Thank you for your help. I copied over OTL; it spit out "extras.txt", but I'll assume they are the same. I should add that I had, between now and when I posted (I couldn't find a way to edit my original post) that I ran Avast on startup; it found that "bamital-x" had infected explorer.exe and wininit.exe.
OTL.txt is as follows; followed by extras.txt
FOTL logfile created on: 8/31/2010 11:11:51 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Krug_Jona\Desktop
Windows Vista Enterprise Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 93.16 Gb Total Space | 11.53 Gb Free Space | 12.37% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 498.99 Mb Total Space | 498.43 Mb Free Space | 99.89% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: 002186984B81
Current User Name: Krug_Jona
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/08/31 23:09:50 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Krug_Jona\Desktop\OTL.exe
PRC - [2010/07/31 21:04:59 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/07/31 21:04:56 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009/12/14 17:03:41 | 000,149,904 | ---- | M] (Microsoft ® Corporation) -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
PRC - [2009/10/03 00:34:42 | 000,015,216 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
PRC - [2008/01/20 22:23:25 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2007/12/14 16:37:38 | 000,058,224 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2007/11/02 15:51:02 | 000,036,136 | ---- | M] (Lenovo) -- C:\Windows\System32\ibmpmsvc.exe
PRC - [2007/10/16 18:33:00 | 000,037,424 | ---- | M] (Lenovo.) -- C:\Windows\System32\TPHDEXLG.exe
PRC - [2007/05/17 17:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2007/02/06 08:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007/01/30 12:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) -- C:\Windows\System32\IPSSVC.EXE
PRC - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/12/22 07:31:50 | 000,108,712 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
========== Modules (SafeList) ==========
MOD - [2010/08/31 23:09:50 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Krug_Jona\Desktop\OTL.exe
MOD - [2008/01/20 22:24:11 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/20 22:23:20 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\ComboFix\PEV.cfx -- (PEVSystemStart)
SRV - [2010/08/09 18:08:29 | 000,468,368 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\DOWNLO~1\DMService.exe -- (DMService)
SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/06/28 16:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/14 17:03:41 | 000,149,904 | ---- | M] (Microsoft ® Corporation) [Auto | Running] -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe -- (uagqecsvc)
SRV - [2009/10/31 12:28:25 | 000,320,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008/01/20 22:23:07 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/14 16:37:38 | 000,058,224 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2007/11/02 15:51:02 | 000,036,136 | ---- | M] (Lenovo) [Auto | Running] -- C:\Windows\System32\ibmpmsvc.exe -- (IBMPMSVC)
SRV - [2007/10/25 16:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007/10/18 12:31:54 | 000,098,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2007/10/16 18:33:00 | 000,037,424 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\System32\TPHDEXLG.exe -- (TPHDEXLGSVC)
SRV - [2007/05/17 17:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2007/02/06 08:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007/01/30 12:05:02 | 000,108,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Windows\System32\IPSSVC.EXE -- (IPSSVC)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/22 07:31:50 | 000,108,712 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (igfx)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\HECI.sys -- (HECI) Intel®
DRV - [2010/06/28 16:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/06/28 16:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/06/28 16:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/06/28 16:32:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/06/28 16:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/02/11 15:19:04 | 000,030,144 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV - [2009/09/01 17:59:44 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/01/29 13:46:51] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009/05/08 10:02:18 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008/12/01 12:52:14 | 000,103,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008/11/15 09:17:00 | 007,590,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/07/21 08:11:58 | 000,024,392 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2008/03/05 18:43:32 | 000,223,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2008/01/20 22:23:01 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:23:01 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:01 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:00 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:00 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:00 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:00 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008/01/20 22:23:00 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:22:59 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:22:59 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 22:22:59 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:22:59 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:22:58 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:22:58 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:22:58 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:22:58 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:22:57 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:22:57 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:22:56 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:22:55 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:22:55 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:22:55 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/20 22:22:55 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:22:54 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:22:36 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:22:36 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/20 22:22:35 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/11 02:20:00 | 000,012,080 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\TPPWR32V.SYS -- (TPPWRIF)
DRV - [2007/12/07 10:13:04 | 000,348,160 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2007/11/26 23:47:30 | 002,252,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/11/21 18:08:58 | 000,181,168 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/11/02 15:50:30 | 000,021,808 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV - [2007/11/01 16:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/11/01 16:47:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/11/01 16:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/10/18 14:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/10/16 18:33:00 | 000,103,472 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2007/10/16 18:32:00 | 000,019,504 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2007/09/29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/04/10 17:46:48 | 001,966,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV - [2007/03/21 22:02:00 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 14:42:00 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 16:40:00 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/06 17:24:56 | 000,012,080 | ---- | M] (Lenovo Group Limited) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PROCDD.SYS -- (PROCDD)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/10/13 03:21:00 | 000,020,512 | ---- | M] (EnTech Taiwan) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TVicPort.sys -- (TVicPort)
DRV - [2006/09/13 13:42:44 | 000,035,264 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2006/08/30 19:04:04 | 000,013,744 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2005/05/17 10:20:06 | 000,015,872 | ---- | M] (Atmel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atmeltpm.sys -- (atmeltpm)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.bentley.edu
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:52880
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/09 18:04:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/31 21:05:06 | 000,000,000 | ---D | M]
[2010/08/28 18:29:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/25 15:46:47 | 000,061,848 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2008/07/14 12:12:20 | 000,001,004 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bentley-library-catalog.xml
O1 HOSTS File: ([2008/02/22 00:00:16 | 000,000,808 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 HPSystem # LMS GENERATED LINE
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Krug_Jona\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [BLOG] C:\Program Files\ThinkPad\Utilities\BTVLOGEX.DLL ()
O4 - HKLM..\Run: [LPMailChecker] C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [LPManager] C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [rundll32] C:\Windows\System32\ntload.exe (bukrwl)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe (Lenovo)
O4 - HKLM..\Run: [TpShocks] C:\Windows\System32\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKCU..\Run: [rundll32] C:\Users\Krug_Jona\rundll32.exe File not found
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [combofix] C:\ComboFix\CF20337.cfx File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Download All By FlashGet3 - C:\Users\Krug_Jona\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download By FlashGet3 - C:\Users\Krug_Jona\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send To CaseMap - C:\Windows\System32\lnToCM.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: bentley.edu ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: bentley.edu ([owa] https in Trusted sites)
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A}
https://cehomenet.coned.com/InternalSite/WhlCompMgr.cab (Forefront UAG endpoint components)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B70D738E-B839-413B-9555-D108643E05B9}
http://deploy.bentley.edu/controls/BentleyUpdate07.CAB (BentleyUpdate07.BentleyUpdates07)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 128.239.29.9 128.239.20.9
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\x-excid {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\Windows\Downloaded Program Files\mimectl.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\Windows\system32\ntload.exe) - C:\Windows\System32\ntload.exe (bukrwl)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O24 - Desktop WallPaper: C:\Users\Krug_Jona\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Krug_Jona\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{868585ca-42b2-11dd-82c1-000ffe7f6716}\Shell - "" = AutoRun
O33 - MountPoints2\{868585ca-42b2-11dd-82c1-000ffe7f6716}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{f6fc0768-3bd8-11de-9884-002186984b81}\Shell - "" = AutoRun
O33 - MountPoints2\{f6fc0768-3bd8-11de-9884-002186984b81}\Shell\AutoRun\command - "" = G:\Setup.EXE -- File not found
O33 - MountPoints2\{f6fc0768-3bd8-11de-9884-002186984b81}\Shell\verb0\command - "" = \SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
MsConfig - StartUpReg:
Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg:
Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg:
AnyDVD - hkey= - key= - C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
MsConfig - StartUpReg:
avast5 - hkey= - key= - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
MsConfig - StartUpReg:
BDRegion - hkey= - key= - C:\Program Files\CyberLink\Shared Files\brs.exe (cyberlink)
MsConfig - StartUpReg:
Cobian Backup 9 - hkey= - key= - C:\Program Files\Cobian Backup 9\Cobian.exe (Luis Cobian)
MsConfig - StartUpReg:
combofix - hkey= - key= - C:\ComboFix\CF20337.cfx File not found
MsConfig - StartUpReg:
DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
MsConfig - StartUpReg:
DivX Free Codec - hkey= - key= - C:\Program Files\DivX Free Codec\Divx Free Update.exe ()
MsConfig - StartUpReg:
DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg:
iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg:
LifeCam - hkey= - key= - C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
MsConfig - StartUpReg:
Malwarebytes Anti-Malware (reboot) - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
MsConfig - StartUpReg:
PDVD9LanguageShortcut - hkey= - key= - C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
MsConfig - StartUpReg:
QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg:
RemoteControl9 - hkey= - key= - C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
MsConfig - StartUpReg:
Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg:
TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - State: "startup" - 2
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0EEB34F6-991D-4a1b-8EEB-772DA0EADB22} - Microsoft Office Communicator 2005
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.3
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {b0f84fec-95ad-4f3e-8fc0-6bc1bbadbf0d} -
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
========== Files/Folders - Created Within 30 Days ==========
[2010/08/24 02:52:25 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/08/24 02:52:25 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/08/24 02:52:25 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/08/24 02:52:19 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/24 02:52:18 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010/08/24 02:52:18 | 000,000,000 | --SD | C] -- \ComboFix
[2010/08/24 02:51:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/08/24 02:51:58 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/08/24 02:51:58 | 000,000,000 | ---D | C] -- \32788R22FWJFW
[2010/08/24 02:47:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/08/24 02:47:48 | 000,000,000 | ---D | C] -- \Qoobox
[2010/08/24 01:41:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/08/24 01:41:47 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/08/24 01:41:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/24 01:41:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/24 01:41:26 | 000,000,000 | ---D | C] -- C:\F43D.tmp
[2010/08/24 01:41:26 | 000,000,000 | ---D | C] -- \F43D.tmp
[2010/08/23 12:04:24 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr
[2010/08/23 12:04:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/08/18 17:31:54 | 000,000,000 | ---D | C] -- C:\Users\Krug_Jona\Evil Genius saved layouts
[2010/08/11 11:24:50 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010/08/11 11:24:45 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/08/11 11:24:42 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/08/11 11:24:42 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/08/11 11:24:42 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/08/11 11:24:41 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/08/11 11:24:41 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/08/11 11:24:41 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/08/11 11:24:41 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/08/11 11:24:41 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/08/11 11:24:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/08/11 11:24:32 | 002,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/08/11 11:24:30 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/08/11 11:24:27 | 003,598,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/08/11 11:24:27 | 003,545,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/08/09 18:08:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Forefront UAG
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
[1 \*.tmp files -> \*.tmp -> ]
[1 \*.tmp files -> \*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/08/31 23:12:05 | 004,456,448 | -HS- | M] () -- C:\Users\Krug_Jona\ntuser.dat
[2010/08/31 23:11:50 | 000,707,392 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/31 23:11:50 | 000,607,406 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/31 23:11:50 | 000,105,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/31 23:11:16 | 000,085,217 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/31 23:10:42 | 000,085,217 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/31 23:08:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/29 13:27:50 | 000,004,000 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/29 13:27:50 | 000,004,000 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/28 18:17:50 | 000,025,181 | ---- | M] () -- C:\Windows\System32\PROCDB.INI
[2010/08/28 18:17:48 | 000,000,380 | ---- | M] () -- C:\Windows\System32\IPSCtrl.INI
[2010/08/28 18:17:47 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/28 18:17:21 | 2112,143,360 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/27 03:22:48 | 000,524,288 | -HS- | M] () -- C:\Users\Krug_Jona\ntuser.dat{c31aa4c2-3b49-11de-a673-002186984b81}.TMContainer00000000000000000001.regtrans-ms
[2010/08/27 03:22:48 | 000,065,536 | -HS- | M] () -- C:\Users\Krug_Jona\ntuser.dat{c31aa4c2-3b49-11de-a673-002186984b81}.TM.blf
[2010/08/24 10:07:37 | 274,272,502 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/24 01:41:50 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/24 01:12:33 | 000,000,708 | ---- | M] () -- C:\ProgramData\.wtav
[2010/08/23 13:39:48 | 000,002,657 | ---- | M] () -- C:\Users\Krug_Jona\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook 2007.lnk
[2010/08/23 12:04:50 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/08/23 11:50:13 | 000,002,619 | ---- | M] () -- C:\Users\Krug_Jona\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office PowerPoint 2007.lnk
[2010/08/22 19:15:11 | 000,002,651 | ---- | M] () -- C:\Users\Krug_Jona\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2010/08/12 13:19:27 | 000,000,632 | ---- | M] () -- C:\Windows\Sofplat.INI
[2010/08/12 03:24:41 | 000,413,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/10 23:09:55 | 000,000,424 | ---- | M] () -- C:\Windows\System32\secustat.dat
[2010/08/10 23:06:11 | 000,001,477 | ---- | M] () -- C:\Windows\System32\secushr.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/08/24 15:13:52 | 2112,143,360 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/24 15:13:52 | 2112,143,360 | -HS- | C] () --
[2010/08/24 02:52:25 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/08/24 02:52:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/08/24 02:52:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/08/24 02:52:25 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/08/24 02:52:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/08/24 01:41:50 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/24 01:12:46 | 000,000,360 | ---- | C] () -- \rkill.log
[2010/08/24 00:59:09 | 000,000,708 | ---- | C] () -- C:\ProgramData\.wtav
[2010/08/12 13:19:27 | 000,000,632 | ---- | C] () -- C:\Windows\Sofplat.INI
[2010/07/31 20:48:20 | 000,000,000 | ---- | C] () -- \conmgr.log
[2010/07/31 20:47:18 | 003,566,434 | ---- | C] () -- C:\Windows\System32\fun_avcodec.dll
[2010/07/31 20:47:18 | 000,827,392 | ---- | C] () -- C:\Windows\System32\Mpeg4System.dll
[2010/07/31 20:47:18 | 000,167,936 | ---- | C] () -- C:\Windows\System32\Mpeg4Tools.dll
[2010/07/31 20:47:18 | 000,122,880 | ---- | C] () -- C:\Windows\System32\Mpeg4DSF.dll
[2010/07/31 20:47:18 | 000,042,108 | ---- | C] () -- C:\Windows\System32\fun_avutil.dll
[2010/07/31 20:47:17 | 000,241,664 | ---- | C] () -- C:\Windows\System32\AMR.dll
[2010/07/31 20:47:17 | 000,057,344 | ---- | C] () -- C:\Windows\System32\EvrcDecDll.dll
[2010/07/31 20:47:17 | 000,057,344 | ---- | C] () -- C:\Windows\System32\AMRDSF.dll
[2010/05/20 15:53:18 | 000,000,179 | ---- | C] () -- \Debug.log
[2010/03/14 19:23:43 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010/02/11 16:42:26 | 000,001,732 | ---- | C] () -- \tvtpktfilter.dat
[2010/01/28 19:05:55 | 000,102,400 | ---- | C] () -- C:\Windows\System32\LNToCMCrypt.dll
[2009/09/19 18:32:10 | 000,339,968 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2009/09/19 18:32:10 | 000,114,688 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2009/08/31 09:28:08 | 000,000,000 | ---- | C] () -- C:\Windows\leogeo_timebeat.ini
[2009/08/27 03:07:35 | 000,000,268 | -H-- | C] () -- \sqmdata01.sqm
[2009/08/27 03:07:35 | 000,000,244 | -H-- | C] () -- \sqmnoopt01.sqm
[2009/08/13 03:10:39 | 000,000,268 | -H-- | C] () -- \sqmdata00.sqm
[2009/08/13 03:10:39 | 000,000,244 | -H-- | C] () -- \sqmnoopt00.sqm
[2009/08/03 17:33:49 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2009/07/23 01:46:12 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2009/06/11 23:47:43 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009/05/15 14:25:09 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009/05/10 17:03:02 | 000,460,824 | ---- | C] () -- \img2-001.raw
[2009/05/07 18:41:33 | 000,001,057 | -H-- | C] () -- \IPH.PH
[2008/10/29 10:31:52 | 000,094,208 | ---- | C] () -- C:\Windows\System32\KMPICBC.dll
[2008/10/29 10:31:52 | 000,065,536 | ---- | C] () -- C:\Windows\System32\KMPICSN.dll
[2008/10/29 10:31:52 | 000,049,152 | ---- | C] () -- C:\Windows\System32\KMPICBD.dll
[2008/10/24 16:26:38 | 000,085,217 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/10/24 16:26:38 | 000,085,217 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/07/30 09:46:00 | 000,025,181 | ---- | C] () -- C:\Windows\System32\PROCDB.INI
[2008/07/30 09:46:00 | 000,000,380 | ---- | C] () -- C:\Windows\System32\IPSCtrl.INI
[2008/07/28 17:29:28 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/07/28 17:29:28 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/07/28 17:29:28 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/07/28 17:29:28 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/07/28 17:29:28 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/07/28 17:29:28 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/07/28 17:29:17 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2008/07/28 17:29:17 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2008/07/28 17:25:15 | 000,012,080 | ---- | C] () -- C:\Windows\System32\drivers\TPPWR32V.SYS
[2008/07/28 17:22:51 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/04/18 08:53:34 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/03/10 14:19:33 | 2425,909,248 | -HS- | C] () --
[2008/02/15 14:20:38 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK
[2008/02/15 14:20:37 | 000,333,203 | RHS- | C] () -- \bootmgr
[2008/01/20 22:25:00 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2008/01/20 22:24:36 | 000,528,608 | ---- | C] () -- C:\Windows\System32\mswdhnpo.dll
[2007/08/24 19:46:48 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
[2007/07/03 15:22:28 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2007/04/10 17:46:48 | 000,015,498 | ---- | C] () -- C:\Windows\VX3000.ini
[2006/11/02 06:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:08 | 000,000,010 | ---- | C] () -- \config.sys
[2006/09/25 00:02:34 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/25 00:02:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008/01/20 22:22:36 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 22:22:36 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 22:22:36 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 22:22:36 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 22:22:36 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/20 22:22:36 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 22:22:36 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2007/09/29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007/09/29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
[2007/09/29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_41af7b1f\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008/01/20 22:22:57 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/20 22:22:57 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 22:22:57 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 22:23:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/20 22:23:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVRAID.SYS >
[2008/01/20 22:22:55 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008/01/20 22:22:55 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008/01/20 22:22:55 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006/11/02 05:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 22:22:55 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 22:22:55 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 22:22:55 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008/01/20 22:24:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/20 22:24:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008/01/20 22:24:15 | 000,242,744 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008/01/20 22:24:11 | 000,225,792 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008/01/20 23:12:53 | 017,326,080 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 23:12:42 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 23:12:53 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\drivers\*.sys /90 >
[2010/06/28 16:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/06/28 16:32:56 | 000,050,256 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/06/28 16:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/06/28 16:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/06/28 16:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/06/18 10:43:36 | 000,302,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys
[2010/06/18 10:43:14 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys
[2010/06/16 11:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpip.sys
========== Files - Unicode (All) ==========
[2008/01/20 22:24:24 | 000,122,368 | ---- | M] ()(C:\Windows\System32\us?rinit.exe) -- C:\Windows\System32\usеrinit.exe
[2008/01/20 22:24:24 | 000,122,368 | ---- | C] ()(C:\Windows\System32\us?rinit.exe) -- C:\Windows\System32\usеrinit.exe
< End of report >
Extras.txt
OTL Extras logfile created on: 8/31/2010 11:11:51 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Krug_Jona\Desktop
Windows Vista Enterprise Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 93.16 Gb Total Space | 11.53 Gb Free Space | 12.37% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 498.99 Mb Total Space | 498.43 Mb Free Space | 99.89% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: 002186984B81
Current User Name: Krug_Jona
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\xchat\xchat.exe" = C:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client -- File not found
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05CFC5AA-5F96-44B6-A12E-39A8FB2417F8}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{0AD2C6D2-4BD1-44F5-8D44-B75EE5314EDF}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{131BFB3F-3CD0-4829-BABF-8CF37DFBF0B2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{146B78D6-6DD7-4177-BCCE-8151BCB9C6D3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{154C7056-64E8-4CF8-A3C2-34E511BFFE75}" = lport=5358 | protocol=6 | dir=in | app=system |
"{1B1F3F1C-758E-4492-9C6C-8AB7464B5F77}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{1F3709CA-FA3B-4D53-9208-C1534D0B0569}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{35E26673-9721-44B2-878F-DD45F8EA8D54}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38193301-B0E1-4320-9AD6-F17192F78E61}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3836B403-DB57-46EF-BA43-7DDB86FA615D}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{4AEF646A-6EAC-4DC9-B8D0-C85DEF968A16}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{4B9455D3-C75B-4419-906D-CFCC975767B1}" = rport=5357 | protocol=6 | dir=out | app=system |
"{4DCFCC28-27F7-4502-85A4-C4C7DB6E9433}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{59FFB2C5-E521-4C31-B05E-0B9BFA278282}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6095F363-553D-4A1B-90F6-F46033AFA674}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{6A11803F-EBC4-4674-9848-5E05AACAEDC6}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{6D2AB161-CB58-410C-BBC3-4417558D085E}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{7314AF84-3E35-4308-9773-24BA968A3B69}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{737D5362-9D32-47D9-86C6-C947174B13CD}" = rport=5358 | protocol=6 | dir=out | app=system |
"{8B8CB1B0-0EA6-4651-B9D5-95BD8D5E4522}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{97CE7EA1-2FDF-4A15-8DA6-E4D89F517387}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{AE4DC540-CDF9-4F22-AA9A-FBE382202269}" = lport=3389 | protocol=6 | dir=in | app=system |
"{BC2B5196-EEED-4E5A-A950-014382AE15DA}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{C103B31E-5E2A-42AD-9731-0A80A27B39D4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C177E9BA-A76F-4FEF-ADE1-57F6EFCB3BF9}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{C47841F9-83A7-4DD5-BF56-9E1306EC8C50}" = lport=5357 | protocol=6 | dir=in | app=system |
"{C8B28F57-E272-4D58-8FFA-4EC6BE59EDAF}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{D35B72AA-DFD1-4E98-8C0E-F3D5301A5971}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{EC972AF3-E6E6-40D9-BF8E-0C4C21DD4CCA}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{ECB661C9-96E6-4938-B91A-24F7160F6E4C}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{F296115C-5F56-4A4F-BFD2-C5B90141584E}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{F9EAA3FF-F6BC-48CA-916F-F49C29F8D817}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03928B6D-BA82-45D1-9AC3-C7D42BC2CFF6}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{07F83021-626F-430D-91D3-66A0AFBDEC3D}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{0A55D19B-208D-418B-8832-D9529AFAB672}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{0A8097E9-267F-4E14-B0FC-7DFFBC1D4E90}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{0A819280-EFB1-4ADF-A9DB-444AB68D30C2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{0ECDEA8A-1932-4AA4-9058-18AF40924DD1}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{0F00BE53-FE6E-40E1-94C6-B57D22207522}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\nexus the jupiter incident\runme.exe |
"{1E78B315-4BB3-4D18-9652-19698451B0C3}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{214E6B8A-57C6-4AEE-95D1-D38890ECAE29}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\world of goo\worldofgoo.exe |
"{2F264378-7AEE-4B01-BEC5-B54D03F723F9}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{303F6E3A-783C-4F2F-A424-226A5E6808CB}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{32B44E6C-036E-4147-8C9C-C78935E9C2AF}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{377294BE-7DBA-43FE-9DD4-8C11CD08A02C}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{498EB7DE-771D-463E-ABBE-33A3A53FDAA7}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\nexus the jupiter incident\runme.exe |
"{4A444937-F39D-4A10-8E10-8A001FC53191}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{4D1DEAC3-722A-404B-84F5-9212315E1CD4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{52C19E85-1AE7-4B9F-A3DA-104C2F64001B}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{59E38ADC-35CC-42FA-B9C4-0A27470C8153}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{60A1248D-BF55-43C2-9A31-63548D5A80DA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{65C887E2-783B-43FF-8DD1-00697B29AFE4}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{66381715-10CA-4166-8F0E-A42CA87F1B9B}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{6BEB9945-FF06-42A5-A1B1-5905BDB5A7CB}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{718E3AD7-D033-4DF0-8BA5-2C67C85532AF}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{72FAD3D3-A0AE-4873-90DB-5C779B4A2813}" = protocol=6 | dir=in | app=c:\users\krug_jona\appdata\roaming\rvgjrxgucn.exe |
"{73FAC16F-6E83-4215-98E9-5FE73C224BE0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{77D721FA-577D-48F3-BB03-68AA12EF575D}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{7B9CBB7F-F331-4A87-806A-BED7D5988EB9}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{7CC75AB5-A9A3-4E6D-AD7C-97770A5C0115}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{81C1854B-7D47-4067-8722-ADD2FA415F91}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{832FF8B9-D196-4409-A02E-A74C6327C196}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{83E8CC0F-FA28-4106-A863-19383262F21E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{8683F26F-8DC3-4CCA-9895-F4BDE151ED8B}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{878C98F3-2125-46E2-9C70-C9AD94610010}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8C474EBC-89FF-413A-9F50-508CDA57E6B2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{8F0673C9-CC80-45FC-8487-2E2159E1397E}" = protocol=17 | dir=in | app=c:\users\krug_jona\appdata\roaming\rvgjrxgucn.exe |
"{A48ACE85-7900-485C-9588-624AD19FAAED}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{A72BEBB5-586E-4268-BAC9-19D302C25566}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{A8146A3E-0FAF-4D50-82E0-33D7047BB5BA}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{AEA3060E-B60D-44BF-9E1D-519806184A58}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{B039EAE9-4988-4A2E-BE9B-28C74D29A8FA}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{B227A894-2787-4DE7-B777-17C87AE7FD83}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{C25317D2-A62B-402E-B016-07F315E01FAC}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C540555E-FCEC-4AA6-8D83-6707A2C329DC}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{C56FB22B-1553-4A22-8B73-E614CEDCFAE4}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C951C2DD-691A-4FF9-B6C9-065007A7E20D}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{CBFB076A-D308-463A-ABB8-4EA464144A25}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{CD89DEB9-B844-40C2-9CD9-CE0585CCEB94}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{CE420B11-E0C7-4ACC-BF69-7244EBB91B66}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{D231C48A-FDC1-4AF1-88A9-E3E4D12C3A14}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D4F667E4-AB7C-4D7D-ACD2-A10E304A310D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{D597C008-10D1-47DB-B826-44536A944C4D}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{E1164BD0-1F98-41CD-8BCF-DF72369235ED}" = dir=in | app=c:\program files\pharossystems\core\ctskmstr.exe |
"{E1F61CA2-4AC4-4D34-BD6D-FADBE6923DF7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E7E32945-A65C-44BA-A549-179D43BFFD2C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EA4ABAD4-6C93-4D42-9C4F-DF884565C681}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\world of goo\worldofgoo.exe |
"{F0E01767-BEBE-4BF1-83BC-AA57E438DBA4}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{F9BED76E-C09A-40EC-B94E-4BAC672CBA7B}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{FCACD946-E4E5-4B13-A68D-D94969A621D4}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{FD5DA95C-8B78-4A5A-A091-7E2DDA190E47}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{FE11DD40-1AA3-4A47-BCA7-7A1176909273}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"TCP Query User{1759292B-EAFE-41C5-9886-F000A3286B02}C:\program files\aim6\aim6.exe" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"TCP Query User{28A164BB-91F2-4A00-83F1-070DAAB66FB3}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{2ACAFDC3-A9B9-4A8D-BA9D-47B263FBD671}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{37C4F849-BA73-4D6B-A6A8-DB517ED65DBF}C:\program files\icechat7\icechat7.exe" = protocol=6 | dir=in | app=c:\program files\icechat7\icechat7.exe |
"TCP Query User{39F78A67-04EF-4014-A436-26AD26686BAB}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
"TCP Query User{3F46FDFA-089A-4319-ABB3-51BADA7EE590}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"TCP Query User{40DA43E4-1914-40CD-84E1-BDB5749469D4}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{4E06D0F6-19B1-4A48-AE80-01CF2AF8048F}C:\program files\microsoft office communicator\communicator.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office communicator\communicator.exe |
"TCP Query User{5FA2EA80-7E2E-4778-BC89-BCF449B48E42}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{60D9C096-D3D8-41C9-B40A-0B64F44D4BE5}C:\users\krug_jona\appdata\roaming\rvgjrxgucn.exe" = protocol=6 | dir=in | app=c:\users\krug_jona\appdata\roaming\rvgjrxgucn.exe |
"TCP Query User{61D8291A-F6FE-44C5-BD42-531A5E60D43C}C:\program files\icechat7\icechat7.exe" = protocol=6 | dir=in | app=c:\program files\icechat7\icechat7.exe |
"TCP Query User{65492C04-AC72-4D8F-AF26-E86178EE762D}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
"TCP Query User{6F1F1A2B-4087-4BCA-8C06-6D7BB9F069FB}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"TCP Query User{7623BD99-5B34-4000-83B0-EDE8E83DEE24}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{782374E0-5DB5-4F0A-A806-55FA39D584E1}C:\program files\xchat\xchat.exe" = protocol=6 | dir=in | app=c:\program files\xchat\xchat.exe |
"TCP Query User{7B19170D-5E0B-4B7B-9E6A-E0CB17C0B5F0}C:\program files\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"TCP Query User{89B31C58-4596-4B83-9A08-4B22AF41C833}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{92A418B3-4606-4BD7-BF86-697D44FC273C}C:\program files\steam\steamapps\carpathia1\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\carpathia1\team fortress 2\hl2.exe |
"TCP Query User{D2D8AABB-4BB4-41A7-83D3-5E40FE1BA6EA}C:\program files\quicktime\quicktimeplayer.exe" = protocol=6 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |
"UDP Query User{07ADBFEA-3FBF-43EB-B991-C495807AF24D}C:\users\krug_jona\appdata\roaming\rvgjrxgucn.exe" = protocol=17 | dir=in | app=c:\users\krug_jona\appdata\roaming\rvgjrxgucn.exe |
"UDP Query User{160D5F94-56B6-4EC6-A688-0561057916CF}C:\program files\xchat\xchat.exe" = protocol=17 | dir=in | app=c:\program files\xchat\xchat.exe |
"UDP Query User{175BECFE-4D61-45C2-8DB7-82D54B1FA699}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"UDP Query User{273BC7DE-FC26-4B6A-B8AD-8EBCFBBF0E5D}C:\program files\steam\steamapps\carpathia1\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\carpathia1\team fortress 2\hl2.exe |
"UDP Query User{27C113CE-44C8-4895-B4EF-A568C288697F}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{32471817-1699-4287-9161-50F86286A810}C:\program files\microsoft office communicator\communicator.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office communicator\communicator.exe |
"UDP Query User{3E6C3109-E81A-40E5-AF09-37BD0D759895}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"UDP Query User{42CFD2FB-1C14-41BE-B893-99F4193E0E1C}C:\program files\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"UDP Query User{4D935D1D-D091-439B-8C89-79CA06E3F660}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{82728220-0684-4EE7-ADBF-0D8879A9657F}C:\program files\aim6\aim6.exe" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"UDP Query User{A7B01498-9850-4544-9A94-5AAD954DD966}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{A999A891-D74D-432E-83A3-31C74832CDA3}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{B248EE2F-4729-4279-9080-C318AFF6BD62}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
"UDP Query User{B7ACCBE1-3462-4479-8C51-10E0A4EB431B}C:\program files\quicktime\quicktimeplayer.exe" = protocol=17 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |
"UDP Query User{B840A041-7A8E-460D-AF9F-E3AFD419FBAF}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{C9D2E7EB-3A9A-4FF6-82A9-729929B859A7}C:\program files\icechat7\icechat7.exe" = protocol=17 | dir=in | app=c:\program files\icechat7\icechat7.exe |
"UDP Query User{EEBC08DF-D751-401C-9073-7F9570C2423C}C:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe |
"UDP Query User{F3820D82-3E0A-4462-BD2D-C50AE8FCE8ED}C:\program files\icechat7\icechat7.exe" = protocol=17 | dir=in | app=c:\program files\icechat7\icechat7.exe |
"UDP Query User{F5B7131F-4881-49EE-B9F7-0AA469D097DB}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{1238738A-F911-46AD-B4D1-8A470039F6CE}" = LexisNexis CaseMap 8
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility
"{1A0D2EFC-C4FC-446A-8BC3-57A54CE5EADD}" = Opera 10.53
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2111B23F-7FDA-4A41-8309-E5A1663CA296}" = ThinkPad Keyboard Customizer Utility
"{23D683DD-93C6-48E6-B84E-78B57778F126}" = Oblivion - Construction Set
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 18
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB5764A-3894-49A2-BAA8-C4665F74CD4C}" = Registry patch to improve USB device detection on resume from sleep for Windows Vista
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}" = Oblivion - Vile Lair
"{530AFAFF-6F0A-48BB-88D0-04F9658322D3}" = Adobe Premiere Elements 3.0.2
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5AE5DB70-5CE6-4876-A83E-8246CC36FC28}" = Microsoft Office PowerPoint 2007 Get Started Tab
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{63AFACBC-4795-4A1B-8037-5085DC03FC54}" = Microsoft LifeCam
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Presentation Director
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{68B52EFD-86CC-486E-A8D0-A3A1554CB5BC}" = Microsoft Office Word 2007 Get Started Tab
"{69187EC5-F5CF-4B2C-B920-5A17F44D9685}" = Pantech PCSuite
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{6CF08AD2-00C5-4A63-B74B-2EFFFAFEBE1A}" = Microsoft Outlook Web Access S/MIME
"{6EACDDF4-4220-49A3-9204-984C86852C3D}" = Adobe Premiere Elements 3.0.2 Templates
"{717F5741-5C2E-4469-BDA0-B5EC2243646F}_is1" = TPFanControl v0.62
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7DCFE14B-8F0E-47BF-863A-84757F038D7C}" = FaceGen Modeller 3.3 Free
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{88038160-9BCB-47BE-A5C3-5CE2DC115509}" = Star Wars Galaxies
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{A0A20753-92DF-4631-82B4-9CACE2FCED6A}" = Oblivion - The Fighter's Stronghold
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AB706D91-2242-4E1D-B4D0-1ED35387F5A7}" = Microsoft Office Excel 2007 Get Started Tab
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEC761C3-5333-4A5B-A040-255ACD15E51F}" = Pantech PCSuite
"{AF9A093E-4322-4D6D-809F-BB7DCA007067}" = FileZilla
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Windows Live Sign-in Assistant
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B9676D15-E0EC-42c2-8C16-F3D9648C44AF}" = PANTECH Handset USB Driver
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BAA11826-70EF-4E44-9E97-8476793E022F}" = Launchpad Enhanced
"{BE5AD430-9E0C-4243-AB3F-593835869855}" = Microsoft Office Communicator 2005
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CB867DC1-54D1-4ABF-A0DE-1BC9B94E6C57}" = WS_FTP 5.08
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE338B36-46D0-4A71-A234-E5005600D7D0}" = LexisNexis CaseMap 8
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D728E945-256D-4477-B377-6BBA693714AC}" = Productivity Center Supplement for ThinkPad
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Power Manager
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F00A3A54-C293-8F64-7C6D-9A4C09106FD8}" = Antivirus 2010
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM Toolbar" = AIM Toolbar
"AIM_7" = AIM 7
"Any Flv Player_is1" = Any Flv Player 2.5.1
"AnyDVD" = AnyDVD
"Audacity_is1" = Audacity 1.2.6
"avast5" = avast! Free Antivirus
"AwayTask" = Maintenance Manager
"BSPlayerf" = BS.Player FREE
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem
"CobBackup9" = Cobian Backup 9
"comtypes-py2.5" = Python 2.5 comtypes-0.5.2
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dipmon" = Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista
"DivX Free Codec" = DivX Free Codec
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Evil Genius_is1" = Evil Genius V1.01
"FlashGet 3.3" = FlashGet 3.3
"FLV Player" = FLV Player 2.0 (build 25)
"IceChat_is1" = IceChat 7.63 (Build 20080417)
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"Keeper" = Dungeon Keeper Gold
"LENOVO.SMIIF" = Lenovo System Interface Driver
"leogeo_timebeat_is1" = leogeo_timebeat
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Forefront UAG endpoint components 3.1.0" = Microsoft Forefront UAG endpoint components v4.0.0
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NVIDIA Drivers" = NVIDIA Drivers
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.12
"OnScreenDisplay" = On Screen Display
"Orbit_is1" = Orbit Downloader
"PeerGuardian_is1" = PeerGuardian 2.0
"Pharos" = Pharos
"PIL-py2.5" = Python 2.5 PIL-1.1.6
"Power Management Driver" = ThinkPad Power Management Driver
"PremElem30" = Adobe Premiere Elements 3.0.2
"PROSet" = Intel® PRO Network Connections Drivers
"psyco-py2.5" = Python 2.5 psyco-1.6
"pywin32-py2.5" = Python 2.5 pywin32-212
"RealPlayer 6.0" = RealPlayer
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Steam App 17500" = Zombie Panic Source
"Steam App 215" = Source SDK Base 2006
"Steam App 22000" = World of Goo
"Steam App 440" = Team Fortress 2
"Steam App 630" = Alien Swarm
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"TreeSize Free_is1" = TreeSize Free V2.3.3
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"Unofficial Oblivion Patch_is1" = Unofficial Oblivion Patch v3.2.0
"Unofficial Official Mods Patch_is1" = Unofficial Official Mods Patch v15
"Unofficial Shivering Isles Patch_is1" = Unofficial Shivering Isles Patch v1.4.0
"USBPMon" = Registry patch for Windows Vista USB S3 PM Enablement
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinRAR archiver" = WinRAR archiver
"wxPython2.8-ansi-py25_is1" = wxPython 2.8.7.1 (ansi) for Python 2.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Third Age - Total War 1.0 Part1" = Third Age - Total War 1.0 Part1
"Third Age - Total War 1.0 Part2" = Third Age - Total War 1.0 Part2
"Third Age - Total War Hotfix1" = Third Age - Total War Hotfix1
"Third Age - Total War Patch 1.1" = Third Age - Total War Patch 1.1
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 3/24/2010 9:26:58 AM | Computer Name = 002186984B81 | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 3/19/2010 2:07:49 PM | Computer Name = 002186984B81 | Source = Windows Search Service | ID = 3013
Description =
Error - 3/19/2010 2:07:49 PM | Computer Name = 002186984B81 | Source = Windows Search Service | ID = 3013
Description =
Error - 3/19/2010 2:07:50 PM | Computer Name = 002186984B81 | Source = Windows Search Service | ID = 3013
Description =
Error - 3/19/2010 2:07:50 PM | Computer Name = 002186984B81 | Source = Windows Search Service | ID = 3013
Description =
Error - 3/19/2010 2:07:50 PM | Computer Name = 002186984B81 | Source = Windows Search Service | ID = 3013
Description =
Error - 3/19/2010 2:07:50 PM | Computer Name = 002186984B81 | Source = Windows Search Service | ID = 3013
Description =
Error - 3/19/2010 2:07:50 PM | Computer Name = 002186984B81 | Source = Windows Search Service | ID = 3013
Description =
Error - 3/19/2010 2:07:50 PM | Computer Name = 002186984B81 | Source = Windows Search Service | ID = 3013
Description =
Error - 3/19/2010 2:07:50 PM | Computer Name = 002186984B81 | Source = Windows Search Service | ID = 3013
Description =
Error - 3/19/2010 2:07:50 PM | Computer Name = 002186984B81 | Source = Windows Search Service | ID = 3013
Description =
[ OSession Events ]
Error - 1/14/2010 11:00:58 AM | Computer Name = 002186984B81 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 466
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2/3/2010 10:40:17 PM | Computer Name = 002186984B81 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 23116
seconds with 360 seconds of active time. This session ended with a crash.
Error - 2/4/2010 8:50:59 PM | Computer Name = 002186984B81 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 20088
seconds with 1680 seconds of active time. This session ended with a crash.
Error - 2/14/2010 9:10:30 PM | Computer Name = 002186984B81 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 198221
seconds with 1980 seconds of active time. This session ended with a crash.
Error - 2/25/2010 5:02:26 PM | Computer Name = 002186984B81 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 25964
seconds with 480 seconds of active time. This session ended with a crash.
Error - 4/5/2010 12:16:34 AM | Computer Name = 002186984B81 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 217899
seconds with 1260 seconds of active time. This session ended with a crash.
Error - 5/8/2010 8:52:37 AM | Computer Name = 002186984B81 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 161201
seconds with 360 seconds of active time. This session ended with a crash.
Error - 6/10/2010 3:21:48 AM | Computer Name = 002186984B81 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6324.5001, Microsoft Office Version: 12.0.6215.1000. This session lasted 33883
seconds with 120 seconds of active time. This session ended with a crash.
Error - 7/8/2010 9:42:25 PM | Computer Name = 002186984B81 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 27837
seconds with 540 seconds of active time. This session ended with a crash.
Error - 8/21/2010 12:01:42 PM | Computer Name = 002186984B81 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 82166
seconds with 3600 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 8/26/2010 5:57:36 PM | Computer Name = 002186984B81 | Source = HTTP | ID = 15016
Description =
Error - 8/26/2010 5:57:36 PM | Computer Name = 002186984B81 | Source = Microsoft-Windows-TaskScheduler | ID = 412
Description =
Error - 8/26/2010 5:58:56 PM | Computer Name = 002186984B81 | Source = Service Control Manager | ID = 7000
Description =
Error - 8/26/2010 6:02:46 PM | Computer Name = 002186984B81 | Source = Service Control Manager | ID = 7022
Description =
Error - 8/27/2010 2:58:56 AM | Computer Name = 002186984B81 | Source = Microsoft-Windows-TaskScheduler | ID = 412
Description =
Error - 8/27/2010 2:58:56 AM | Computer Name = 002186984B81 | Source = HTTP | ID = 15016
Description =
Error - 8/27/2010 2:59:13 AM | Computer Name = 002186984B81 | Source = Service Control Manager | ID = 7000
Description =
Error - 8/28/2010 6:17:47 PM | Computer Name = 002186984B81 | Source = HTTP | ID = 15016
Description =
Error - 8/28/2010 6:17:47 PM | Computer Name = 002186984B81 | Source = Microsoft-Windows-TaskScheduler | ID = 412
Description =
Error - 8/28/2010 6:19:11 PM | Computer Name = 002186984B81 | Source = Service Control Manager | ID = 7000
Description =
< End of report >
This topic is locked
Attach.txt 13.69KB
3 downloads
Back to top
