Hi guys, re-posting this from another board (http://en.community.dell.com/support-forums/virus-spyware/f/3522/p/19343360/19739439.aspx#19739439) at the recommendation of a few of the regulars. Let me know if you need any additional info. I'm not experiencing any symptoms that I'd consider unusual other than the CPU pegging sometimes, but they thought you might be able to point me in the right direction. --- Hey all, This is my first post, so bear with me if I make some newbie mistakes. I usually solve my own problems, but this one's got me stumped, and honestly, don't we all just want to get back to work? :) So maybe you can help me out... I see lots of people submitting HijackThis reports when they have similar problems, so I'm attaching one. A bit of background info on this problem... This started when I upgraded to Windows 7 Ultimate 64-bit. Prior to this, I had Windows Vista Ultimate 64-bit, which was clean-installed. I used the upgrade procedure from Windows 7 to upgrade, and it went pretty well. This problem did not begin occurring immediately; it's rather recent. I would say that it started approximately 30-60 days ago, so it may have been either from a Windows update or a program I installed within that time. One in particular that I can think of is CrashPlan, so if anyone knows if that causes such a problem, let me know. I also run a virtual machine on this laptop...strangely, the virtual machine keeps running without a problem even when I can't open other programs, or open them properly. However, closing it down doesn't resolve the issue. There are several things that may happen when my computer gets into this state: Programs do not open. For example, if I try to open Process Explorer (with which I replaced my Task Manager), it simply does not open. The computer does not freeze, but the program does not open. Sometimes a Web browser will open and then immediately freeze. Today I had the QuickTime installer freeze about 75% through the installation. When I clicked Stop, it didn't stop, and I couldn't force-close it due to not being able to open Process Explorer... Other times, a Web Browser will open and be unable to load pages. NOTE: I do not receive a page not found error. The progress indicator simply cycles forever, and the page does not load. I can observe this in Internet Explorer 8, Google Chrome (latest), and I think Firefox 3.6 (latest or second-latest). Firefox was freezing the latest time, though. As mentioned in the title, a reboot fixes this every time. I haven't measured specifically, but it tends to take 2-3 days before I need to reboot again. Oh, sometimes I have to reboot because the CPU starts pegging at 100% with no way to stop it. I think that these two issues are related. What this seems to indicate to me is that these programs are waiting for a response from some system process, which isn't giving it. One time, when nosing around in Process Explorer, I noticed the WMI Provider Service consuming a lot of CPU and that it was waiting for...something. I didn't have time to debug it with kernel dumps and stuff, and don't really have much experience with it...but I just mention it since maybe it's a similar thing here. So I'm wondering...what should I do to debug/troubleshoot this issue effectively? I don't really want to do a system restore, and I don't want to clean-install the OS. This upgrade to Windows 7 actually started out really nicely...and if I could solve this issue, it'd be fine. I've bought more RAM to max it out, but somehow I don't think that alone will do the trick. Any ideas? See any red flags in my HijackThis report? Let me know! Or let me know where I could post this to the right audience if this is not it. Thanks for any ideas you may have. Kevin

Hi kkaland, Sorry for the delay in replying, I did not get an email notification. Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2MBAM may 'make changes to your registry' as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes. Make sure you are connected to the Internet. Double-click on mbam-setup.exe to install the application. When the installation begins, follow the prompts and do not make any changes to default settings. When installation has finished, make sure you leave both of these checked: Update Malwarebytes' Anti-Malware Launch Malwarebytes' Anti-Malware Then click Finish. MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install. On the Scanner tab: Make sure the 'Perform Quick Scan' option is selected. Then click on the Scan button. If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and 'Scan in progress' will show at the top. It may take some time to complete so please be patient. When the scan is finished, a message box will say 'The scan completed successfully. Click 'Show Results' to display all objects found'. Click OK to close the message box and continue with the removal process. Back at the main Scanner screen: Click on the Show Results button to see a list of any malware that was found. Make sure that everything is checked, and click Remove Selected. When removal is completed, a log report will open in Notepad. The log is automatically saved and can be viewed by clicking the Logs tab in MBAM. Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system. Exit MBAM when done. Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. Then please download OTL to your desktop. Double click the icon to start the tool. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator). Put a check in the box next to Lop Check and Purity Check Click Run Scan and let the program run uninterrupted. When the scan is complete, two text files will be created on your Desktop. OTL.Txt <- this one will be opened Extras.txt <- this one will be minimized . Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of OTL.Txt and the Extras.txtin your next reply. Please post the MBAM log and BOTH OTL logs, These will be long logs, so please use multipul post if need be. Thanks K27.

Hi, Please do not reinstall Avast, it is never a good idea to have two Anti-Virus programs running as they will conflict with each other and leave you with an unstable and insecure system. Please go to THIS site for and follow the instructions for downloading and running the Avast Removal Tool. Then please follow these instructions for re-running MBAM Double click your Malwarebytes desktop icon Click the UPDATE tab at the top Scan for and install any updates it finds Then choose the SCANNER tab and run a FULL SCAN Once finished if MBAM found anything please click Show Results Make sure EVERYTHING has a check in the box next to it and then click Remove Selected Post the MBAM log results back to this thread NOTE: If MBAM encounters a file that is hard to remove it will prompt for a delete on reboot, answer yes to this and once rebooted please run another scan and post that scan's log results along with the log results from before reboot which can be found under the LOGS tab of Malwarebytes. Then please re-run and post a fresh OTL log, there will be no Extras log created, this is only created on the first run of the tool. Please post back the MBAM log, the OTL log, and a status report on how the system is running <--Important, please answer this Thanks

Start a Conversation

kkaland

1 Rookie

•

47 Posts

8401

August 23rd, 2010 22:00

Windows 7 - Programs Stop Opening (Intermittent - reboot fixes for a few days)

Hi guys, re-posting this from another board (http://en.community.dell.com/support-forums/virus-spyware/f/3522/p/19343360/19739439.aspx#19739439) at the recommendation of a few of the regulars. Let me know if you need any additional info. I'm not experiencing any symptoms that I'd consider unusual other than the CPU pegging sometimes, but they thought you might be able to point me in the right direction.

---

Hey all,

This is my first post, so bear with me if I make some newbie mistakes. I usually solve my own problems, but this one's got me stumped, and honestly, don't we all just want to get back to work? :) So maybe you can help me out...

I see lots of people submitting HijackThis reports when they have similar problems, so I'm attaching one.

A bit of background info on this problem...

This started when I upgraded to Windows 7 Ultimate 64-bit. Prior to this, I had Windows Vista Ultimate 64-bit, which was clean-installed. I used the upgrade procedure from Windows 7 to upgrade, and it went pretty well. This problem did not begin occurring immediately; it's rather recent. I would say that it started approximately 30-60 days ago, so it may have been either from a Windows update or a program I installed within that time. One in particular that I can think of is CrashPlan, so if anyone knows if that causes such a problem, let me know. I also run a virtual machine on this laptop...strangely, the virtual machine keeps running without a problem even when I can't open other programs, or open them properly. However, closing it down doesn't resolve the issue.

There are several things that may happen when my computer gets into this state:

Programs do not open. For example, if I try to open Process Explorer (with which I replaced my Task Manager), it simply does not open. The computer does not freeze, but the program does not open.
Sometimes a Web browser will open and then immediately freeze.
Today I had the QuickTime installer freeze about 75% through the installation. When I clicked Stop, it didn't stop, and I couldn't force-close it due to not being able to open Process Explorer...
Other times, a Web Browser will open and be unable to load pages. NOTE: I do not receive a page not found error. The progress indicator simply cycles forever, and the page does not load. I can observe this in Internet Explorer 8, Google Chrome (latest), and I think Firefox 3.6 (latest or second-latest). Firefox was freezing the latest time, though.

As mentioned in the title, a reboot fixes this every time. I haven't measured specifically, but it tends to take 2-3 days before I need to reboot again. Oh, sometimes I have to reboot because the CPU starts pegging at 100% with no way to stop it. I think that these two issues are related.

What this seems to indicate to me is that these programs are waiting for a response from some system process, which isn't giving it. One time, when nosing around in Process Explorer, I noticed the WMI Provider Service consuming a lot of CPU and that it was waiting for...something. I didn't have time to debug it with kernel dumps and stuff, and don't really have much experience with it...but I just mention it since maybe it's a similar thing here.

So I'm wondering...what should I do to debug/troubleshoot this issue effectively? I don't really want to do a system restore, and I don't want to clean-install the OS. This upgrade to Windows 7 actually started out really nicely...and if I could solve this issue, it'd be fine. I've bought more RAM to max it out, but somehow I don't think that alone will do the trick.

Any ideas? See any red flags in my HijackThis report? Let me know! Or let me know where I could post this to the right audience if this is not it.

Thanks for any ideas you may have.

Kevin

Responses(31)
Solutions(0)

kevin27_b3d29f

2 Intern

•

1.5K Posts

September 6th, 2010 12:00

HI kkaland,

Welcome to Dell Community Malware Removal Forums,

Sorry for the delay in getting to you, I'm K27 and i will be reviewing your log for you.

Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.

Please Print or Save to Notepad all instructions and please follow them carefully and if there's something you don't understand or that will not work please let me know and we will go through it together.

Please DO NOT use this system for anything apart from visiting this forum and other sites I direct you too, as this will only make the cleanup process all the more diffecult.

Failure to reply in three (3) days will result in this topic being closed and I will remove it from my notifications, If you require more time then that is fine but please let me know.

Please COPY/PASTE a fresh HJT log back to this thread if you still require assistance,

Thanks.

kkaland

1 Rookie

•

47 Posts

September 7th, 2010 12:00

Thanks a lot, K27! I was worried I'd be left in the dust :) I was almost going to give up and call Dell Tech Support, and probably be told to reformat...

Note that my system's in French at the moment. If you need me to change it back to English, let me know. I just say this since I see in the log that some of the service names are in French, but maybe you'll just recognize the process names.

HJT LOG IS PASTED BELOW

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:31:43 AM, on 9/7/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files (x86)\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
C:\Program Files (x86)\ThreatFire\TFService.exe
C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\FeedDemon\FeedDemon.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\invoiceSync\bin\timerSync.exe
C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
C:\Users\Kevin\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files (x86)\Bug Shooting\BugShooting.exe
C:\Program Files\CrashPlan\CrashPlanTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Users\Kevin\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
C:\Program Files (x86)\FindAndRunRobot\FindAndRunRobot.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\TimeLeft3\TimeLeft.exe
C:\Program Files (x86)\ThreatFire\TFTray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\oDesk\oDeskTeam.exe
C:\Program Files (x86)\oDesk\oDeskHelper.exe
C:\Program Files (x86)\PuTTY\pageant.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Evernote\Evernote3.5\Evernote.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Kevin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = actsvr.comcastonline.com:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = actsvr.comcastonline.com;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: 66.29.142.32 easttennrealestate_new.com
O1 - Hosts: 66.29.142.32 www.easttennrealestate_new.com
O1 - Hosts: 64.49.194.98 ers.staging.swhp.org
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [T-Mobile Connection Manager] "C:\Program Files (x86)\T-Mobile\Connection Manager\TMobileCM.exe" -a
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Evernote] "C:\Program Files (x86)\Evernote\Evernote3.5\evernote.exe" /minimized
O4 - HKCU\..\Run: [FeedDemon] "C:\Program Files (x86)\FeedDemon\FeedDemon.exe" /startminimized
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kevin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Syncplicity] C:\Program Files\Syncplicity\Syncplicity.exe
O4 - HKCU\..\Run: [invoiceSyncTimer] C:\Program Files (x86)\invoiceSync\bin\timerSync.exe
O4 - HKCU\..\Run: [OpenDNS Updater] "C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: AutorunsDisabled
O4 - Startup: CNET TechTracker.lnk = C:\Users\Kevin\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
O4 - Startup: Find And Run Robot.lnk = C:\Program Files (x86)\FindAndRunRobot\FindAndRunRobot.exe
O4 - Startup: KaVoom! KM.lnk = C:\Program Files\KaVoom! KM\x64\KaVoomKM.exe
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Startup: TimeLeft.lnk = C:\Program Files (x86)\TimeLeft3\TimeLeft.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Bug Shooting.lnk = C:\Program Files (x86)\Bug Shooting\BugShooting.exe
O4 - Global Startup: CrashPlan Tray.lnk = C:\Program Files\CrashPlan\CrashPlanTray.exe
O4 - Global Startup: Dell ControlPoint System Manager.lnk = C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
O4 - Global Startup: LogMeIn Hamachi.lnk = C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
O8 - Extra context menu item: Add to &Evernote - res://C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll/2000
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sdcCommon/download/DSL/Verizon%20High%20Speed%20Internet%20Installer.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ambient Light Sensor (alssvc64) - Dell Inc. - C:\Program Files (x86)\Dell\Ambient Light Sensor\AlsSvc.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Dell ControlPoint Button Service (buttonsvc64) - Dell Inc. - C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
O23 - Service: T-Mobile Con App Svc (CATmobile) - SmithMicro Inc. - C:\Program Files (x86)\T-Mobile\Connection Manager\conappssvc.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: CrashPlan Backup Service (CrashPlanService) - Unknown owner - C:\Program Files\CrashPlan\CrashPlanService.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Dell ControlPoint System Manager (dcpsysmgrsvc) - Dell Inc. - C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: DirMngr - Unknown owner - C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
O23 - Service: dlbt_device - Unknown owner - C:\Windows\system32\dlbtcoms.exe (file missing)
O23 - Service: dlcc_device - Unknown owner - C:\Windows\system32\dlcccoms.exe (file missing)
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: GtDetectSc - OptionNV - C:\Program Files\Telenor\Mobilt bredbånd\GtDetectSc.exe
O23 - Service: Google Update Service (gupdate1ca0e568caef30) (gupdate1ca0e568caef30) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KaVoom! KM - KaVoom Software Inc. - C:\Program Files\KaVoom! KM\x64\KaVoomKM.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: MailEnable List Connector (MELCS) - Unknown owner - C:\Program Files (x86)\Mail Enable\Bin64\MELSC.EXE
O23 - Service: MailEnable Mail Transfer Agent (MEMTAS) - Unknown owner - C:\Program Files (x86)\Mail Enable\Bin64\MEMTA.EXE
O23 - Service: MailEnable Postoffice Connector (MEPOCS) - Unknown owner - C:\Program Files (x86)\Mail Enable\Bin64\MEPOC.EXE
O23 - Service: MailEnable POP Service (MEPOPS) - Unknown owner - C:\Program Files (x86)\Mail Enable\Bin64\MEPOPS.EXE
O23 - Service: MailEnable SMTP Connector (MESMTPCS) - Unknown owner - C:\Program Files (x86)\Mail Enable\Bin64\MESMTPC.EXE
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Pare-feu Windows (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Smith Micro Connection Manager Service (SMManager) - Smith Micro Software, Inc. - C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\STacSV64.exe
O23 - Service: Acquisition d’image Windows (WIA) (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NTRU TSS v1.2.1.29 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files (x86)\ThreatFire\TFService.exe
O23 - Service: T-Mobile RcApp Svc (TMobileRcAppSvc) - SmithMicro Inc. - C:\Program Files (x86)\T-Mobile\Connection Manager\RcAppSvc.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: wampapache - Apache Software Foundation - c:\p\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\p\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: Windows Defender (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--
End of file - 36318 bytes

kevin27_b3d29f

2 Intern

•

1.5K Posts

September 9th, 2010 08:00

Hi kkaland,

Sorry for the delay in replying, I did not get an email notification.

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

Make sure you are connected to the Internet.
Double-click on mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.

On the Scanner tab:

Make sure the "Perform Quick Scan" option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

Click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
Exit MBAM when done.

Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Then please download OTL to your desktop.

Double click the icon to start the tool. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

Put a check in the box next to Lop Check and Purity Check
Click Run Scan and let the program run uninterrupted.
When the scan is complete, two text files will be created on your Desktop.
OTL.Txt <- this one will be opened
Extras.txt <- this one will be minimized

Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of OTL.Txt and the Extras.txtin your next reply.

Please post the MBAM log and BOTH OTL logs, These will be long logs, so please use multipul post if need be.

Thanks
K27.

kkaland

1 Rookie

•

47 Posts

September 11th, 2010 01:00

MBAM

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Version de la base de données: 4593

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

9/11/2010 12:02:33 AM

mbam-log-2010-09-11 (00-02-33).txt

Type d'examen: Examen rapide

Elément(s) analysé(s): 164572

Temps écoulé: 11 minute(s), 37 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 1

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

C:\Windows\Temp\TMP0000035CC0D0149D04373B7D (Trojan.Dropper) -> Quarantined and deleted successfully.

OTL

OTL logfile created on: 9/11/2010 12:14:55 AM - Run 1

OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Kevin\Downloads

64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 62.00% Memory free

16.00 Gb Paging File | 13.00 Gb Available in Paging File | 78.00% Paging File free

Paging file location(s): c:\pagefile.sys 8180 8180 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 230.70 Gb Total Space | 14.32 Gb Free Space | 6.21% Space Free | Partition Type: NTFS

Drive D: | 2.00 Gb Total Space | 1.11 Gb Free Space | 55.36% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: MAGIC

Current User Name: Kevin

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Include 64bit Scans

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/11 00:14:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Downloads\OTL.exe

PRC - [2010/09/03 12:08:10 | 002,618,368 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe

PRC - [2010/09/02 17:58:56 | 000,975,928 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

PRC - [2010/09/02 14:09:52 | 004,120,000 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote3.5\Evernote.exe

PRC - [2010/08/18 20:36:18 | 004,615,680 | ---- | M] (DonationCoder.com) -- C:\Program Files (x86)\FindAndRunRobot\FindAndRunRobot.exe

PRC - [2010/06/19 19:04:31 | 000,038,840 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

PRC - [2010/06/19 12:36:46 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

PRC - [2010/06/16 14:42:58 | 000,839,680 | ---- | M] () -- C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe

PRC - [2010/06/15 19:53:48 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.2.183.29\GoogleCrashHandler.exe

PRC - [2010/06/14 18:53:19 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Users\Kevin\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe

PRC - [2010/06/11 16:21:16 | 000,083,440 | ---- | M] (Google) -- C:\Users\Kevin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/05/14 12:59:44 | 000,455,944 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe

PRC - [2010/05/03 02:31:34 | 003,840,000 | ---- | M] (Burcesoft) -- C:\Program Files (x86)\invoiceSync\bin\timerSync.exe

PRC - [2010/03/26 00:54:16 | 000,080,384 | ---- | M] () -- C:\Program Files (x86)\Bazaar\tbzrcache.exe

PRC - [2010/03/09 15:33:40 | 002,032,368 | ---- | M] (NesterSoft Inc.) -- C:\Program Files (x86)\TimeLeft3\TimeLeft.exe

PRC - [2010/03/05 10:13:13 | 000,217,088 | ---- | M] (Code 42 Software, Inc.) -- C:\Program Files\CrashPlan\CrashPlanTray.exe

PRC - [2010/01/20 11:36:00 | 002,977,792 | ---- | M] (Alexej Hirsch) -- C:\Program Files (x86)\Bug Shooting\BugShooting.exe

PRC - [2010/01/14 16:08:16 | 000,378,128 | ---- | M] (PC Tools) -- C:\Program Files (x86)\ThreatFire\TFTray.exe

PRC - [2010/01/14 16:08:12 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files (x86)\ThreatFire\TFService.exe

PRC - [2010/01/12 07:57:44 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe

PRC - [2009/11/15 07:37:02 | 007,022,592 | ---- | M] (NewsGator Technologies, Inc.) -- C:\Program Files (x86)\FeedDemon\FeedDemon.exe

PRC - [2009/08/09 02:49:26 | 003,986,552 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe

PRC - [2009/07/26 18:02:13 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2009/07/22 19:24:52 | 001,796,096 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe

PRC - [2009/07/22 19:24:28 | 000,076,288 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe

PRC - [2009/02/11 17:38:40 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

PRC - [2009/02/11 17:38:38 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2008/11/12 14:25:48 | 001,273,856 | ---- | M] () -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe

PRC - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe

PRC - [2006/09/11 04:40:32 | 000,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe

========== Modules (SafeList) ==========

MOD - [2010/09/11 00:14:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Downloads\OTL.exe

MOD - [2010/06/01 19:00:52 | 000,278,288 | ---- | M] (COMODO) -- C:\Windows\SysWOW64\guard32.dll

MOD - [2010/01/14 16:08:22 | 000,460,048 | ---- | M] (PC Tools) -- C:\Program Files (x86)\ThreatFire\TFWAH.dll

MOD - [2009/07/13 18:15:21 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fltLib.dll

MOD - [2009/07/13 18:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx

MOD - [2009/07/13 18:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)

SRV:64bit: - [2010/06/10 19:11:40 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)

SRV:64bit: - [2010/06/01 19:00:54 | 002,348,600 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)

SRV:64bit: - [2010/03/05 10:16:32 | 000,222,720 | ---- | M] (CrashPlan) [Auto | Running] -- C:\Program Files\CrashPlan\CrashPlanService.exe -- (CrashPlanService)

SRV:64bit: - [2009/11/24 16:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)

SRV:64bit: - [2009/11/24 16:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)

SRV:64bit: - [2009/10/27 00:03:03 | 003,094,672 | ---- | M] (KaVoom Software Inc.) [Auto | Running] -- C:\Program Files\KaVoom! KM\x64\KaVoomKM.exe -- (KaVoom! KM)

SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV:64bit: - [2009/07/30 10:35:54 | 001,048,576 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)

SRV:64bit: - [2009/07/30 10:16:40 | 000,402,432 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)

SRV:64bit: - [2009/07/22 19:24:28 | 000,076,288 | ---- | M] (Smith Micro Software, Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe -- (SMManager)

SRV:64bit: - [2009/07/16 13:26:04 | 000,510,752 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)

SRV:64bit: - [2009/07/13 18:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)

SRV:64bit: - [2009/07/13 18:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)

SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/13 18:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)

SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV:64bit: - [2009/06/29 10:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\stacsv64.exe -- (STacSV)

SRV:64bit: - [2009/06/11 20:07:18 | 002,515,968 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)

SRV:64bit: - [2009/06/03 13:10:20 | 001,555,456 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)

SRV:64bit: - [2009/04/27 14:43:56 | 000,420,432 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc64)

SRV:64bit: - [2009/03/02 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\AESTSr64.exe -- (AESTFilters)

SRV:64bit: - [2009/01/22 10:17:10 | 001,037,160 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)

SRV:64bit: - [2009/01/22 10:17:10 | 000,029,544 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)

SRV:64bit: - [2008/10/16 18:05:00 | 001,449,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)

SRV:64bit: - [2008/10/16 17:27:20 | 000,826,368 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)

SRV:64bit: - [2007/12/18 01:59:56 | 000,312,320 | ---- | M] (OptionNV) [Auto | Running] -- C:\Program Files\Telenor\Mobilt bredbånd\GtDetectSc.exe -- (GtDetectSc)

SRV:64bit: - [2007/10/17 23:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.exe -- (XAudioService)

SRV:64bit: - [2007/06/06 17:50:32 | 000,567,280 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlbtcoms.exe -- (dlbt_device)

SRV:64bit: - [2007/02/14 17:23:36 | 000,566,768 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlcccoms.exe -- (dlcc_device)

SRV - [2010/06/11 00:09:22 | 000,288,112 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)

SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/06/10 19:08:02 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010/06/09 09:23:13 | 000,120,712 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)

SRV - [2010/05/14 12:59:44 | 000,455,944 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)

SRV - [2010/03/30 11:16:14 | 001,823,112 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/01/14 16:08:12 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\ThreatFire\TFService.exe -- (ThreatFire)

SRV - [2010/01/12 07:57:44 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)

SRV - [2009/11/19 09:29:52 | 000,129,024 | ---- | M] (MailEnable Pty Ltd) [Auto | Running] -- C:\Program Files (x86)\Mail Enable\Bin64\MELSC.exe -- (MELCS)

SRV - [2009/11/19 09:29:44 | 000,135,168 | ---- | M] (MailEnable Pty Ltd) [Auto | Running] -- C:\Program Files (x86)\Mail Enable\Bin64\MEMTA.exe -- (MEMTAS)

SRV - [2009/11/19 09:29:34 | 000,257,536 | ---- | M] (MailEnable Pty Ltd) [Auto | Running] -- C:\Program Files (x86)\Mail Enable\Bin64\MEPOPS.exe -- (MEPOPS)

SRV - [2009/11/19 09:29:26 | 000,518,144 | ---- | M] (MailEnable Pty Ltd) [Auto | Running] -- C:\Program Files (x86)\Mail Enable\Bin64\MEPOC.exe -- (MEPOCS)

SRV - [2009/11/19 09:29:20 | 000,587,264 | ---- | M] (MailEnable Pty Ltd) [Auto | Running] -- C:\Program Files (x86)\Mail Enable\Bin64\MESMTPC.exe -- (MESMTPCS)

SRV - [2009/06/17 11:18:42 | 006,582,912 | ---- | M] () [On_Demand | Stopped] -- c:\p\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe -- (wampmysqld)

SRV - [2009/02/17 09:37:38 | 000,231,936 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe -- (DirMngr)

SRV - [2009/02/11 17:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)

SRV - [2009/01/05 17:48:16 | 000,120,088 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\T-Mobile\Connection Manager\RcAppSvc.exe -- (TMobileRcAppSvc)

SRV - [2009/01/05 17:47:30 | 000,124,184 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\T-Mobile\Connection Manager\conappssvc.exe -- (CATmobile)

SRV - [2008/12/10 01:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\p\wamp\bin\apache\apache2.2.11\bin\httpd.exe -- (wampapache)

SRV - [2008/11/12 14:25:48 | 001,273,856 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)

SRV - [2008/07/24 18:46:08 | 000,057,920 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)

SRV - [2008/06/03 15:16:46 | 000,569,112 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Ambient Light Sensor\AlsSvc.exe -- (alssvc64)

SRV - [2006/10/26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/08/05 14:02:56 | 000,144,720 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV:64bit: - [2010/06/09 09:23:04 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)

DRV:64bit: - [2010/01/14 16:08:34 | 000,059,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TfSysMon)

DRV:64bit: - [2010/01/14 16:08:32 | 000,041,888 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)

DRV:64bit: - [2010/01/14 16:08:30 | 000,065,072 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)

DRV:64bit: - [2009/11/24 16:50:05 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2009/11/24 16:49:56 | 000,065,616 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2009/09/22 18:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)

DRV:64bit: - [2009/09/22 18:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)

DRV:64bit: - [2009/09/22 18:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)

DRV:64bit: - [2009/09/22 18:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)

DRV:64bit: - [2009/08/28 19:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2009/07/30 10:05:46 | 000,172,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp) Intel(R)

DRV:64bit: - [2009/07/30 10:05:38 | 000,066,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb) Intel(R)

DRV:64bit: - [2009/07/30 10:05:36 | 000,070,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum) Intel(R)

DRV:64bit: - [2009/07/13 18:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/13 18:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/13 18:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)

DRV:64bit: - [2009/07/13 18:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)

DRV:64bit: - [2009/07/13 18:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)

DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/13 17:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)

DRV:64bit: - [2009/07/13 16:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)

DRV:64bit: - [2009/07/13 16:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)

DRV:64bit: - [2009/07/13 16:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2009/07/13 16:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)

DRV:64bit: - [2009/07/13 16:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)

DRV:64bit: - [2009/06/29 10:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009/04/03 00:39:42 | 000,234,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)

DRV:64bit: - [2009/02/11 17:26:18 | 000,407,576 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/01/22 10:16:16 | 000,037,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cvusbdrv.sys -- (cvusbdrv)

DRV:64bit: - [2009/01/05 17:21:50 | 000,043,032 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\PCTINDIS5X64.sys -- (PCTINDIS5X64)

DRV:64bit: - [2008/11/17 07:50:30 | 004,751,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (NETw5v64) Intel(R)

DRV:64bit: - [2008/11/05 23:25:40 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)

DRV:64bit: - [2008/09/19 01:03:00 | 000,315,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OA001Vid.sys -- (OA001Vid)

DRV:64bit: - [2008/07/24 18:46:08 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)

DRV:64bit: - [2008/07/24 18:45:20 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)

DRV:64bit: - [2008/06/25 11:52:36 | 001,486,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)

DRV:64bit: - [2008/06/25 11:48:26 | 000,294,912 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)

DRV:64bit: - [2008/06/25 11:47:00 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)

DRV:64bit: - [2008/06/16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2008/06/04 13:14:00 | 000,032,240 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PBADRV64.sys -- (PBADRV)

DRV:64bit: - [2008/06/03 17:30:38 | 000,168,864 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OA001Ufd.sys -- (OA001Ufd)

DRV:64bit: - [2008/04/04 13:42:18 | 000,315,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress) Intel(R)

DRV:64bit: - [2008/03/16 20:06:14 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)

DRV:64bit: - [2007/11/13 07:51:12 | 000,124,416 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Gt51Ip.sys -- (GT72NDISIPXP)

DRV:64bit: - [2007/10/17 23:37:10 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)

DRV:64bit: - [2007/10/09 04:53:30 | 000,080,896 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gt72ubus.sys -- (GT72UBUS)

DRV:64bit: - [2007/07/23 15:05:22 | 000,009,968 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLADResE.SYS -- (DLADResE)

DRV:64bit: - [2007/07/23 15:05:12 | 000,135,152 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLAUDFAE.SYS -- (DLAUDFAE)

DRV:64bit: - [2007/07/23 15:05:12 | 000,046,448 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLABMFSE.SYS -- (DLABMFSE)

DRV:64bit: - [2007/07/23 15:05:10 | 000,144,112 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLAUDF_E.SYS -- (DLAUDF_E)

DRV:64bit: - [2007/07/23 15:05:08 | 000,035,056 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLAOPIOE.SYS -- (DLAOPIOE)

DRV:64bit: - [2007/07/23 15:05:06 | 000,042,352 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLABOIOE.SYS -- (DLABOIOE)

DRV:64bit: - [2007/07/23 15:05:06 | 000,019,824 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLAPoolE.SYS -- (DLAPoolE)

DRV:64bit: - [2007/07/23 15:05:04 | 000,146,672 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DLAIFS_E.SYS -- (DLAIFS_E)

DRV:64bit: - [2007/07/23 14:55:46 | 000,124,112 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DRVECDB.SYS -- (DRVECDB)

DRV:64bit: - [2007/07/23 14:49:50 | 000,041,072 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\SysNative\drivers\DLARTL_E.SYS -- (DLARTL_E)

DRV:64bit: - [2007/07/23 14:49:50 | 000,017,776 | ---- | M] (Roxio) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DLACDBHE.SYS -- (DLACDBHE)

DRV:64bit: - [2007/07/23 14:43:46 | 000,063,984 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DRVEDDM.SYS -- (DRVEDDM)

DRV:64bit: - [2007/03/30 04:38:16 | 000,010,624 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtptser.sys -- (GTPTSER)

DRV:64bit: - [2007/03/07 11:13:20 | 000,017,920 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pnetmdm64.sys -- (pnetmdm)

DRV:64bit: - [2006/06/18 22:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)

DRV - [2010/06/10 23:27:40 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)

DRV - [2008/07/24 18:46:10 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)

DRV - [2007/02/07 11:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = actsvr.comcastonline.com;*.local

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = actsvr.comcastonline.com:8100

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"

FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "http://www.swagbucks.com"

FF - prefs.js..extensions.enabledItems: gmail_sigs@blankcanvasweb.com:1.12.8b

FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0.2

FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4

FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.30

FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.8.3

FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0

FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1

FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.586

FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.2.3

FF - prefs.js..extensions.enabledItems: {25A1388B-6B18-46c3-BEBA-A81915D0DE8F}:1.7.1

FF - prefs.js..extensions.enabledItems: statusbar@toodledo.com:1.70

FF - prefs.js..extensions.enabledItems: vimperator@mozdev.org:2.3.1

FF - prefs.js..extensions.enabledItems: xdebughelper@mail.ru:0.3.1

FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.8.7

FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8

FF - prefs.js..extensions.enabledItems: afom@idevfh:2.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/11/28 23:28:45 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010/03/06 02:30:13 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/08/31 09:56:27 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/08/21 09:54:24 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010/09/08 11:15:14 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2010/01/20 11:42:11 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions

[2010/01/20 11:42:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010/09/10 14:48:34 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions

[2010/07/28 22:20:00 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}

[2010/04/28 09:41:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/08/07 02:34:30 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}

[2009/11/28 23:42:18 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}

[2009/11/28 23:42:18 | 000,000,000 | ---D | M] (Todoist.com Sidebar) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\{6b2aa68e-bd62-4564-ab0a-15b4af70426f}

[2010/07/05 11:53:43 | 000,000,000 | ---D | M] (IE View) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}

[2010/01/06 16:02:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\{A64F9D1E-FA5E-11DA-A187-6B94C2ED2B83}

[2010/05/28 09:41:53 | 000,000,000 | ---D | M] (Selenium IDE) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}

[2009/11/28 23:42:19 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}

[2009/12/05 15:51:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}

[2010/04/09 08:24:08 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2009/11/29 20:33:57 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\clickbank@geminussoft.com

[2010/05/07 10:28:48 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\firebug@software.joehewitt.com

[2010/02/21 14:31:36 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\firebug@tools.sitepoint.com

[2010/08/18 09:13:16 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\foxmarks@kei.com

[2010/02/02 09:52:06 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\giridhar@reqall.com

[2010/07/14 22:03:28 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\gmail_sigs@blankcanvasweb.com

[2009/11/28 23:42:16 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\LogMeInClient@logmein.com

[2010/05/01 16:34:55 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\statusbar@toodledo.com

[2010/03/10 10:31:53 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\toolbar@alexa.com

[2010/04/09 08:24:12 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\vimperator@mozdev.org

[2010/07/30 09:52:21 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\wdwadsensemonitor@whydowork.com

[2009/11/28 23:42:17 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\xdebughelper@mail.ru

[2010/03/05 10:34:05 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\f3ycwypb.WizOneSolutions\extensions\yslow@yahoo-inc.com

[2010/09/08 18:38:32 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions

[2010/08/05 21:13:16 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}

[2010/09/08 18:37:33 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}

[2010/04/27 17:42:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/07/07 20:02:15 | 000,000,000 | ---D | M] (Quick Locale Switcher) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\{25A1388B-6B18-46c3-BEBA-A81915D0DE8F}

[2010/08/09 17:50:49 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2009/11/28 23:42:31 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}

[2010/01/26 16:22:06 | 000,000,000 | ---D | M] (IE View) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}

[2010/08/26 19:46:08 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}

[2010/01/10 08:43:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\{A64F9D1E-FA5E-11DA-A187-6B94C2ED2B83}

[2010/04/13 22:24:36 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}

[2010/07/05 02:58:15 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\afom@idevfh

[2010/05/07 21:03:42 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\firebug@software.joehewitt.com

[2010/08/26 19:46:07 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\foxmarks@kei.com

[2010/02/02 19:47:26 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\giridhar@reqall.com

[2010/08/26 19:46:01 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\gmail_sigs@blankcanvasweb.com

[2010/03/18 22:05:38 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\LogMeInClient@logmein.com

[2010/09/08 18:38:32 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\staged-xpis

[2010/05/02 18:21:29 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\statusbar@toodledo.com

[2010/04/10 18:56:30 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\vimperator@mozdev.org

[2009/12/03 21:11:57 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\gcdm7tz6.default\extensions\xdebughelper@mail.ru

[2010/08/26 19:44:28 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\lws2cxhs.Clean\extensions

[2010/08/26 19:44:18 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\lws2cxhs.Clean\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}

[2010/05/12 23:13:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\lws2cxhs.Clean\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/01/12 09:48:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\lws2cxhs.Clean\extensions\{A64F9D1E-FA5E-11DA-A187-6B94C2ED2B83}

[2010/08/26 19:44:17 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\lws2cxhs.Clean\extensions\foxmarks@kei.com

[2010/03/01 13:14:03 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\lws2cxhs.Clean\extensions\info@elime.be

[2010/03/19 10:55:49 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\lws2cxhs.Clean\extensions\LogMeInClient@logmein.com

[2009/11/28 23:42:39 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\lws2cxhs.Clean\extensions\timeleft@nestersoft.com

[2010/04/09 17:48:39 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\lws2cxhs.Clean\extensions\vimperator@mozdev.org

[2010/09/10 14:48:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/08/18 21:39:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

[2010/03/12 11:43:40 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/03/12 11:43:40 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/03/12 11:43:41 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/03/12 11:43:41 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/03/27 17:57:35 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/09/05 12:27:27 | 000,002,996 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 magic.wizonesolutions.com

O1 - Hosts: 127.0.0.1 mail.magic.wizonesolutions.com

O1 - Hosts: ::1 localhost

O1 - Hosts: 10.0.0.94 b.showroomsociety.com

O1 - Hosts: 192.168.1.12 u.showroomsociety.com

O1 - Hosts: 192.168.56.101 m2.showroomsociety.com

O1 - Hosts: 192.168.56.101 m2d.showroomsociety.com

O1 - Hosts: 192.168.56.101 m2.wizonesolutions.com

O1 - Hosts: 192.168.56.101 courses.m2.gnosticawakenings.com

O1 - Hosts: 192.168.56.101 m2.gnosticawakenings.com

O1 - Hosts: 192.168.1.3 www.showroomsociety.wiz

O1 - Hosts: 192.168.1.3 www.wizonesolutions.com

O1 - Hosts: 192.168.1.3 wizonesolutions.com

O1 - Hosts: 192.168.1.3 michael.wizonesolutions.com

O1 - Hosts: 192.168.1.3 bagc.michael.wizonesolutions.com

O1 - Hosts: 192.168.1.3 svn.wizonesolutions.com

O1 - Hosts: 192.168.1.3 thewebserver

O1 - Hosts: 192.168.1.3 wizonesolutions.sitetesting.wizonesolutions.com

O1 - Hosts: 192.168.1.3 cjstest.wizonesolutions.com

O1 - Hosts: 192.168.1.12 u.wizonesolutions.com

O1 - Hosts: 192.168.1.12 u.kevinkaland.com

O1 - Hosts: 192.168.1.12 bruce2.wizonesolutions.com

O1 - Hosts: 192.168.56.101 magic2.wizonesolutions.com

O1 - Hosts: 192.168.56.101 m2.wizonesolutions.com

O1 - Hosts: 44 more lines...

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll (Google Inc.)

O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)

O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3:64bit: - HKLM\..\Toolbar: (StExBar) - {6c7a85a7-27c6-49ce-98b2-a8479b0dd63d} - C:\Program Files\StExBar\StExBar.dll (tools.tortoisesvn.net)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (StExBar) - {6C7A85A7-27C6-49CE-98B2-A8479B0DD63D} - C:\Program Files\StExBar\StExBar.dll (tools.tortoisesvn.net)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)

O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)

O4:64bit: - HKLM..\Run: [DellConnectionManager] C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.)

O4:64bit: - HKLM..\Run: [DellControlPoint] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)

O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)

O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)

O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.DLL (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [nwiz] C:\Windows\SysNative\nwiz.exe ()

O4:64bit: - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)

O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)

O4:64bit: - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exe (PC Tools)

O4 - HKLM..\Run: [T-Mobile Connection Manager] C:\Program Files (x86)\T-Mobile\Connection Manager\TMobileCM.exe (T-Mobile)

O4 - HKCU..\Run: [AdobeBridge] File not found

O4 - HKCU..\Run: [Evernote] C:\Program Files (x86)\Evernote\Evernote3.5\evernote.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)

O4 - HKCU..\Run: [FeedDemon] C:\Program Files (x86)\FeedDemon\FeedDemon.exe (NewsGator Technologies, Inc.)

O4 - HKCU..\Run: [invoiceSyncTimer] C:\Program Files (x86)\invoiceSync\bin\timerSync.exe (Burcesoft)

O4 - HKCU..\Run: [ISUSPM] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)

O4 - HKCU..\Run: [OpenDNS Updater] C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe ()

O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKCU..\Run: [Syncplicity] C:\Program Files\Syncplicity\Syncplicity.exe ()

O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2009/11/28 23:42:06 | 000,000,000 | -H-D | M]

O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CNET TechTracker.lnk = C:\Users\Kevin\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe ()

O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Find And Run Robot.lnk = C:\Program Files (x86)\FindAndRunRobot\FindAndRunRobot.exe (DonationCoder.com)

O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KaVoom! KM.lnk = C:\Program Files (x86)\KaVoom! KM\x64\KaVoomKM.exe File not found

O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TimeLeft.lnk = C:\Program Files (x86)\TimeLeft3\TimeLeft.exe (NesterSoft Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:64bit: - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()

O8:64bit: - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()

O8:64bit: - Extra context menu item: Add to &Evernote - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)

O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()

O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()

O8 - Extra context menu item: Add to &Evernote - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)

O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)

O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)

O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemydsl.verizon.net/sdcCommon/download/DSL/Verizon%20High%20Speed%20Internet%20Installer.cab (Support.com Configuration Class)

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 208.67.220.220

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O24 - Desktop WallPaper: C:\Windows\web\Wallpaper\img22.jpg

O24 - Desktop BackupWallPaper: C:\Windows\web\Wallpaper\img22.jpg

O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - C:\P\SYSINTERNALS\PROCEXP.EXE (Sysinternals - www.sysinternals.com)

O27 - HKLM IFEO\taskmgr.exe: Debugger - "C:\P\SYSINTERNALS\PROCEXP.EXE" (Sysinternals - www.sysinternals.com)

O30:64bit: - LSA: Authentication Packages - (wvauth) - C:\Windows\SysNative\wvauth.dll (Wave Systems Corp.)

O30 - LSA: Authentication Packages - (wvauth) - File not found

O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{10f43d57-f7b6-11de-95ba-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{10f43d57-f7b6-11de-95ba-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found

O33 - MountPoints2\{240961b1-23c6-11df-aedf-0024e8ad2980}\Shell - "" = AutoRun

O33 - MountPoints2\{240961b1-23c6-11df-aedf-0024e8ad2980}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2\{240961c0-23c6-11df-aedf-0024e8ad2980}\Shell - "" = AutoRun

O33 - MountPoints2\{240961c0-23c6-11df-aedf-0024e8ad2980}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2\{3bd6875f-304f-11df-8d88-8faf6fed1c6d}\Shell - "" = AutoRun

O33 - MountPoints2\{3bd6875f-304f-11df-8d88-8faf6fed1c6d}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2\{3bd68761-304f-11df-8d88-8faf6fed1c6d}\Shell - "" = AutoRun

O33 - MountPoints2\{3bd68761-304f-11df-8d88-8faf6fed1c6d}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found

O33 - MountPoints2\{3c456eed-e8ea-11de-b765-0024e8ad2980}\Shell - "" = AutoRun

O33 - MountPoints2\{3c456eed-e8ea-11de-b765-0024e8ad2980}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/09/10 23:46:30 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Malwarebytes

[2010/09/10 23:46:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010/09/10 23:46:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/09/10 23:46:03 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/09/10 23:46:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010/08/29 20:52:42 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung

[2010/08/29 02:48:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flip Video

[2010/08/29 02:28:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\3ivx

[2010/08/29 02:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Flip Video

[2010/08/24 17:47:45 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll

[2010/08/23 16:39:57 | 000,017,224 | ---- | C] (Sysinternals) -- C:\Windows\SysNative\drivers\Dbgv.sys

[2010/08/23 15:44:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group

[2010/08/21 13:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2010/08/21 09:53:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2010/08/20 23:15:28 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll

[2010/08/18 21:40:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2010/08/18 21:39:26 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll

[2010/08/18 21:39:26 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe

[2010/08/18 21:39:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe

[2010/08/18 21:39:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe

[2010/08/16 22:48:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Speccy

[7 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[24 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/11 00:25:14 | 004,980,736 | -HS- | M] () -- C:\Users\Kevin\NTUSER.DAT

[2010/09/11 00:13:58 | 003,848,422 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010/09/11 00:13:58 | 000,864,224 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2010/09/11 00:13:58 | 000,685,720 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat

[2010/09/11 00:13:58 | 000,653,598 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2010/09/11 00:13:58 | 000,625,770 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010/09/11 00:13:58 | 000,458,348 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat

[2010/09/11 00:13:58 | 000,165,768 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2010/09/11 00:13:58 | 000,133,232 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat

[2010/09/11 00:13:58 | 000,130,256 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2010/09/11 00:13:58 | 000,107,104 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010/09/11 00:13:58 | 000,077,812 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat

[2010/09/11 00:13:15 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/09/11 00:13:15 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/09/11 00:12:05 | 000,000,480 | ---- | M] () -- C:\Windows\win.ini

[2010/09/11 00:07:57 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job

[2010/09/11 00:07:20 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/09/11 00:05:29 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010/09/11 00:05:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/09/11 00:05:12 | 2137,960,447 | -HS- | M] () -- C:\hiberfil.sys

[2010/09/11 00:03:44 | 001,175,538 | -H-- | M] () -- C:\Users\Kevin\AppData\Local\IconCache.db

[2010/09/10 23:59:04 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/09/10 23:58:15 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857002689-1344430454-3332216080-1000UA.job

[2010/09/10 18:58:06 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2857002689-1344430454-3332216080-1000Core.job

[2010/09/08 20:41:59 | 000,000,600 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\winscp.rnd

[2010/09/07 20:47:59 | 000,001,195 | ---- | M] () -- C:\Users\Kevin\Desktop\CNET TechTracker.lnk

[2010/09/07 20:47:59 | 000,001,175 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CNET TechTracker.lnk

[2010/09/07 15:09:31 | 000,021,893 | ---- | M] () -- C:\Users\Kevin\_viminfo

[2010/09/05 12:27:27 | 000,002,996 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2010/09/04 21:17:42 | 000,002,973 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts~

[2010/09/02 15:20:43 | 000,000,600 | ---- | M] () -- C:\Users\Kevin\AppData\Local\PUTTY.RND

[2010/08/29 02:49:38 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\FlipShare.lnk

[2010/08/29 02:32:47 | 000,003,584 | ---- | M] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/08/29 02:32:02 | 000,001,015 | R--- | M] () -- C:\logFile.xsl

[2010/08/25 14:25:40 | 000,000,442 | ---- | M] () -- C:\Users\Kevin\.Xauthority

[2010/08/25 14:23:18 | 000,000,866 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk

[2010/08/23 16:39:57 | 000,017,224 | ---- | M] (Sysinternals) -- C:\Windows\SysNative\drivers\Dbgv.sys

[2010/08/23 15:44:41 | 000,001,270 | ---- | M] () -- C:\Users\Kevin\Desktop\Revo Uninstaller.lnk

[2010/08/21 13:20:45 | 000,002,975 | ---- | M] () -- C:\Users\Kevin\Desktop\HiJackThis.lnk

[2010/08/18 19:48:34 | 004,803,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[7 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[24 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/29 02:49:38 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\FlipShare.lnk

[2010/08/29 02:32:46 | 000,003,584 | ---- | C] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/08/29 02:32:02 | 000,001,015 | R--- | C] () -- C:\logFile.xsl

[2010/08/25 14:23:18 | 000,000,866 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk

[2010/08/23 15:44:41 | 000,001,270 | ---- | C] () -- C:\Users\Kevin\Desktop\Revo Uninstaller.lnk

[2010/08/21 13:20:45 | 000,002,975 | ---- | C] () -- C:\Users\Kevin\Desktop\HiJackThis.lnk

[2010/05/21 17:42:12 | 000,687,056 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\unins000.exe

[2010/05/21 17:42:12 | 000,015,249 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\unins000.dat

[2010/01/25 11:58:06 | 000,462,848 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll

[2010/01/25 01:23:40 | 000,013,793 | ---- | C] () -- C:\ProgramData\hpzinstall.log

[2009/12/08 19:06:34 | 000,000,600 | ---- | C] () -- C:\Users\Kevin\AppData\Local\PUTTY.RND

[2009/11/29 04:10:29 | 000,000,046 | ---- | C] () -- C:\Users\Kevin\AppData\Local\DonationCoder_dcupdater_InstallInfo.dat

[2009/11/29 02:42:05 | 000,002,245 | ---- | C] () -- C:\Users\Kevin\AppData\Local\Win7_tmp1.htm

[2009/11/29 02:37:59 | 000,000,046 | ---- | C] () -- C:\Users\Kevin\AppData\Local\DonationCoder_findrunrobot_InstallInfo.dat

[2009/11/05 15:45:14 | 001,612,392 | ---- | C] () -- C:\Windows\SysWow64\nView.dll

[2009/11/05 15:45:14 | 001,108,584 | ---- | C] () -- C:\Windows\SysWow64\nvwimg.dll

[2009/09/22 10:26:33 | 000,000,600 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\winscp.rnd

[2009/07/30 18:58:42 | 000,000,326 | ---- | C] () -- C:\Windows\primopdf.ini

[2009/07/30 10:30:28 | 000,006,570 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\PrimoPDFSet.xml

[2009/07/28 20:48:36 | 000,000,234 | ---- | C] () -- C:\Windows\wininit.ini

[2009/07/27 01:33:50 | 000,373,584 | ---- | C] () -- C:\Windows\SysWow64\brcmbsp.dll

[2009/07/27 01:08:59 | 000,080,368 | ---- | C] () -- C:\Windows\SysWow64\pbadrvdll.dll

[2009/07/22 19:03:06 | 000,143,360 | R--- | C] () -- C:\Windows\SysWow64\preflib.dll

[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2008/02/18 23:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\SysWow64\OpenQuicktimeLib.dll

========== LOP Check ==========

[2009/11/28 23:41:20 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Affilorama

[2009/11/28 23:41:21 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\bazaar

[2009/07/27 10:39:54 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Broadcom

[2009/11/28 23:41:53 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\CBS Interactive

[2009/12/21 17:15:09 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\com.iplotz.3017F2483C962A58B145D63E3CE3CDA4A7D0B9B6.1

[2010/04/23 13:59:14 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\CrashPlan

[2009/11/28 23:41:53 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\DonationCoder

[2009/12/12 02:38:39 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\FlashGet

[2009/11/28 23:41:54 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\gnupg

[2010/06/01 13:34:55 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\gtk-2.0

[2010/04/23 08:51:14 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\invoiceSync

[2010/01/26 17:10:35 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\JottExpress.50E28EE2422BD0599F081C2408B1BFDDBEFC6B6B.1

[2010/03/23 14:48:46 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\NesterSoft

[2009/11/28 23:42:41 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Notepad++

[2010/07/20 02:09:26 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\OpenDNS Updater

[2010/06/07 18:38:34 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\PrimoPDF

[2010/02/06 10:47:56 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\StExBar

[2009/11/28 23:42:57 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Subversion

[2010/02/02 12:55:53 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\TeamViewer

[2010/01/20 11:42:10 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Thunderbird

[2009/11/28 23:43:02 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1

[2009/11/28 23:43:02 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Wave Systems Corp

[2009/11/28 23:43:02 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\winpt

[2010/03/13 15:44:31 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\xNeat Clipboard Manager

[2010/07/28 16:38:56 | 000,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Yuuguu

[2009/07/13 22:08:49 | 000,022,912 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

OTL Extras

OTL Extras logfile created on: 9/11/2010 12:14:56 AM - Run 1

OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Kevin\Downloads

64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 62.00% Memory free

16.00 Gb Paging File | 13.00 Gb Available in Paging File | 78.00% Paging File free

Paging file location(s): c:\pagefile.sys 8180 8180 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 230.70 Gb Total Space | 14.32 Gb Free Space | 6.21% Space Free | Partition Type: NTFS

Drive D: | 2.00 Gb Total Space | 1.11 Gb Free Space | 55.36% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: MAGIC

Current User Name: Kevin

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Include 64bit Scans

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ ]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\ ]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ \shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ \shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.4402

"{04760C82-F78B-4DD1-999E-D57F234EEC3B}" = TortoiseOverlays

"{05BEE123-B183-460D-BBB7-B5600EF39BD5}" = T-Mobile Connection Manager

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software

"{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite

"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode

"{167F594F-8A62-48A9-B6EC-97B853464808}" = Dell ControlPoint System Manager

"{16B452B6-828D-4E93-A97E-B92C76E8E0DD}" = SO64MMWrapper

"{2223FC2F-B862-4F83-BC9E-DDF2DADF2859}" = Intel(R) Network Connections 13.0.42.0

"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)

"{23B45E10-0CA5-43E9-BD6D-C2BD6CBE11AC}" = iTunes

"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64

"{2C3393DE-8A93-43A0-9983-ACE9CB9EDCBA}" = BS64MMWrapper

"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64

"{3110A3AD-9890-42DF-8CE5-FBFE4E633ED2}" = Wave Infrastructure Installer

"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support

"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel(R) PROSet/Wireless WiFi Software

"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager

"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729

"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup

"{56E9DB64-FAAC-4B5F-B437-E7D0C9A8F7AF}" = Mobilt bredbånd

"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64

"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{87508272-99AC-47AA-9F65-5F8C09930CA6}" = Dell Control Point 64

"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64

"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4

"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4

"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4

"{91283E8C-FA64-4085-ABDC-924CAABE0EE2}" = Syncplicity

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{99804A11-931B-496F-9433-32539F72F654}" = CrashPlan

"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant

"{9CFA7A85-AEB6-487B-9C8E-C3C9432AA8F7}" = TortoiseOverlays

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad

"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager

"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64

"{A4F53D2C-1FED-4CDF-9D83-4AED82CD0436}" = Gemalto

"{AAE78E39-FAAF-4C19-A63E-BDED7428FDE1}" = Roxio Drag-to-Disc

"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems

"{AC2512D4-ED8A-4015-BF87-92478483C171}" = TortoiseSVN 1.6.6.17493 (64 bit)

"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework

"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID Sign-in Assistant

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour

"{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack

"{BEFEF959-50B6-4911-9B8D-D13AC96B814B}" = StExBar

"{C3B66206-54AC-4A76-8CCF-7FE5670C3581}" = DCP64MMWrapper

"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security

"{CC95E3FF-822B-47CD-9B4D-C89536615461}" = Oracle VM VirtualBox 3.2.8

"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update

"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)

"{D423A16B-3A4A-4B78-9F53-BF8A6A2CE8CF}" = Dell ControlPoint Connection Manager 64

"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4

"{E2A59F15-F731-4062-9BB7-3C99D8F15756}" = HP Scanjet G3010

"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin

"{ECD1A5BA-0023-4558-A006-8F27487E1D5D}" = Broadcom USH Host Components 64

"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD1}" = Paint.NET v3.5.5

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{FAE224AF-B15E-448B-88FA-1839A7570CF8}" = Intel® PROSet/Wireless WiMAX Software

"{FEF64966-7F5E-48A6-8A87-C12533BEE519}" = ATMinInstall64

"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)

"camcodec" = CamStudio Lossless Codec

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem

"Creative OA001" = Integrated Webcam Driver (1.03.02.0919)

"HP Imaging Device Functions" = HP Imaging Device Functions 13.0

"HP Photosmart Essential" = HP Photosmart Essential 3.5

"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0

"HPOCR" = OCR Software by I.R.I.S. 13.0

"KaVoom! KM" = KaVoom! KM

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"NVIDIA Drivers" = NVIDIA Drivers

"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager

"nView Desktop Manager" = NVIDIA nView Desktop Manager

"ProInst" = Intel PROSet Wireless

"PROSetDX" = Intel(R) Network Connections 13.0.42.0

"SAMSUNG Android USB Modem" = SAMSUNG Android USB Modem Software

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan

"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4

"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en

"{2220CF3A-EBD6-4070-94D0-0C7337B537A7}" = All Day Battery Life Configuration

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 21

"{26B878A8-5704-3B64-BDBC-4F0EACA38121}" = Google Talk Plugin

"{27E3BC84-8151-4F76-9D53-A810394CADAC}" = hpg3010

"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models

"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH R5U241 / R5C847 Media Driver ver.2.04.01.00

"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component

"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm

"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager

"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{3732AF18-9C3C-428D-B944-F7E3FADEE3F3}" = Adobe Setup

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4

"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD

"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit

"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter

"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs

"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Media Driver Ver.3.53.02

"{5AF4F4C5-C71C-418F-B0B1-3903A345BD71}" = Ambient Light Sensor

"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support

"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{72FC0445-FE6D-4E12-815B-3A8C5E3704DA}_is1" = GroupMail :: Free Edition

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en

"{7F831576-6246-42C7-B523-55B3F96509CC}" = LogMeIn

"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials

"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync

"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi

"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack

"{8DCD7A9A-8B0B-4184-A5D7-C4BDAA31C750}" = Microsoft Office Live Add-in Patches

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ONENOTER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ONENOTER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ONENOTER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002A-0000-1000-0000000FF1CE}_ONENOTER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-0409-1000-0000000FF1CE}_ONENOTER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ONENOTER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ONENOTER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ONENOTER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0116-0409-1000-0000000FF1CE}_ONENOTER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{91120000-00A1-0000-0000-0000000FF1CE}" = Microsoft Office OneNote 2007

"{91120000-00A1-0000-0000-0000000FF1CE}_ONENOTER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-00A1-0000-0000-0000000FF1CE}_ONENOTER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc

"{9BA46806-9EB4-AEFB-B7DD-11E9540B749D}" = iPlotz

"{9F3C8BE0-A54A-2D46-36FB-0029D412B0AC}" = TweetDeck

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support

"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch

"{AC76BA86-1033-F400-7760-000000000004}_934" = Adobe Acrobat 9.3.4 - CPSID_83708

"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.3 - Français

"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9

"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update

"{B1C0D829-FE30-059E-E93F-CDC7A48235C0}" = FlipShare

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations

"{C0758034-F411-714A-64A8-BD10A97499D5}" = Jott Express

"{C29CE41A-3268-4A5C-8B29-5799906785E9}" = Wi-Fi Connect

"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com

"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE

"{C8E95BF5-C07F-4D98-BB42-F58FC98BC03E}" = Google Apps

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1

"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery

"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential

"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio

"{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}" = Safari

"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime

"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager

"{F4DA32EA-B9F2-4B22-87E2-E8937DA4F6A8}" = Adobe Creative Suite 4 Web Premium

"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4

"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack

"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire

"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe_6f2ce928cc3187358f216191905bbea" = Adobe Creative Suite 4 Web Premium

"Advanced Audio FX Engine" = Advanced Audio FX Engine

"AutoHotkey" = AutoHotkey 1.0.48.05

"Bazaar_is1" = Bazaar 2.1.1

"Bug Shooting" = Bug Shooting

"CamStudio" = CamStudio

"CamStudio Lossless Codec_is1" = CamStudio Lossless Codec v1.4

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"com.iplotz.3017F2483C962A58B145D63E3CE3CDA4A7D0B9B6.1" = iPlotz

"ComcastHSI" = Comcast High-Speed Internet Install Wizard

"DcUpdater_is1" = DcUpdater 1.27.02

"Dell Photo AIO Printer 924" = Dell Photo AIO Printer 924

"Dell Webcam Central" = Dell Webcam Central

"Digsby" = Digsby

"FeedDemon_is1" = FeedDemon

"Find and Run Robot_is1" = Find+Run Robot 2.90.01

"FlashGet" = FlashGet 1.9.6.1073

"Google Chrome" = Google Chrome

"Google Updater" = Google Updater

"GPG4Win" = GnuPG For Windows

"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software

"InstallShield_{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite

"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup

"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update

"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin

"IrfanView" = IrfanView (remove only)

"JottExpress.50E28EE2422BD0599F081C2408B1BFDDBEFC6B6B.1" = Jott Express

"LogMeIn Hamachi" = LogMeIn Hamachi

"MailEnable Messaging Services for Microsoft Windows" = MailEnable Messaging Services for Microsoft Windows

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"MegaFrench_is1" = MegaFrench_v2.00

"MozBackup" = MozBackup 1.4.10

"Mozilla Firefox (3.6.7)" = Mozilla Firefox (3.6.7)

"Mozilla Thunderbird (3.1.3)" = Mozilla Thunderbird (3.1.3)

"Notepad++" = Notepad++

"nxclient_is1" = NX Client for Windows 3.4.0-7

"ONENOTER" = Microsoft Office OneNote 2007

"OpenDNS Updater" = OpenDNS Updater 2.2.1

"PdaNet_is1" = PdaNet for Android 2.41

"Picasa 3" = Picasa 3

"PIXresizer_is1" = PIXresizer 2.0.4

"PrimoPDF" = PrimoPDF -- by Nitro PDF Software

"PROHYBRIDR" = 2007 Microsoft Office system

"PuTTY_is1" = PuTTY version 0.60

"Revo Uninstaller" = Revo Uninstaller 1.89

"Speccy" = Speccy

"SpeedFan" = SpeedFan (remove only)

"TeamViewer 5" = TeamViewer 5

"TIMELEFT3_is1" = TimeLeft Deluxe

"Toggl Desktop_is1" = Toggl Desktop 2.0.4.0

"Traffic Travis_is1" = Traffic Travis 3.1.12

"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck

"Verizon High Speed Internet_is1" = Verizon High Speed Internet

"Vim" = Vim 7.2.284

"WampServer 2_is1" = WampServer 2.0

"WinGimp-2.0_is1" = GIMP 2.6.8

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinMerge_is1" = WinMerge 2.12.4

"winscp3_is1" = WinSCP 4.2.7

"YInstHelper" = Yahoo! Install Manager

"Yuuguu" = Yuuguu

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"309a46b1dc89b774" = Dell Driver Download Manager

"CNET TechTracker" = CNET TechTracker

"f031ef6ac137efc5" = Dell Driver Download Manager - 1

"oDVT" = oDesk Team

"WinDirStat" = WinDirStat 1.1.2

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]

Error - 11/9/2009 12:10:13 AM | Computer Name = MAGIC | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

B:\Users\Kevin\Documents\WizOne Solutions\Marketing\Affiliate Marketing\One Week

Marketing\One Week Marketing Check List.pdf failed, 00000005.

Error - 11/9/2009 12:10:13 AM | Computer Name = MAGIC | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

B:\Users\Kevin\Documents\WizOne Solutions\Marketing\Affiliate Marketing\One Week

Marketing\One Week Marketing Mind Maps.pdf failed, 00000005.

Error - 11/9/2009 12:10:14 AM | Computer Name = MAGIC | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

B:\Users\Kevin\Documents\WizOne Solutions\Marketing\Affiliate Marketing\One Week

Marketing\OWM-Guide-Book#1.pdf failed, 00000005.

Error - 12/12/2009 3:36:26 AM | Computer Name = MAGIC | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

http://ftp.heanet.ie/mirrors/backtrack/bt4-pre-final.iso failed, 00000084.

Error - 12/12/2009 3:41:20 AM | Computer Name = MAGIC | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

http://mirror.informatik.uni-mannheim.de/pub/linux/distributions/BackTrack/bt4-pre-final.iso

failed, 00000084.

Error - 12/12/2009 3:55:27 AM | Computer Name = MAGIC | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

http://mirror.switch.ch/ftp/mirror/backtrack/bt4-pre-final.iso failed, 00000084.

Error - 12/12/2009 4:12:23 AM | Computer Name = MAGIC | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

http://download.aircrack-ng.org/bt4-pre-final.iso failed, 00000084.

Error - 12/12/2009 4:35:35 AM | Computer Name = MAGIC | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

http://ftp.heanet.ie/mirrors/backtrack/bt4-beta.iso failed, 00000084.

Error - 12/12/2009 4:39:46 AM | Computer Name = MAGIC | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

http://ftp.cc.uoc.gr/mirrors/linux/backtrack/bt3final_usb.iso failed, 00000084.

Error - 12/12/2009 5:09:55 AM | Computer Name = MAGIC | Source = avast! | ID = 33554522

Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of

http://backtrack.mirrors.skynet.be/pub/backtrack/bt3final_usb.iso failed, 00000084.

[ Application Events ]

Error - 6/14/2010 11:10:43 PM | Computer Name = MAGIC | Source = MsiInstaller | ID = 11706

Description =

Error - 6/14/2010 11:10:45 PM | Computer Name = MAGIC | Source = MsiInstaller | ID = 11706

Description =

Error - 6/15/2010 5:05:06 PM | Computer Name = MAGIC | Source = MsiInstaller | ID = 11706

Description =

Error - 6/15/2010 5:05:07 PM | Computer Name = MAGIC | Source = MsiInstaller | ID = 11706

Description =

Error - 6/15/2010 5:15:11 PM | Computer Name = MAGIC | Source = MsiInstaller | ID = 11706

Description =

Error - 6/15/2010 5:15:16 PM | Computer Name = MAGIC | Source = MsiInstaller | ID = 11706

Description =

Error - 6/15/2010 10:56:18 PM | Computer Name = MAGIC | Source = MsiInstaller | ID = 11706

Description =

Error - 6/15/2010 10:56:19 PM | Computer Name = MAGIC | Source = MsiInstaller | ID = 11706

Description =

Error - 6/17/2010 6:06:50 PM | Computer Name = MAGIC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante iexplore.exe, version : 8.0.7600.16385,

horodatage : 0x4a5bc69e Nom du module défaillant : mshtml.dll, version : 8.0.7600.16535,

horodatage : 0x4b83889f Code d’exception : 0xc0000005 Décalage d’erreur : 0x003481f6

du processus défaillant : 0x22b4 Heure de début de l’application défaillante : 0x01cb0e69306742ab

Chemin

d’accès de l’application défaillante : C:\Program Files (x86)\Internet Explorer\iexplore.exe

Chemin

d’accès du module défaillant: C:\Windows\SysWOW64\mshtml.dll ID de rapport : a090a524-7a5c-11df-9b52-0024e8ad2980

Error - 6/17/2010 6:07:18 PM | Computer Name = MAGIC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante iexplore.exe, version : 8.0.7600.16385,

horodatage : 0x4a5bc69e Nom du module défaillant : mshtml.dll, version : 8.0.7600.16535,

horodatage : 0x4b83889f Code d’exception : 0xc0000005 Décalage d’erreur : 0x003481f6

du processus défaillant : 0x6fc Heure de début de l’application défaillante : 0x01cb0e6966be1eeb

Chemin

d’accès de l’application défaillante : C:\Program Files (x86)\Internet Explorer\iexplore.exe

Chemin

d’accès du module défaillant: C:\Windows\system32\mshtml.dll ID de rapport : b16d7369-7a5c-11df-9b52-0024e8ad2980

[ OSession Events ]

Error - 2/10/2010 5:53:14 PM | Computer Name = MAGIC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:

12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 392

seconds with 180 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 9/10/2010 5:08:07 PM | Computer Name = MAGIC | Source = Server | ID = 2505

Description = Le serveur n’a pas pu se lier au transport \Device\NetBT_Tcpip_{AA78D256-3220-4713-9543-D68E1D6DFC53}

car un autre ordinateur du réseau porte le même nom. Le serveur n’a pas pu démarrer.

Error - 9/10/2010 5:24:39 PM | Computer Name = MAGIC | Source = NetBT | ID = 4321

Description = Le nom "MAGIC :0" n’a pas pu être enregistré sur l’interface

avec l’adresse IP 192.168.1.68. L’ordinateur avec l’adresse IP 192.168.1.70 n’a

pas permis que le nom soit réclamé par cet ordinateur.

Error - 9/10/2010 5:27:06 PM | Computer Name = MAGIC | Source = Service Control Manager | ID = 7009

Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de

l’attente de la connexion du service Windows Presentation Foundation Font Cache

3.0.0.0.

Error - 9/10/2010 5:27:06 PM | Computer Name = MAGIC | Source = Service Control Manager | ID = 7000

Description = Le service Windows Presentation Foundation Font Cache 3.0.0.0 n’a

pas pu démarrer en raison de l’erreur : %%1053

Error - 9/11/2010 3:05:29 AM | Computer Name = MAGIC | Source = Service Control Manager | ID = 7009

Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de

l’attente de la connexion du service avast! Antivirus.

Error - 9/11/2010 3:05:29 AM | Computer Name = MAGIC | Source = Service Control Manager | ID = 7000

Description = Le service avast! Antivirus n’a pas pu démarrer en raison de l’erreur :

%%1053

Error - 9/11/2010 3:05:45 AM | Computer Name = MAGIC | Source = Service Control Manager | ID = 7034

Description = Le service DirMngr s’est terminé de façon inattendue pour la 1ème

fois.

Error - 9/11/2010 3:05:57 AM | Computer Name = MAGIC | Source = Server | ID = 2505

Description = Le serveur n’a pas pu se lier au transport \Device\NetBT_Tcpip_{AA78D256-3220-4713-9543-D68E1D6DFC53}

car un autre ordinateur du réseau porte le même nom. Le serveur n’a pas pu démarrer.

Error - 9/11/2010 3:05:57 AM | Computer Name = MAGIC | Source = NetBT | ID = 4321

Description = Le nom "MAGIC :20" n’a pas pu être enregistré sur l’interface

avec l’adresse IP 192.168.1.68. L’ordinateur avec l’adresse IP 192.168.1.70 n’a

pas permis que le nom soit réclamé par cet ordinateur.

Error - 9/11/2010 3:05:57 AM | Computer Name = MAGIC | Source = NetBT | ID = 4321

Description = Le nom "MAGIC :0" n’a pas pu être enregistré sur l’interface

avec l’adresse IP 192.168.1.68. L’ordinateur avec l’adresse IP 192.168.1.70 n’a

pas permis que le nom soit réclamé par cet ordinateur.

< End of report >

kevin27_b3d29f

2 Intern

•

1.5K Posts

September 11th, 2010 13:00

Hi,

Please repost the OTL logs for me but this time please make sure that Wordwrap is unchecked.

When Notepad opens with the logs please go to Format on the Notepad tool bar at the top of its page and
make sure WordWrap is UNchecked.

Thanks.

kkaland

1 Rookie

•

47 Posts

September 13th, 2010 10:00

Here it is again...Notepad did not have Word Wrap on...also, for some reason I did not get an Extras.txt file this time. I opened OTL, checked LOP Check and Purity Check, and clicked Run Scan, so I am not sure why not.

Log follows:

OTL logfile created on: 9/13/2010 9:45:13 AM - Run 2

OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Kevin\Downloads

64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 46.00% Memory free

16.00 Gb Paging File | 12.00 Gb Available in Paging File | 73.00% Paging File free

Paging file location(s): c:\pagefile.sys 8180 8180 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 230.70 Gb Total Space | 17.14 Gb Free Space | 7.43% Space Free | Partition Type: NTFS

Drive D: | 2.00 Gb Total Space | 1.11 Gb Free Space | 55.36% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

Drive H: | 73.74 Gb Total Space | 17.91 Gb Free Space | 24.29% Space Free | Partition Type: NTFS

I: Drive not present or media not loaded

Computer Name: MAGIC

Current User Name: Kevin

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Include 64bit Scans

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/11 00:14:10 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Downloads\OTL.exe

PRC - [2010/09/08 22:13:35 | 000,287,256 | ---- | M] (oDesk Corporation) -- C:\Program Files (x86)\oDesk\oDeskTeam.exe

PRC - [2010/09/08 22:13:35 | 000,211,992 | ---- | M] (oDesk Corporation) -- C:\Program Files (x86)\oDesk\oDeskHelper.exe

PRC - [2010/09/03 12:08:10 | 002,618,368 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe

PRC - [2010/09/02 14:09:52 | 004,120,000 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote3.5\Evernote.exe

PRC - [2010/08/18 20:36:18 | 004,615,680 | ---- | M] (DonationCoder.com) -- C:\Program Files (x86)\FindAndRunRobot\FindAndRunRobot.exe

PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/07/22 08:48:43 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2010/07/22 08:48:43 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe