,456 | ---- | M] () -- C:\Windows\tasks\SyncBack JNPLeatherRelatedArgief.job
[2009/11/08 01:00:01 | 00,000,440 | ---- | M] () -- C:\Windows\tasks\SyncBack JNPQuickBArgief.job
[2009/11/07 00:10:37 | 00,002,044 | ---- | M] () -- C:\Users\Johan\Desktop\Google Chrome.lnk
[2009/11/05 11:36:22 | 26,768,832 | ---- | M] () -- C:\Windows\System32\mrt.exe
[2009/11/02 20:42:06 | 00,195,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2009/11/01 13:40:17 | 00,008,893 | ---- | M] () -- C:\Users\Johan\.recently-used.xbel
[2009/10/30 23:11:05 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/10/29 18:29:08 | 02,146,304 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr
[2009/10/27 07:49:19 | 00,331,693 | ---- | M] () -- C:\Users\Johan\Documents\mia-pics-sep-pages.pdf
[2009/10/27 07:48:54 | 00,400,522 | ---- | M] () -- C:\Users\Johan\Documents\mia-pics-sep-pages.odt
[2009/10/27 07:48:31 | 00,400,522 | ---- | M] () -- C:\Users\Johan\Documents\mia-pics.odt
[2009/10/27 07:29:56 | 00,028,341 | ---- | M] () -- C:\Users\Johan\Documents\exhibitintro.pdf
[2009/10/27 07:29:48 | 00,012,876 | ---- | M] () -- C:\Users\Johan\Documents\exhibitintro.odt
[2009/10/27 07:24:32 | 00,331,321 | ---- | M] () -- C:\Users\Johan\Documents\mia-pics.pdf
[2009/10/27 07:19:28 | 00,028,415 | ---- | M] () -- C:\Users\Johan\Exhibit intro.pdf
[2009/10/23 17:27:06 | 00,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2009/10/20 04:16:39 | 00,108,408 | ---- | M] () -- C:\Users\Johan\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/10/19 07:36:07 | 03,599,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/10/16 15:09:01 | 00,001,891 | ---- | M] () -- C:\Users\Johan\Desktop\Rome - Total War.lnk
[2009/10/16 15:08:59 | 00,000,248 | ---- | M] () -- C:\Windows\RomeTW.ini
[27 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[27 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/11 23:52:05 | 00,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/11 22:55:05 | 00,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2009/11/11 00:07:05 | 00,000,244 | ---- | C] () -- C:\Windows\tasks\System Cleanup by Zappit.job
[2009/11/10 00:11:39 | 00,172,032 | ---- | C] () -- C:\Windows\msa.exe
[2009/11/10 00:11:35 | 00,000,240 | -H-- | C] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2009/11/10 00:11:32 | 00,000,282 | -H-- | C] () -- C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
[2009/11/10 00:11:30 | 00,000,000 | ---- | C] () -- C:\Windows\win32k.sys
[2009/11/01 13:40:17 | 00,008,893 | ---- | C] () -- C:\Users\Johan\.recently-used.xbel
[2009/10/30 23:11:05 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/10/27 07:49:17 | 00,331,693 | ---- | C] () -- C:\Users\Johan\Documents\mia-pics-sep-pages.pdf
[2009/10/27 07:48:53 | 00,400,522 | ---- | C] () -- C:\Users\Johan\Documents\mia-pics-sep-pages.odt
[2009/10/27 07:29:54 | 00,028,341 | ---- | C] () -- C:\Users\Johan\Documents\exhibitintro.pdf
[2009/10/27 07:29:46 | 00,012,876 | ---- | C] () -- C:\Users\Johan\Documents\exhibitintro.odt
[2009/10/27 07:24:30 | 00,331,321 | ---- | C] () -- C:\Users\Johan\Documents\mia-pics.pdf
[2009/10/27 07:24:19 | 00,400,522 | ---- | C] () -- C:\Users\Johan\Documents\mia-pics.odt
[2009/10/27 07:19:26 | 00,028,415 | ---- | C] () -- C:\Users\Johan\Exhibit intro.pdf
[2009/10/16 15:09:01 | 00,001,891 | ---- | C] () -- C:\Users\Johan\Desktop\Rome - Total War.lnk
[2009/10/16 15:08:59 | 00,000,248 | ---- | C] () -- C:\Windows\RomeTW.ini
[2009/09/11 02:06:20 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/07 13:10:03 | 04,089,465 | -H-- | C] () -- C:\Users\Johan\AppData\Local\IconCache.db
[2009/09/04 22:31:02 | 00,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/09/04 20:58:01 | 00,086,304 | ---- | C] () -- C:\Windows\RHVIDEO.DLL
[2009/09/04 20:56:36 | 00,029,536 | ---- | C] () -- C:\Windows\dib.drv
[2009/09/04 20:56:36 | 00,010,368 | ---- | C] () -- C:\Windows\composit.dll
[2009/09/04 20:56:36 | 00,004,148 | ---- | C] () -- C:\Windows\design.ini
[2009/08/21 15:14:21 | 00,001,409 | ---- | C] () -- C:\Windows\disney.ini
[2009/08/07 18:51:34 | 00,178,430 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/07/22 23:43:47 | 00,062,813 | ---- | C] () -- C:\Program Files\Uninstall.exe
[2009/07/18 19:59:24 | 00,196,096 | ---- | C] () -- C:\Windows\System32\macd32.dll
[2009/07/18 19:59:24 | 00,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2009/07/18 19:59:24 | 00,136,192 | ---- | C] () -- C:\Windows\System32\mamc32.dll
[2009/07/18 19:59:24 | 00,057,856 | ---- | C] () -- C:\Windows\System32\masd32.dll
[2009/07/18 19:59:24 | 00,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2009/07/18 19:59:24 | 00,000,022 | ---- | C] () -- C:\Windows\VFO.INI
[2009/07/03 22:51:36 | 00,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2009/06/19 23:01:55 | 00,110,080 | ---- | C] () -- C:\Windows\System32\w32mkrc.dll
[2009/06/19 22:44:40 | 00,000,694 | ---- | C] () -- C:\Windows\MyHeritage.INI
[2009/06/19 22:43:28 | 00,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll
[2009/05/14 17:25:03 | 00,020,992 | ---- | C] () -- C:\Windows\jestertb.dll
[2009/05/08 09:13:04 | 00,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/05/02 23:29:50 | 00,000,680 | ---- | C] () -- C:\Users\Johan\AppData\Local\d3d9caps.dat
[2009/04/30 15:00:12 | 00,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/04/23 17:54:19 | 00,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[2009/04/11 15:43:58 | 00,001,027 | ---- | C] () -- C:\Windows\SIERRA.INI
[2009/04/11 15:41:56 | 00,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009/04/11 15:41:56 | 00,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009/04/11 15:41:56 | 00,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009/04/05 22:46:56 | 00,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2009/04/01 06:36:02 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/03/31 23:43:20 | 00,212,480 | ---- | C] () -- C:\Users\Johan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/31 22:13:49 | 00,108,408 | ---- | C] () -- C:\Users\Johan\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/03/23 23:40:17 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009/03/23 23:40:14 | 00,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
[2007/06/19 07:59:36 | 00,070,400 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2007/05/11 15:12:54 | 00,057,126 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2007/04/20 06:57:30 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007/04/20 06:57:28 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007/04/20 06:57:28 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007/04/20 06:57:28 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007/04/20 06:57:28 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007/04/20 06:57:28 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007/04/20 06:57:28 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007/04/20 06:57:28 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007/04/20 06:57:28 | 00,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/01/10 06:44:26 | 01,457,024 | R--- | C] () -- C:\Windows\System32\SSCProt.dll
[2006/11/02 06:48:00 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 06:35:51 | 00,037,665 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 06:35:51 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 06:35:51 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 06:35:51 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 04:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 04:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 02:43:04 | 00,061,952 | ---- | C] () -- C:\Windows\System32\cngaudit.dll
[2006/11/02 01:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/28 09:31:44 | 00,344,064 | ---- | C] () -- C:\Windows\System32\dlcxcoin.dll
[2006/10/20 19:07:32 | 00,106,496 | ---- | C] () -- C:\Windows\System32\dlcxinsr.dll
[2006/10/20 19:06:44 | 00,036,864 | ---- | C] () -- C:\Windows\System32\dlcxcur.dll
[2006/10/20 19:03:28 | 00,139,264 | ---- | C] () -- C:\Windows\System32\dlcxjswr.dll
[2006/10/20 18:57:40 | 00,176,128 | ---- | C] () -- C:\Windows\System32\dlcxinsb.dll
[2006/10/20 18:56:52 | 00,086,016 | ---- | C] () -- C:\Windows\System32\dlcxcub.dll
[2006/10/20 18:55:28 | 00,073,728 | ---- | C] () -- C:\Windows\System32\dlcxcu.dll
[2006/10/20 18:54:42 | 00,176,128 | ---- | C] () -- C:\Windows\System32\dlcxins.dll
[2006/10/20 18:48:38 | 00,454,656 | ---- | C] () -- C:\Windows\System32\dlcxutil.dll
[2006/10/20 18:46:42 | 00,188,416 | ---- | C] () -- C:\Windows\System32\dlcxgrd.dll
[2006/09/22 06:42:38 | 00,065,536 | ---- | C] () -- C:\Windows\System32\dlcxcaps.dll
[2006/09/06 05:13:14 | 00,073,728 | ---- | C] () -- C:\Windows\System32\dlcxcfg.dll
[2006/08/08 14:58:04 | 00,692,224 | ---- | C] () -- C:\Windows\System32\dlcxdrs.dll
[2006/04/24 14:09:58 | 00,040,960 | ---- | C] () -- C:\Windows\System32\dlcxvs.dll
[2006/03/19 18:03:04 | 00,061,440 | ---- | C] () -- C:\Windows\System32\dlcxcnv4.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:5D432CE3
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:EEDA5B17
< End of report >

BC AdBot (Login to Remove)

 


#2 JohanPotgieter

JohanPotgieter
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 12 November 2009 - 01:30 AM

...and here is the Extras.txt contents:

OTL Extras logfile created on: 11/12/2009 12:08:04 AM - Run 1
OTL by OldTimer - Version 3.1.5.0 Folder = C:\Users\Johan\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.70 Gb Available Physical Memory | 84.94% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 283.40 Gb Total Space | 103.88 Gb Free Space | 36.65% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 9.54 Gb Free Space | 65.11% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 465.64 Gb Total Space | 442.97 Gb Free Space | 95.13% Space Free | Partition Type: FAT32

Computer Name: JOHAN-PC
Current User Name: Johan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2785142996-2003239822-1693863824-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Johan\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [- Browse with PeaZip] -- "C:\Program Files\PeaZip\PEAZIP.EXE" "-ext2browse" "%1" (Giorgio Tani)
Directory [+ Add to separate archive(s)] -- "C:\Program Files\PeaZip\PEAZIP.EXE" "-add2archive" "%1" (Giorgio Tani)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{048B0395-619C-4B99-B348-83CD35819891}" = lport=40093 | protocol=6 | dir=in | name=streaming web cam |
"{066E1A7B-562D-400B-8A0B-A06E400D2CC7}" = lport=137 | protocol=17 | dir=in | app=system |
"{18413A72-0BF2-42E5-9CAE-0F80DF06098E}" = lport=445 | protocol=6 | dir=in | app=system |
"{414D112A-109B-4CAD-AA7A-A9AF8A0B81AF}" = rport=137 | protocol=17 | dir=out | app=system |
"{41D10BD3-FC60-4AF4-8DD5-76F2A0D76FD1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6DBEE302-8FE8-4878-9BDF-04783B6D5215}" = lport=40092 | protocol=6 | dir=in | name=streaming web cam |
"{6E941FD3-7FDE-4762-AA6B-0653157A15F8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6F19F5F8-FAA8-417E-851D-B22D9F74248E}" = rport=138 | protocol=17 | dir=out | app=system |
"{71F288DB-AC51-46BA-9142-22392A3E9A5E}" = rport=445 | protocol=6 | dir=out | app=system |
"{76F60722-1670-42FF-BACE-9F85485473E7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A8BBC391-8F2E-4A41-96D0-55D105F4316C}" = lport=40094 | protocol=6 | dir=in | name=streaming web cam |
"{B1E5BE08-382F-4DA8-B785-216DFDDAC8B6}" = lport=139 | protocol=6 | dir=in | app=system |
"{B73C38A4-68E9-404D-96DE-57409F6F85FB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E359715B-0F35-414C-91E8-2842F7E3A636}" = lport=40091 | protocol=6 | dir=in | name=streaming web cam |
"{E3F4CB1F-AC62-47D1-B94D-FE6BF6757C46}" = lport=40090 | protocol=6 | dir=in | name=streaming web cam |
"{EFFC6613-B050-4C9D-99A0-E2FBC709DB1F}" = rport=139 | protocol=6 | dir=out | app=system |
"{F37ADFF3-8A35-4186-B781-A3457FC776DA}" = lport=40080 | protocol=6 | dir=in | name=remote access media server |
"{F84CD9C9-D5FA-4623-AE0B-8321D1E12D83}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D3C526-288A-4985-BC60-79640870DC3D}" = protocol=17 | dir=in | app=c:\program files\common files\dell\remote access file sync service\dsl_fs_sync.exe |
"{050E13F2-C5FC-468E-9779-3DE5508A43DE}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 10\programs\rm.exe |
"{084930D4-57A8-4C92-8844-A250DF8E2457}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 10\programs\pmsregisterfile.exe |
"{0885B994-6351-416C-858C-9E4E46646818}" = protocol=6 | dir=in | app=c:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{0AA66C07-D426-4E7F-A577-84E0D40906AF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{140B2B01-D5D5-4574-84BC-0132B118BCBF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1509ECB3-62BE-48D9-9170-A69C1540CE43}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{1540FEA8-B6DD-47E3-85EA-DC9EEC6F4C71}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 10\programs\umi.exe |
"{171274E6-1B38-4C0D-BE3C-EE47F8E64782}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 10\programs\umi.exe |
"{2045CDA8-532D-4614-9C9F-06D548329304}" = protocol=17 | dir=in | app=c:\program files\common files\dell\apache\bin\httpd.exe |
"{2D75B43F-09F2-45F9-A9E2-2ECB754F954D}" = protocol=17 | dir=in | app=c:\program files\audio bible ambassador\aba3.exe |
"{369B9203-215C-4868-B9E6-9EB58BCDB3D6}" = protocol=17 | dir=in | app=c:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{3CBC985E-88B6-4B09-B980-EC21BA0D4DC8}" = protocol=17 | dir=in | app=c:\program files\dell remote access\ezi_ra.exe |
"{402116CF-31A9-4404-8DF9-1BB0D773B986}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{422C8B6A-55A4-4A4C-B3AC-8C072D42F3AF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4431B66B-7100-43F7-B99C-FFB6101BFA1C}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 10\programs\rm.exe |
"{563CD61A-9B9D-41AC-AF1E-169CCFE7AD8D}" = protocol=6 | dir=in | app=c:\program files\common files\dell\apache\php.exe |
"{5959AE5F-A99C-41DA-A6DA-067451FEE63B}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 10\programs\pmsregisterfile.exe |
"{61645BA9-7FC1-41A0-B308-B502F46CB5EB}" = protocol=6 | dir=in | app=c:\program files\common files\dell\mysql\bin\mysqld.exe |
"{6269E625-B262-494A-AEA4-0DD20235F69E}" = protocol=17 | dir=in | app=c:\program files\audio bible ambassador\webupdater.exe |
"{6AEC4F2A-4578-4BD0-BAB2-8BD86C4D15BE}" = protocol=17 | dir=in | app=c:\program files\common files\dell\mysql\bin\mysql.exe |
"{6DF494D0-B202-44FC-A1FB-3743DB65C31F}" = protocol=6 | dir=in | app=c:\program files\common files\dell\advanced networking service\hnm_svc.exe |
"{75CE96F1-6F27-49A0-859E-0AA5034E6DE9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8237156B-E813-4EDC-BA5F-04534D016619}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{82E45584-220A-45D0-8E9C-66E73AC39C73}" = protocol=17 | dir=in | app=c:\program files\common files\dell\mysql\bin\mysqld.exe |
"{8DD4E4FB-84E6-44B2-86A2-50CB3C24D13D}" = protocol=17 | dir=in | app=c:\program files\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{91B6F272-D8BB-4F5F-9870-E426AB36A668}" = protocol=17 | dir=in | app=c:\program files\common files\dell\advanced networking service\hnm_svc.exe |
"{92F1AB5A-952A-4607-A51A-362431C250AE}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 10\programs\studio.exe |
"{98258D20-1E86-4F6C-9300-008ED0BE5813}" = protocol=6 | dir=in | app=c:\program files\audio bible ambassador\webupdater.exe |
"{A21ADAB2-4C7B-482D-B0E9-4ADBD549939D}" = protocol=6 | dir=in | app=c:\program files\common files\dell\remote access file sync service\dsl_fs_sync.exe |
"{A8343F37-77CD-4575-92FF-1747D94D8781}" = protocol=6 | dir=in | app=c:\program files\common files\dell\vlc\vlc.exe |
"{ABA9A35B-6AAD-4584-9D12-7068AF190B78}" = protocol=17 | dir=in | app=c:\program files\electronic arts\medal of honor airborne\unrealengine3\binaries\moha.exe |
"{B3C9F97B-5313-413F-BC14-06B48F0B96A5}" = protocol=6 | dir=in | app=c:\program files\electronic arts\medal of honor airborne\unrealengine3\binaries\moha.exe |
"{B58A1956-0CC7-47CA-9BFA-BE45A5888920}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{C3E5B767-9E7D-453F-A4AF-CA4D352F0A98}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C4EC27AA-11F2-4D00-B351-7F49EF27EDA5}" = protocol=6 | dir=in | app=c:\windows\system32\dlcxcoms.exe |
"{C5D12088-9A20-48E8-850C-55C7EA2DBB10}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C9F284BB-3867-4156-84C8-CFE55566D340}" = protocol=17 | dir=in | app=c:\windows\system32\dlcxcoms.exe |
"{CA463A29-3402-4D48-92AC-BAD336A0C3EA}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{CE401AF0-0872-4363-AC91-72FEFAAA098A}" = protocol=17 | dir=in | app=c:\program files\common files\dell\vlc\vlc.exe |
"{D7B0CE4C-B915-4E1A-A374-73CA40E1CDF1}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 10\programs\studio.exe |
"{D80D86E6-416F-48E8-BADA-42252169B6FF}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{D85AE5C7-CD66-46E5-B2D5-483B3C450BE6}" = protocol=6 | dir=in | app=c:\program files\audio bible ambassador\aba3.exe |
"{D92CB99A-805B-480C-81A1-51B38420647B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DDD2B2DF-BF16-4D21-AA9D-5ED2BF3DF6B4}" = protocol=6 | dir=in | app=c:\program files\common files\dell\apache\bin\httpd.exe |
"{E1744F8F-9A91-49F3-98E4-5AAF61F623A0}" = protocol=6 | dir=in | app=c:\program files\dell remote access\ezi_ra.exe |
"{F668ED20-9CD8-4265-822A-50023AE18890}" = protocol=6 | dir=in | app=c:\program files\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{FCAEFE08-3A8A-4039-80CC-E6257BC19A07}" = protocol=6 | dir=in | app=c:\program files\common files\dell\mysql\bin\mysql.exe |
"{FFD90493-0A78-41C7-AC67-2BF542BCC84C}" = protocol=17 | dir=in | app=c:\program files\common files\dell\apache\php.exe |
"TCP Query User{03425EF8-1FE7-4F94-8A73-B8E4B489AC94}C:\users\johan\eve\bin\exefile.exe" = protocol=6 | dir=in | app=c:\users\johan\eve\bin\exefile.exe |
"TCP Query User{48F278C6-E046-45CA-BE76-ADD571C3793E}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{6C290ACF-ED6F-4C84-9B0C-F67BE083E002}C:\program files\microsoft games\age of empires\empires.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe |
"TCP Query User{84B509DB-45CC-4F57-A8DE-E18FB5C6AFF8}C:\users\johan\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\johan\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{8D1744AB-D22C-46CC-98A6-4AF840B7BC0C}C:\sierra\empire earth - the art of conquest\ee-aoc.exe" = protocol=6 | dir=in | app=c:\sierra\empire earth - the art of conquest\ee-aoc.exe |
"TCP Query User{D9C1A42A-6E43-432A-8F31-1EFEC0684FE9}C:\program files\steam\steamapps\common\dawn of war 2\dow2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe |
"TCP Query User{ED6C968A-D744-43E2-B16E-A1AD5710FFC8}C:\sierra\empire earth\empire earth.exe" = protocol=6 | dir=in | app=c:\sierra\empire earth\empire earth.exe |
"UDP Query User{18D62888-735A-42EC-8A4F-8B5D7C0090D2}C:\sierra\empire earth - the art of conquest\ee-aoc.exe" = protocol=17 | dir=in | app=c:\sierra\empire earth - the art of conquest\ee-aoc.exe |
"UDP Query User{2749AFE6-CD14-461E-B58E-E82814A053AB}C:\sierra\empire earth\empire earth.exe" = protocol=17 | dir=in | app=c:\sierra\empire earth\empire earth.exe |
"UDP Query User{3C1A4F5C-B575-4A51-BD1E-7EBD671AB089}C:\program files\microsoft games\age of empires\empires.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires\empires.exe |
"UDP Query User{72A0EB34-7E42-40FD-AE9C-93D9495A8AC4}C:\users\johan\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\johan\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{80933E58-AF1D-44C5-85B5-248DA9AB3AB6}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{B880C119-0CB5-4FEC-A779-7BE7BADA4323}C:\users\johan\eve\bin\exefile.exe" = protocol=17 | dir=in | app=c:\users\johan\eve\bin\exefile.exe |
"UDP Query User{EE1CB883-BF88-49F3-A1FA-8C3F8DBBF6A8}C:\program files\steam\steamapps\common\dawn of war 2\dow2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{01CBFCE7-95AD-40F3-BC63-C46EFB2FC9C4}" = Pirates of the Caribbean - At Worlds End
"{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades
"{03B25762-461B-22C8-9AF0-170F3D749061}" = Catalyst Control Center Graphics Previews Vista
"{03BF49A6-A643-A836-0732-2467E9A6B911}" = Catalyst Control Center Localization Korean
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0AC7F464-85E9-337D-B100-DC178C14A699}" = Catalyst Control Center Core Implementation
"{0BC1B842-C298-99E6-D0A8-FA3B33A07C5C}" = Catalyst Control Center Localization German
"{0BF215E3-C97F-7BF3-96D0-9C7D3F5FF9B4}" = Catalyst Control Center Localization Chinese Traditional
"{0D1303D7-3918-3014-E119-33DBB649BE86}" = Catalyst Control Center Localization Spanish
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{138BF761-BFAA-29BB-B755-91262DE91A19}" = ccc-core-static
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{162981A5-050A-3DDA-2477-49724E334DEF}" = CCC Help Spanish
"{18A265FA-A1F2-413E-940E-A6A255733CA3}" = ZHelp
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}" = Supreme Commander
"{25F28E39-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 16
"{276B965A-AC01-955C-E678-C8D25C58A42B}" = Catalyst Control Center Graphics Previews Common
"{28981DB1-9F50-40EE-A51A-1B589FA42C2B}" = ConceptDraw MINDMAP 5 Professional
"{2B83C858-A352-1E5D-0052-C326C815F3C4}" = CCC Help Japanese
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3D8F9830-D6A3-413A-9A54-993827A73E47}" = DELL0604
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{5370D92F-CF5A-4A38-DE84-151F9F58BCB2}" = Catalyst Control Center Localization Italian
"{56CDA83B-BC0B-A4A7-BD48-1176A6C97033}" = Catalyst Control Center Graphics Light
"{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 2.6
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{6084D038-3401-4C9D-A216-86E6EEA25AFB}" = ZBrush3
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{63EB4545-0CB5-35FE-D20C-F8E6995703F3}" = Catalyst Control Center Localization French
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1" = Auslogics Duplicate File Finder
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{712A51A2-68F2-17D2-E3EB-C199DA0E0BE0}" = Catalyst Control Center Localization Portuguese
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.11.0
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{88477E65-A679-2CAE-645A-5073ED86715B}" = CCC Help Portuguese
"{888FFC82-688D-46AB-A776-B417885432B6}" = Zune
"{88DCB080-7A56-5697-4407-21BD03DCE401}" = Catalyst Control Center Graphics Full New
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8AC7ACAD-10E5-E7F4-481A-29C4C8B19990}" = Catalyst Control Center Graphics Full Existing
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PUBLISHERR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PUBLISHERR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PUBLISHERR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PUBLISHERR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PUBLISHERR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PUBLISHERR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0019-0000-0000-0000000FF1CE}" = Microsoft Office Publisher 2007
"{91120000-0019-0000-0000-0000000FF1CE}_PUBLISHERR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0019-0000-0000-0000000FF1CE}_PUBLISHERR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9870C7AE-7C6A-478D-9A75-35827382220F}" = Pinnacle Systems USB-2 Device Drivers
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{99D8CE0E-20C7-3761-5F90-0E1329A55824}" = CCC Help Hungarian
"{9A2F0810-3619-4E86-9072-973FBE1679C5}" = QuickBooks Simple Start 2009
"{9A2F0810-369F-4E86-9072-973FBE1679C5}" = QuickBooks
"{9C2F79E2-4B21-E840-CF5B-FF1EE52E5B9F}" = Catalyst Control Center Localization Chinese Standard
"{9C48DCA4-00C2-449C-88D8-B1EE1692B44F}" = Safari
"{A029AD64-F8F2-09AD-E29B-623B4BBF872C}" = CCC Help French
"{A09B8374-BD00-63EB-9616-E624A44EF877}" = CCC Help German
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A28D08AE-3FBD-EBDB-BA28-CE719F699E48}" = CCC Help Chinese Standard
"{A3111537-BA7A-C129-1E6B-E2C77DCA3AD2}" = CCC Help Italian
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War™
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{ABBACAD2-4DAF-490E-932B-E330B33FCF98}" = Softi FreeOCR
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2050314-D2DF-6589-E155-5E4E8F8AB3D4}" = Catalyst Control Center Localization Turkish
"{B49C924C-A651-4378-94F6-5D9BF44A959F}" = Empire Earth - The Art of Conquest
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BBC783B7-8725-3B1C-B49A-BA7F09391251}" = Google Talk Plugin
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C194D333-B84A-4BB7-B35E-060732D98DC4}" = GPGNet
"{C2112C02-1BCA-A86F-F6E1-264CCE43F451}" = CCC Help Chinese Traditional
"{C2D541C2-B516-B049-EC3F-41B7A8E1C72D}" = ccc-utility
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CDA2EBE1-999C-48FB-DF9A-81C789900BFF}" = CCC Help Turkish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D68F16A7-9447-8A92-7EF3-A4E26B2A95EE}" = CCC Help English
"{DE27264D-7CA0-3317-7192-C64F0B7D9AB3}" = Catalyst Control Center Localization Japanese
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E044161D-75F5-3EC5-2BDA-42D106E602D2}" = CCC Help Korean
"{E112EC9E-B411-F3E0-EF02-C0D21C09F329}" = Catalyst Control Center Localization Hungarian
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{EA778E78-0B7B-05AE-A72F-AF484D201DFB}" = Skins
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F66A31D9-7831-4FBA-BA02-C411C0047CC5}" = Dell Remote Access
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{FC66E05E-8D39-47A6-8D07-759F33727EB0}" = Opera 10.00
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1190-3857-8766-9166" = PersonalBrain 5
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires Gold 1.0" = Microsoft Age of Empires Gold
"AudibleManager" = AudibleManager
"Audio Bible Ambassador_is1" = Audio Bible Ambassador 1.0
"Brother's Keeper 6.3" = Brother's Keeper 6.3
"Caesar 3" = Caesar 3
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"doPDF 6 printer_is1" = doPDF 6.2 printer
"Duplicate Cleaner_is1" = Duplicate Cleaner 1.4.3
"eMachineShop" = eMachineShop
"EVE" = EVE Online (remove only)
"Family Tree Builder" = MyHeritage Family Tree Builder
"Genealogica Grafica_is1" = Genealogica Grafica
"GenealogicaGrafica_is1" = GenealogicaGrafica
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"HTMLKit_is1" = HTML-Kit
"ImgBurn" = ImgBurn
"Inkscape" = Inkscape 0.46
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War™
"InstallShield_{BD57EA4D-026E-4F08-9B93-080E282B81FE}" = iPod for Windows 2006-06-28
"IrfanView" = IrfanView (remove only)
"LimeWire" = LimeWire 5.1.3
"lvdrivers_12.0" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"PDF-to-Image 1.0" = PDF-to-Image 1.0
"Picasa 3" = Picasa 3
"ProcessScanner_is1" = Uniblue ProcessScanner
"PROSetDX" = Intel® PRO Network Connections 12.1.11.0
"PUBLISHERR" = Microsoft Office Publisher 2007 Trial
"RealPlayer 6.0" = RealPlayer
"SimCity 3000" = SimCity 3000
"SkypeForFireFox_is1" = Skype Plugin for Firefox
"Steam App 15620" = Warhammer 40,000: Dawn of War II
"SyncBack_is1" = SyncBack
"TeamViewer 4" = TeamViewer 4
"ToolBox" = NCH Toolbox
"Train Simulator 1.0" = Microsoft Train Simulator
"TreeSize Free_is1" = TreeSize Free V2.3
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zappit! System Cleaner by Cloudeight_is1" = Zappit!
"Zune" = Zune

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2785142996-2003239822-1693863824-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"FileZilla Client" = FileZilla Client 3.2.4.1
"Google Chrome" = Google Chrome

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2785142996-2003239822-1693863824-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"FileZilla Client" = FileZilla Client 3.2.4.1
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/4/2009 2:28:32 PM | Computer Name = Johan-PC | Source = EventSystem | ID = 4609
Description =

Error - 11/4/2009 4:17:42 PM | Computer Name = Johan-PC | Source = Application Error | ID = 1000
Description = Faulting application dlcxPSWX.EXE, version 4.48.0.0, time stamp 0x45386386,
faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821, exception
code 0xc0000005, fault offset 0x00039861, process id 0x118c, application start time
0x01ca5d8bdc0efc93.

Error - 11/4/2009 4:33:56 PM | Computer Name = Johan-PC | Source = EventSystem | ID = 4609
Description =

Error - 11/4/2009 4:36:48 PM | Computer Name = Johan-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/4/2009 7:34:05 PM | Computer Name = Johan-PC | Source = EventSystem | ID = 4621
Description =

Error - 11/5/2009 4:42:28 AM | Computer Name = Johan-PC | Source = EventSystem | ID = 4621
Description =

Error - 11/5/2009 9:23:10 AM | Computer Name = Johan-PC | Source = EventSystem | ID = 4621
Description =

Error - 11/5/2009 11:13:36 PM | Computer Name = Johan-PC | Source = EventSystem | ID = 4621
Description =

Error - 11/6/2009 1:29:51 AM | Computer Name = Johan-PC | Source = EventSystem | ID = 4621
Description =

Error - 11/6/2009 9:23:24 AM | Computer Name = Johan-PC | Source = EventSystem | ID = 4621
Description =

[ System Events ]
Error - 11/12/2009 12:56:58 AM | Computer Name = Johan-PC | Source = netbt | ID = 4321
Description = The name "ALFRIDA :0" could not be registered on the interface
with IP address 192.168.0.3. The computer with the IP address 192.168.0.7 did not
allow the name to be claimed by this computer.

Error - 11/12/2009 1:00:13 AM | Computer Name = Johan-PC | Source = netbt | ID = 4321
Description = The name "ALFRIDA :0" could not be registered on the interface
with IP address 192.168.0.3. The computer with the IP address 192.168.0.7 did not
allow the name to be claimed by this computer.

Error - 11/12/2009 1:08:07 AM | Computer Name = Johan-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 11/12/2009 1:08:12 AM | Computer Name = Johan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 11/12/2009 1:10:26 AM | Computer Name = Johan-PC | Source = netbt | ID = 4321
Description = The name "ALFRIDA :0" could not be registered on the interface
with IP address 192.168.0.3. The computer with the IP address 192.168.0.7 did not
allow the name to be claimed by this computer.

Error - 11/12/2009 1:20:37 AM | Computer Name = Johan-PC | Source = netbt | ID = 4321
Description = The name "ALFRIDA :0" could not be registered on the interface
with IP address 192.168.0.3. The computer with the IP address 192.168.0.7 did not
allow the name to be claimed by this computer.

Error - 11/12/2009 1:30:43 AM | Computer Name = Johan-PC | Source = netbt | ID = 4321
Description = The name "ALFRIDA :0" could not be registered on the interface
with IP address 192.168.0.3. The computer with the IP address 192.168.0.7 did not
allow the name to be claimed by this computer.

Error - 11/12/2009 1:40:48 AM | Computer Name = Johan-PC | Source = netbt | ID = 4321
Description = The name "ALFRIDA :0" could not be registered on the interface
with IP address 192.168.0.3. The computer with the IP address 192.168.0.7 did not
allow the name to be claimed by this computer.

Error - 11/12/2009 1:50:50 AM | Computer Name = Johan-PC | Source = netbt | ID = 4321
Description = The name "ALFRIDA :0" could not be registered on the interface
with IP address 192.168.0.3. The computer with the IP address 192.168.0.7 did not
allow the name to be claimed by this computer.

Error - 11/12/2009 2:00:57 AM | Computer Name = Johan-PC | Source = netbt | ID = 4321
Description = The name "ALFRIDA :0" could not be registered on the interface
with IP address 192.168.0.3. The computer with the IP address 192.168.0.7 did not
allow the name to be claimed by this computer.


< End of report >

#3 JohanPotgieter

JohanPotgieter
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 15 November 2009 - 12:51 AM

I thought I had OTL downloaded and its logs run, but now I cannot find it anywhere. I do not seem able to run Hijack this either...

Please help!

#4 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:03:10 AM

Posted 15 November 2009 - 04:18 PM

A merge of 2 topics.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users