OK, so I followed your two-part instructions and had an issue after the first step. So I did three steps:
1. I downloaded and ran GMER exactly as instructed which failed. My machine froze and I couldn't bring up task manager - the disk drive kept "reading" seemingly...I needed to hard reboot the machine, and when I tried to log back on the same thing happened: it would load Windows after some time, but the machine was frozen.
A few other points:
a) I can not boot to safe mode either as I received an "Insufficient permission..." error even though I am an administrator on the machine. This was happening before I ran GMER.
b) The machine is a company - gulp - Thinkpad T60. I replaced the company name with "company" in the following OTL logs.
c) I am a local administrator, but I need to log onto the machine under our domain (AMER) in order to use it even though I am not on the network.
2. After trying GMER and not being able to even use the machine, on one reboot I quickly brought up task manager (it worked) and then killed a BUNCH of randon process including EXPLORER.EXE and GOOGLEUPDATE and others that I did not recognize. I know this is bush league and not recommended, but the machine was useless without doing so. I'm now able to use and was able to complete step 3...
3. I ran OTL as instructed and here are the logs:
OTL.Txt
---
OTL logfile created on: 10/17/2010 6:27:57 PM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = \\mopcitnas06\mattm02$\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 67.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2963 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 76.60 Gb Free Space | 51.39% Space Free | Partition Type: NTFS
Computer Name: AMRNYCLL3CCC3N | User Name: mattM02 | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ========== PRC - \\mopcitnas06\mattm02$\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Tether\TBService.exe ()
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\SystemHost.exe ( )
PRC - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
PRC - C:\WINDOWS\system32\AtService.exe (AuthenTec, Inc.)
PRC - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe ()
PRC - C:\Program Files\McAfee\Common Framework\McScript_InUse.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\naPrdMgr.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\Common Framework\McTray.exe (McAfee, Inc.)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel® Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
PRC - C:\WINDOWS\system32\TPHDEXLG.exe (Lenovo.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)
PRC - C:\Program Files\NetSupport\NetSupport Manager\client32.exe (NetSupport Ltd)
PRC - C:\Program Files\Utimaco\Safeguard Easy\SgeCtl.exe (Utimaco Safeware AG)
PRC - C:\WINDOWS\system32\SgLogPlayer.exe (Utimaco Safeware AG)
========== Modules (SafeList) ========== MOD - \\mopcitnas06\mattm02$\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\WMVCore.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\NetProvCredMan.dll (Intel® Corporation)
MOD - C:\WINDOWS\system32\msvcp60.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netui1.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netui0.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\ntlanman.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\davclnt.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\drprov.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\netrap.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\wmasf.dll (Microsoft Corporation)
MOD - C:\Program Files\Utimaco\Safeguard Easy\SgeDrse.dll (Utimaco Safeware AG)
MOD - C:\Program Files\Utimaco\Safeguard Easy\SgeUtil.dll (Utimaco Safeware AG)
MOD - C:\Program Files\Utimaco\Safeguard Easy\SgMsgBhk.dll (Utimaco Safeware AG)
MOD - C:\WINDOWS\system32\PortableDeviceApi.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (stllssvr) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe File not found
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe File not found
SRV - (Tether) -- C:\Program Files\Tether\TBService.exe ()
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (mfevtp) -- C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SRV - (hips) -- C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe (McAfee, Inc.)
SRV - (enterceptAgent) -- C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe (McAfee, Inc.)
SRV - (CcmExec) -- C:\WINDOWS\system32\CCM\CcmExec.exe (Microsoft Corporation)
SRV - (smstsmgr) -- C:\WINDOWS\System32\CCM\TSManager.exe (Microsoft Corporation)
SRV - (McShield) -- C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe (McAfee, Inc.)
SRV - (McTaskManager) -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe (McAfee, Inc.)
SRV - (McAfeeEngineService) -- C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe (McAfee, Inc.)
SRV - (SystemHost) -- C:\WINDOWS\system32\SystemHost.exe ( )
SRV - (ThinkVantage Registry Monitor Service) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (FingerprintServer) -- C:\WINDOWS\system32\FpLogonServ.exe (AuthenTec,Inc)
SRV - (dtsvc) -- C:\WINDOWS\system32\DTS.exe ()
SRV - (ADMonitor) -- C:\WINDOWS\system32\ADMonitor.exe ()
SRV - (ATService) -- C:\WINDOWS\system32\AtService.exe (AuthenTec, Inc.)
SRV - (Power Manager DBC Service) -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe ()
SRV - (aPodClientService) -- c:\WINDOWS\company\_utils\aPodClient\aPodClientService11.exe (C&C Consultants)
SRV - (McAfeeFramework) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV - (WLANKEEPER) Intel® -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe (Intel® Corporation)
SRV - (S24EventMonitor) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel® Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV - (ExtranetAccess) -- C:\Program Files\Nortel Networks\Extranet_serv.exe (Nortel Networks NA, Inc.)
SRV - (TPHDEXLGSVC) -- C:\WINDOWS\system32\TPHDEXLG.exe (Lenovo.)
SRV - (IBMPMSVC) -- C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo)
SRV - (Client32) -- C:\Program Files\NetSupport\NetSupport Manager\client32.exe (NetSupport Ltd)
SRV - (WksCfgSrv) -- C:\Program Files\Utimaco\Safeguard Easy\WksCfgSrv.exe (Utimaco Safeware AG)
SRV - (SgeCtl) -- C:\Program Files\Utimaco\Safeguard Easy\SgeCtl.exe (Utimaco Safeware AG)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (GemSAFE Card Server) -- C:\Program Files\Gemplus\GemSafe Libraries\BIN\GCardSrvNT.exe (Gemplus)
SRV - (SgLogPlayer) -- C:\WINDOWS\system32\SgLogPlayer.exe (Utimaco Safeware AG)
SRV - (OracleOraHome92ClientCache) -- C:\Oracle\Ora92\bin\ONRSD.EXE ()
========== Driver Services (SafeList) ========== DRV - (kbstuff) -- C:\WINDOWS\System32\DRIVERS\kbstuff5.sys File not found
DRV - (idisw2km) -- C:\WINDOWS\System32\DRIVERS\idisw2km.sys File not found
DRV - (GEARAspiWDM) -- C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys File not found
DRV - (catchme) -- C:\DOCUME~1\mattM02\LOCALS~1\Temp\catchme.sys File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (HIPK) -- C:\WINDOWS\system32\drivers\HIPK.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfetdik) -- C:\WINDOWS\system32\drivers\mfetdik.sys (McAfee, Inc.)
DRV - (HIPPSK) -- C:\WINDOWS\system32\drivers\HIPPSK.sys (McAfee, Inc.)
DRV - (HIPQK) -- C:\WINDOWS\system32\drivers\HIPQK.sys (McAfee, Inc.)
DRV - (firelm01) -- C:\WINDOWS\system32\drivers\firelm01.sys (McAfee, Inc.)
DRV - (FireTDI) -- C:\WINDOWS\system32\drivers\FireTDI.sys (McAfee, Inc.)
DRV - (FirePM) -- C:\WINDOWS\system32\Drivers\FirePM.sys (McAfee, Inc.)
DRV - (qrkis) -- C:\WINDOWS\system32\drivers\qrkis.sys (Tether)
DRV - (prepdrvr) -- C:\WINDOWS\system32\CCM\PrepDrv.sys (Microsoft Corporation)
DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (FirehkMP) -- C:\WINDOWS\system32\drivers\firehk.sys (McAfee, Inc.)
DRV - (Firehk) -- C:\WINDOWS\system32\drivers\firehk.sys (McAfee, Inc.)
DRV - (NETw5x32) Intel® -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (iastor) -- C:\WINDOWS\system32\DRIVERS\iastor.sys (Intel Corporation)
DRV - (smsmdd) -- C:\WINDOWS\system32\drivers\smsmdm.sys (Microsoft Corporation)
DRV - (ATSwpWDF) -- C:\WINDOWS\system32\drivers\ATSwpWDF.sys (AuthenTec, Inc.)
DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS ()
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS ()
DRV - (e1yexpress) Intel® -- C:\WINDOWS\system32\drivers\e1y5132.sys (Intel Corporation)
DRV - (tpm) -- C:\WINDOWS\system32\drivers\tpm.sys (Intel Corporation)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (smihlp) SMI Helper Driver (smihlp) -- C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys (UPEK Inc.)
DRV - (CnxtHdAudService) -- C:\WINDOWS\system32\drivers\CHDAU32.sys (Conexant Systems Inc.)
DRV - (Eacfilt) -- C:\WINDOWS\system32\drivers\eacfilt.sys (Nortel Networks)
DRV - (IPSECSHM) -- C:\WINDOWS\system32\drivers\ipsecw2k.sys (Nortel Networks NA, Inc.)
DRV - (IPSECEXT) -- C:\WINDOWS\system32\drivers\ipsecw2k.sys (Nortel Networks NA, Inc.)
DRV - (Shockprf) -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys (Lenovo.)
DRV - (TPDIGIMN) -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys (Lenovo.)
DRV - (TPHKDRV) -- C:\WINDOWS\system32\drivers\TPHKDRV.sys (Lenovo Group Limited)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (NSCIRDA) -- C:\WINDOWS\system32\drivers\nscirda.sys (National Semiconductor Corporation)
DRV - (ltmodem5) -- C:\WINDOWS\system32\drivers\ltmdmnt.sys (LT)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (IBMPMDRV) -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys (Lenovo.)
DRV - (HECI) Intel® -- C:\WINDOWS\system32\drivers\HECI.sys (Intel Corporation)
DRV - (TVTI2C) -- C:\WINDOWS\system32\drivers\tvti2c.sys (Lenovo (United States) Inc.)
DRV - (SgeFlt) -- C:\WINDOWS\SYSTEM32\DRIVERS\SGEFLT.SYS (Utimaco Safeware AG)
DRV - (AES-256) -- C:\WINDOWS\SYSTEM32\DRIVERS\AES256.SYS (Utimaco Safeware AG)
DRV - (PCISys) -- C:\WINDOWS\system32\drivers\pcisys.sys (NetSupport Ltd)
DRV - (gdihook5) -- C:\WINDOWS\system32\drivers\gdihook5.sys (NetSupport Ltd)
DRV - (ATNT40K) -- C:\WINDOWS\SYSTEM32\DRIVERS\ATNT40K.SYS ()
DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (DeviceGuys, Inc.)
DRV - (LHidKe) -- C:\WINDOWS\system32\drivers\LHidKE.Sys (Logitech, Inc.)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMOUKE.sys (Logitech, Inc.)
DRV - (LHidUsbK) -- C:\WINDOWS\system32\drivers\LHidUsbK.sys (Logitech, Inc.)
DRV - (Symmpi) -- C:\WINDOWS\system32\DRIVERS\symmpi.sys (LSI Logic)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (TwoTrack) -- C:\WINDOWS\system32\drivers\TwoTrack.sys (IBM Corporation)
DRV - (ac97intc) Intel® 82801 Audio Driver Install Service (WDM) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://world.company.comIE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://world.company.comIE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" =
http://autoproxy.com...m/autoproxy.pac IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://world.company.comIE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" =
http://autoproxy.com...m/autoproxy.pac IE - HKU\S-1-5-21-436374069-879983540-682003330-508785\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-436374069-879983540-682003330-508785\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-436374069-879983540-682003330-508785\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-436374069-879983540-682003330-508785\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {E0B8C461-F8FB-49b4-8373-FE32E9252800}:3.0.0.65223
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.20
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/15 11:02:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/06 09:35:03 | 000,000,000 | ---D | M]
[2010/02/21 14:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\Mozilla\Extensions
[2010/10/15 18:03:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\Mozilla\Firefox\Profiles\jvyyvo5k.default\extensions
[2010/04/27 18:48:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\mattM02\Application Data\Mozilla\Firefox\Profiles\jvyyvo5k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/08 12:42:36 | 000,000,000 | ---D | M] (Billeo) -- C:\Documents and Settings\mattM02\Application Data\Mozilla\Firefox\Profiles\jvyyvo5k.default\extensions\{4be68a18-deba-49e0-9e09-ee7796f3b62a}
[2010/03/23 14:51:38 | 000,000,000 | ---D | M] (Woot Watcher) -- C:\Documents and Settings\mattM02\Application Data\Mozilla\Firefox\Profiles\jvyyvo5k.default\extensions\{a92aadf8-193f-4a62-8740-5cce81775afc}
[2010/07/22 14:45:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\Mozilla\Firefox\Profiles\jvyyvo5k.default\extensions\
[email protected][2010/03/23 14:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\Mozilla\Firefox\Profiles\jvyyvo5k.default\extensions\
[email protected][2010/02/21 14:00:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/31 21:07:00 | 000,023,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll
[2010/07/12 12:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
O1 HOSTS File: ([2010/10/16 02:20:29 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll (Google Inc.)
O2 - BHO: (IePasswordManagerHelper Class) - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [BLOG] C:\Program Files\ThinkPad\Utilities\BATLOGEX.DLL ()
O4 - HKLM..\Run: [cssauth] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [EdWizard] C:\Program Files\Utimaco\SafeGuard Easy\EdWizard.exe (Utimaco Safeware AG)
O4 - HKLM..\Run: [EZEJMNAP] C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)
O4 - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (Authentec,Inc)
O4 - HKLM..\Run: [gemstrmw] C:\WINDOWS\System32\gemstrmw.exe (Gemplus)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [LPMailChecker] C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [LPManager] C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [McAfee Host Intrusion Prevention Tray] C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [pSGEState] C:\Program Files\Utimaco\Safeguard Easy\pSGEState.exe ()
O4 - HKLM..\Run: [PWRMGRTR] C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [RegTool] C:\Program Files\Gemplus\GemSafe Libraries\BIN\RegTool.exe (Gemplus)
O4 - HKLM..\Run: [Samsung Common SM] C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe (Samsung Electronics.)
O4 - HKLM..\Run: [SgeEcView] C:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe (Utimaco Safeware AG)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [TpShocks] C:\WINDOWS\System32\TpShocks.exe (Lenovo.)
O4 - HKU\.DEFAULT..\Run: [Communicator] C:\Program Files\Microsoft Office Communicator\Communicator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [Communicator] C:\Program Files\Microsoft Office Communicator\Communicator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-436374069-879983540-682003330-508785..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\mattM02\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\mattM02\Start Menu\Programs\Startup\Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: nodrivetypeautorun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-879983540-682003330-508785\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-436374069-879983540-682003330-508785\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-436374069-879983540-682003330-508785\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O7 - HKU\S-1-5-21-436374069-879983540-682003330-508785\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKU\S-1-5-21-436374069-879983540-682003330-508785\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 1
O7 - HKU\S-1-5-21-436374069-879983540-682003330-508785\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-436374069-879983540-682003330-508785\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: p2l.company.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: company.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: company.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: company.com ([pdocs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: company.com ([pdocsstg] http in Trusted sites)
O15 - HKLM\..Trusted Domains: companyhealthydirections.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: accenture.com ([sms-company] https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: accenture.com ([sms-company-dev] https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: activestrategy.com ([company] https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: COM.BR ([banklineplus.itau] https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: COM.BR ([rie.secureweb] https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: COM.BR ([www.secureweb] https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: COM.BR ([WWW2.BRY] https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: com.mx ([]https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: emotion.com ([company] http in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: gov.in ([tender.eprocurement] https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: gov.sg ([mytax.iras] https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: livemeeting.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: microsoft.com ([office] http in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: p2l.company.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([]* in Local intranet)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([*.p2l] https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([kvs01] * in Local intranet)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([kvs02] * in Local intranet)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([kvsmba01] * in Local intranet)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([kvsmba02] * in Local intranet)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([pdocs] http in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([pdocsstg] http in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: companyhealthydirections.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: webex.com ([companyconnect] https in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([*.labs] * in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([*.pr] * in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([*.pri] * in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([*.wai] * in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([*.war] * in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([vanweb.labs] http in Trusted sites)
O15 - HKU\S-1-5-21-436374069-879983540-682003330-508785\..Trusted Domains: company.com ([webex] https in Trusted sites)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.mi...b?1287103824578 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8D5D65AC-273D-491E-8874-BBB4B63DEA67}
http://ecf.company.c...033/DSigRes.cab (DigitalSignatures Resources Control Class)
O16 - DPF: {CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
http://java.sun.com/...-131_01-win.cab (Java Plug-in 1.3.1_01)
O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_01)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {FCADE536-93F5-4577-80A3-E7C32FAC4C7D}
http://qualitycenter...in/Spider10.cab (Loader Class v5)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = amer.company.com
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (tvt_gina.dll) - C:\WINDOWS\System32\tvt_gina.dll (Lenovo)
O20 - Winlogon\Notify\ATFUS: DllName - C:\WINDOWS\system32\FpWinLogonNp.dll - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\NotLog: DllName - SGLogEx.dll - C:\WINDOWS\System32\SGLogEx.dll (Utimaco Safeware AG)
O20 - Winlogon\Notify\psfus: DllName - C:\WINDOWS\system32\psqlpwd.dll - C:\WINDOWS\system32\psqlpwd.dll (UPEK Inc.)
O20 - Winlogon\Notify\SGLogNotification: DllName - SGLogNotification.dll - C:\WINDOWS\System32\SGLogNotification.dll (Utimaco Safeware AG)
O20 - Winlogon\Notify\tpfnf2: DllName - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll - C:\Program Files\Lenovo\HOTKEY\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - C:\Program Files\Lenovo\HOTKEY\tphklock.dll - C:\Program Files\Lenovo\HOTKEY\tphklock.dll (Lenovo Group Limited)
O24 - Desktop WallPaper: C:\Documents and Settings\mattM02\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\mattM02\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/21 15:39:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: McAfeeEngineService - C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe (McAfee, Inc.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: WebrootSpySweeperService - Reg Error: Value error.
SafeBootMin: WRConsumerService - Reg Error: Value error.
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: client32 - C:\Program Files\NetSupport\NetSupport Manager\client32.exe (NetSupport Ltd)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WebrootSpySweeperService - Reg Error: Value error.
SafeBootNet: WRConsumerService - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {00001111-45A3-4914-4DBA-B25D54854CE3} - C:\WINDOWS\company\IETRUS~1.0\PerUser.exe
ActiveX: {08538B4C-105A-4BD5-E8B4-8F0BC1038940} - C:\WINDOWS\company\OFFICE~1\PerUser.exe /S
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {0EEB34F6-991D-4a1b-8EEB-772DA0EADB22} - Microsoft Office Communicator 2005
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {10EFA767-8710-400C-AD8F-88CB6DD5F5C4} - C:\WINDOWS\company\OFFICE~1.0\PerUser.exe /S
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {17599311-A6DA-459A-6493-D3F804FB1AA0} - C:\WINDOWS\company\BOXIR2~1.5SP\PerUser.exe /S
ActiveX: {1988BFB9-8BC7-4F91-2EA1-721AC254551D} - C:\WINDOWS\company\PHOTOS~1\PerUser.exe /S
ActiveX: {1F0A5400-614B-4C41-8DB0-79C45B014F75} - C:\WINDOWS\company\NETMEE~1.01\PerUser.exe /S
ActiveX: {1FFED32A-26D0-49CC-06AA-30A1355945CD} - C:\WINDOWS\company\IEPROX~1.0\PerUser.exe
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2A255F0E-D91A-4644-97A4-0553F1C8A0B5} - C:\WINDOWS\company\LenovoFPS\PerUser.exe /S
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {363A1B14-2EA2-4CF0-FD8D-CAACBA670BF3} - C:\WINDOWS\company\ACROBA~1.0\PerUser.exe /S
ActiveX: {36563AB8-5AAA-4C6E-72BE-411B5F247109} - C:\WINDOWS\company\FLASHA~1\PerUser.exe /S
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3AC2D64A-733F-4B78-6C8D-A71005E4D18} - C:\WINDOWS\company\JRE160~1.12\PerUser.exe /S
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4B9C1B32-D4EF-4453-A5B5-E5AAC3A862C3} - C:\WINDOWS\company\FLASHS~1.0\PerUser.exe /S
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {573DBEA3-5487-4220-E8AA-F870A5D66C7B} - C:\WINDOWS\company\FIBERL~1.6\PerUser.exe /S
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - Windows Messenger 5.1
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5D2DE268-1C82-4BD0-539B-A90BD98FDE12} - C:\WINDOWS\company\companyI~1.0\PerUser.exe /S
ActiveX: {5FC4E575-FDA7-4CA9-36A1-E89EBFA5C8F0} - \PerUser.exe /S
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {620514D4-CAEE-46A6-908C-4ABB2F37CE25} - C:\WINDOWS\company\OUTLOO~2.0\PerUser.exe /S
ActiveX: {625F8360-1E32-4ABB-B8A6-F1FB8FCAF672} - C:\WINDOWS\company\Office Communicator 2005 1.0.559\PerUser.exe /S
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {64BDDD02-24A3-44E9-A481-4A9F83FCCB74} - C:\WINDOWS\company\TOOLBA~1.1\PerUser.exe /S
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6C6036C5-CCBF-426B-EFB8-56B22548B74C} - C:\WINDOWS\company\PGPCUS~1.0\PerUser.exe /S
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {751226CF-45A3-4914-4DBA-B25D54854CE3} - C:\WINDOWS\company\IETRUS~1.0\PerUser.exe
ActiveX: {7648A138-67EB-4395-CBB3-2C4F1D504F2E} - C:\WINDOWS\company\IEPOPU~1.0\PerUser.exe
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {7C7CD628-A712-4F9B-D8BE-FDF36AC6297C} - C:\Drivers\APPS\PerUser.exe /S
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A3F41FC6-8282-4c1d-BED5-2582250EC54F} - C:\WINDOWS\company\PCODES~1.0F\PerUser.exe
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{638F981D-A81F-4B0B-9919-E532B1EE7BE5} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: >{78432C13-E129-47FB-FB98-736CE2B9CFB7} - C:\WINDOWS\company\OUTLOO~1.0\PerUser.exe
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{FEEFFEB8-58E2-4E60-E4A2-20103AC7C47C} - C:\WINDOWS\company\FIBERL~1.6\PerUser2.exe /S
ActiveX: >{FFFF2021-2040-4C4C-64AA-9DEC6A2CD8C1} - C:\WINDOWS\company\PCODEI~1.0\PerUser.exe /S
ActiveX: >{FFFFF312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\company\WINDOW~1\PerUser.exe
ActiveX: >{FFFFFFBE-EB18-45CE-8AAC-3FB10D2EE027} - C:\WINDOWS\company\INTERN~1.0\PerUser.exe
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
========== Files/Folders - Created Within 90 Days ========== [2099/01/01 12:00:00 | 003,782,822 | ---- | C] (DownloadHelper ) -- \\mopcitnas06\mattm02$\My Documents\ConvertHelperSetup.exe
[2099/01/01 12:00:00 | 000,000,000 | --SD | C] -- \\mopcitnas06\mattm02$\My Documents\SharePoint Drafts
[2099/01/01 12:00:00 | 000,000,000 | --SD | C] -- \\mopcitnas06\mattm02$\My Documents\My Web Sites
[2099/01/01 12:00:00 | 000,000,000 | --SD | C] -- \\mopcitnas06\mattm02$\My Documents\My Shapes
[2099/01/01 12:00:00 | 000,000,000 | --SD | C] -- \\mopcitnas06\mattm02$\My Documents\My Data Sources
[2099/01/01 12:00:00 | 000,000,000 | R--D | C] -- \\mopcitnas06\mattm02$\My Documents\My Pictures
[2099/01/01 12:00:00 | 000,000,000 | R--D | C] -- \\mopcitnas06\mattm02$\My Documents\My Music
[2099/01/01 12:00:00 | 000,000,000 | -HSD | C] -- \\mopcitnas06\mattm02$\My Documents\RECYCLER
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\Wireless
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\WebEx
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\VMCLite
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\Visual Studio 2005
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\Updater5
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\SyncToyData
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\Snagit Stamps
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\SnagIt Catalog
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\Snagit
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\pfe
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\My Videos
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\My Oce Printer Driver Templates
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\My Meetings
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\My Maps
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\My eBooks
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\My Business Objects Documents
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\mjm - old
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\Microsoft Visual Studio Tools for Applications
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\InfoPath Projects
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\eRoom Files for Offline Editing
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\Downloads
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\BlackBerry
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- \\mopcitnas06\mattm02$\My Documents\Adobe PDF 6.0
[2010/10/16 11:42:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\mattM02\Recent
[2010/10/16 10:52:52 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/10/16 10:06:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010/10/16 09:52:44 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010/10/16 01:29:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/10/16 01:25:38 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/10/16 01:25:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/10/16 01:25:36 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/10/16 01:25:36 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/10/16 01:25:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/16 01:25:15 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/10/16 01:24:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/16 01:24:36 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/10/15 16:29:21 | 000,000,000 | ---D | C] -- C:\2060e3e07a73307b53
[2010/10/15 10:46:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Webroot
[2010/10/15 08:54:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mattM02\Application Data\Office Genuine Advantage
[2010/10/15 08:23:37 | 000,040,328 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\HIPIS0e011b3.dll
[2010/10/14 22:40:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-HK
[2010/10/14 22:37:31 | 000,532,480 | ---- | C] (Trend Micro Incorporated) -- C:\Documents and Settings\mattM02\Desktop\cwshredder.exe
[2010/10/14 19:14:46 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/10/14 19:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mattM02\Local Settings\Application Data\PackageAware
[2010/10/14 19:00:06 | 005,837,848 | ---- | C] (Webroot Software, Inc. ) -- C:\Documents and Settings\mattM02\Desktop\WRInstallSnr_99999.exe
[2010/10/13 13:09:10 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Documents\Server
[2010/09/11 18:34:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FreeRIP
[2010/09/11 18:33:58 | 000,000,000 | ---D | C] -- C:\Program Files\FreeRIP3
[2010/09/07 10:59:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Roxio
[2010/09/07 10:59:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mattM02\Application Data\Roxio
[2010/09/07 10:52:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mattM02\Application Data\InstallShield
[2010/09/07 10:52:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2010/09/07 10:49:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2010/09/07 10:49:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2010/08/26 10:38:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mattM02\Application Data\webex
[2010/08/26 10:37:43 | 000,036,864 | ---- | C] (WebEx Communications, Inc) -- C:\Documents and Settings\mattM02\atwbxdet.dll
[2010/08/16 13:23:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010/08/15 12:55:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mattM02\Application Data\CVS
[2010/08/15 12:55:39 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\mattM02\*.tmp files -> C:\Documents and Settings\mattM02\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 \\mopcitnas06\mattm02$\My Documents\*.tmp files -> \\mopcitnas06\mattm02$\My Documents\*.tmp -> ]
========== Files - Modified Within 90 Days ========== [2010/10/17 18:22:49 | 000,040,866 | ---- | M] () -- C:\WINDOWS\System32\api_hook_list.dat
[2010/10/17 18:19:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/17 18:19:44 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/10/17 18:19:38 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/17 18:18:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/17 18:18:40 | 2072,010,752 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/17 18:18:37 | 000,000,008 | ---- | M] () -- C:\WINDOWS\System32\pcisys.ntk
[2010/10/17 18:13:01 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2010/10/17 17:53:07 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-879983540-682003330-508785UA.job
[2010/10/17 17:52:01 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/17 08:33:06 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7064549A-867A-4424-B1B6-1B44E64DA9AF}.job
[2010/10/16 11:45:28 | 000,002,287 | ---- | M] () -- C:\Documents and Settings\mattM02\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/16 11:02:26 | 000,080,542 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\cc_20101016_110205.reg
[2010/10/16 02:20:29 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/10/16 01:29:30 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010/10/15 18:05:50 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\gmer.exe
[2010/10/15 12:53:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-879983540-682003330-508785Core.job
[2010/10/15 09:41:54 | 000,461,076 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/15 09:41:54 | 000,077,704 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/15 08:23:10 | 000,255,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 22:37:33 | 000,532,480 | ---- | M] (Trend Micro Incorporated) -- C:\Documents and Settings\mattM02\Desktop\cwshredder.exe
[2010/10/14 19:00:14 | 005,837,848 | ---- | M] (Webroot Software, Inc. ) -- C:\Documents and Settings\mattM02\Desktop\WRInstallSnr_99999.exe
[2010/10/14 17:14:03 | 000,007,305 | ---- | M] () -- C:\WirelessDiagLog.csv
[2010/10/14 12:45:31 | 000,023,933 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Governance and Operations Team Status Report.docx
[2010/10/14 12:33:04 | 000,025,371 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Governance and Operations Team Status Report.dotx
[2010/10/12 10:34:07 | 000,062,464 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\Gridiron Games Flyer 2010 - FINAL.doc
[2010/10/11 19:23:27 | 000,149,024 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Demand Management Monthly Report - October 2010.pptx
[2010/10/11 14:48:16 | 000,084,490 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource Utiliziation by Business Process Cluster.xlsm
[2010/10/08 15:19:27 | 000,060,348 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\16 Sept Marketing Resource Utiliziation by Business Process Cluster.xlsx
[2010/10/08 15:19:27 | 000,000,165 | -H-- | M] () -- C:\Documents and Settings\mattM02\Desktop\~$16 Sept Marketing Resource Utiliziation by Business Process Cluster.xlsx
[2010/10/08 14:29:17 | 000,081,408 | ---- | M] () -- C:\Documents and Settings\mattM02\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/08 12:20:08 | 000,647,085 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource and Demand Management - TL Discussion - 20101008.pptx
[2010/10/08 12:20:05 | 000,000,165 | -H-- | M] () -- C:\Documents and Settings\mattM02\Desktop\~$US SMSC Resource and Demand Management - TL Discussion - 20101008.pptx
[2010/10/08 09:59:37 | 000,000,165 | -H-- | M] () -- C:\Documents and Settings\mattM02\Desktop\~$US SMSC Project Approval Workflow.pptx
[2010/10/08 09:04:51 | 000,902,536 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\CXI_Services_Capabilities Matt.pptx
[2010/10/06 16:32:07 | 000,102,477 | ---- | M] () -- \\mopcitnas06\mattm02$\My Documents\DELETE.CSV
[2010/10/06 16:31:52 | 000,038,506 | ---- | M] () -- C:\Documents and Settings\mattM02\Application Data\Comma Separated Values (Windows).ADR
[2010/10/06 09:50:33 | 001,450,552 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\IMW14324USEN.PDF
[2010/10/05 16:25:00 | 000,420,605 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101014-185119.backup
[2010/10/05 12:22:30 | 000,029,655 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\Pre-Work for October 3 Day Work Session - WBB BT.docx
[2010/10/04 16:02:44 | 000,383,939 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Project Approval Workflow.pptx
[2010/10/03 22:53:21 | 000,010,304 | RHS- | M] () -- C:\Documents and Settings\mattM02\ntuser.pol
[2010/09/29 09:58:35 | 000,409,600 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\Risk Based Testing Process Rel Diagram with Bus Processes.vsd
[2010/09/29 09:58:09 | 000,118,393 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\Risk Based Testing and Verification Process Building Diagram.pptx
[2010/09/29 09:57:08 | 000,407,040 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\Guidelines for Risk Based Testing Process.doc
[2010/09/28 18:21:34 | 000,475,648 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\Risk Based Testing and Verification Process SOP.doc
[2010/09/28 18:00:29 | 000,016,423 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Governance and Operations - 60 Day Plan - 20100928.xlsx
[2010/09/28 15:23:53 | 000,013,770 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\60 Day Plan.xlsx
[2010/09/27 16:51:37 | 000,452,608 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\SMSC Project Approval Request - PROJECT NAME - YYYYMMDD.ppt
[2010/09/24 10:35:40 | 001,721,344 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\Risk Approach Pre-Work Summary for 20-Sep-2010.ppt
[2010/09/23 15:43:59 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/21 11:56:17 | 000,499,200 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\2011 Project Portfolio - US.ppt
[2010/09/20 10:13:39 | 000,419,429 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20101005-162500.backup
[2010/09/17 17:38:25 | 000,009,192 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010/09/17 15:39:21 | 000,820,548 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\SMSC Contractor Analysis - 20100914.pptx
[2010/09/17 01:56:36 | 000,025,970 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Governance and Operations Team Status Report 20100917.docx
[2010/09/16 20:50:04 | 000,003,132 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\Event_Calendar_Roll-Up.dwp
[2010/09/16 15:40:09 | 000,023,971 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\GIDM SMSC Contractor Data - Sept 07 2010.xlsx
[2010/09/15 15:36:18 | 000,013,925 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\Traditional Commercial Business Model Process Definitions.xlsx
[2010/09/14 10:25:56 | 000,369,098 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\SMSC Project Communication Template.pptx
[2010/09/11 18:42:48 | 000,000,033 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
[2010/09/11 18:42:46 | 000,000,090 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010/09/11 18:34:09 | 000,001,264 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\ss.ini
[2010/09/09 01:22:30 | 000,136,512 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\System32\KevlarSigs.dll
[2010/09/08 14:56:52 | 000,076,437 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US_SMSC_Resource_Utiliziation_by_Business_Process_Cluster.xlsx
[2010/09/03 11:53:46 | 000,144,685 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\smsc resource and demand mgmt.jpg
[2010/08/26 10:37:43 | 000,036,864 | ---- | M] (WebEx Communications, Inc) -- C:\Documents and Settings\mattM02\atwbxdet.dll
[2010/08/23 07:55:33 | 000,000,455 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2010/08/17 13:01:53 | 001,076,436 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\SMSC Organization Structure.pptx
[2010/08/13 17:10:16 | 000,416,709 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100920-101339.backup
[2010/08/04 23:24:41 | 000,069,114 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource Utiliziation by Business Process Cluster.xlsx
[2010/08/04 23:24:41 | 000,069,114 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource Utiliziation by Business Process Cluster - 20100803.xlsx
[2010/08/04 16:04:25 | 000,069,233 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource Utiliziation by Business Process Cluster - YYYYMMDD.xlsx
[2010/08/02 15:56:13 | 000,077,152 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource Utiliziation.xlsm
[2010/08/02 13:08:31 | 000,070,249 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource Utiliziation.xlsx
[2010/07/25 14:54:28 | 000,432,735 | ---- | M] () -- \\mopcitnas06\mattm02$\My Documents\SMSC GIDM Data - 20100713.xlsx
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\mattM02\*.tmp files -> C:\Documents and Settings\mattM02\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 \\mopcitnas06\mattm02$\My Documents\*.tmp files -> \\mopcitnas06\mattm02$\My Documents\*.tmp -> ]
========== Files Created - No Company Name ========== [2099/01/01 12:00:00 | 672,482,304 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\outlook.ost
[2099/01/01 12:00:00 | 006,976,189 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\Backup-(2008-05-09).ipd
[2099/01/01 12:00:00 | 002,359,296 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\My Money.mny
[2099/01/01 12:00:00 | 001,537,536 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\CDP Overview.ppt
[2099/01/01 12:00:00 | 001,334,784 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\2008 04 11 - SSO Implementation and Overview Document - KF.ppt
[2099/01/01 12:00:00 | 001,331,712 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\2008 04 11 - SSO Implementation and Overview Document - WA.ppt
[2099/01/01 12:00:00 | 001,001,898 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\2.pptx
[2099/01/01 12:00:00 | 000,763,607 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\4.pptx
[2099/01/01 12:00:00 | 000,623,799 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\CUE Release Management - 091012.pptx
[2099/01/01 12:00:00 | 000,600,307 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\SFA Operating Expense Comparison - ECMS vs CUE vs Legacy company (SalesWorks) - 100112.pptx
[2099/01/01 12:00:00 | 000,548,474 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\CUE PMO - Proposed Service Operation Report Template and Medical Update.pptx
[2099/01/01 12:00:00 | 000,432,735 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\SMSC GIDM Data - 20100713.xlsx
[2099/01/01 12:00:00 | 000,355,897 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\Mapping Matrix 2-22-10 -mm.xlsx
[2099/01/01 12:00:00 | 000,253,544 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\cc_20090809_222659.reg
[2099/01/01 12:00:00 | 000,102,477 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\DELETE.CSV
[2099/01/01 12:00:00 | 000,087,114 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\MMX7RegistryBackup_11-7-2009_12.10.59.reg
[2099/01/01 12:00:00 | 000,078,380 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\ECMS - Service Delivery Memo - March 2008.pdf
[2099/01/01 12:00:00 | 000,043,008 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\CUE Goals to Objectives.xls
[2099/01/01 12:00:00 | 000,012,504 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\CP-SH - MM Updates.xlsx
[2099/01/01 12:00:00 | 000,011,437 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\Red Box - Ed Gemo - 20100409 Updates.xlsx
[2099/01/01 12:00:00 | 000,009,009 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\4-1c Tickets.xlsx
[2099/01/01 12:00:00 | 000,000,000 | ---- | C] () -- \\mopcitnas06\mattm02$\My Documents\EPM_Module_1.0_Overview.ppt
[2010/10/17 18:22:40 | 000,040,866 | ---- | C] () -- C:\WINDOWS\System32\api_hook_list.dat
[2010/10/17 17:51:15 | 2072,010,752 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/17 17:49:34 | 000,001,024 | ---- | C] () -- C:\.rnd
[2010/10/17 08:53:45 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\gmer.exe
[2010/10/16 11:45:28 | 000,002,287 | ---- | C] () -- C:\Documents and Settings\mattM02\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/16 11:02:10 | 000,080,542 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\cc_20101016_110205.reg
[2010/10/16 01:29:30 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/10/16 01:29:27 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/10/16 01:25:39 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/10/16 01:25:36 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/10/16 01:25:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/10/16 01:25:36 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/10/16 01:25:36 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/10/14 17:13:37 | 000,007,305 | ---- | C] () -- C:\WirelessDiagLog.csv
[2010/10/14 12:33:04 | 000,025,371 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Governance and Operations Team Status Report.dotx
[2010/10/14 12:15:45 | 000,023,933 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Governance and Operations Team Status Report.docx
[2010/10/12 10:34:06 | 000,062,464 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\Gridiron Games Flyer 2010 - FINAL.doc
[2010/10/11 14:48:15 | 000,084,490 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource Utiliziation by Business Process Cluster.xlsm
[2010/10/11 12:21:52 | 000,149,024 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Demand Management Monthly Report - October 2010.pptx
[2010/10/08 15:19:27 | 000,060,348 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\16 Sept Marketing Resource Utiliziation by Business Process Cluster.xlsx
[2010/10/08 15:19:27 | 000,000,165 | -H-- | C] () -- C:\Documents and Settings\mattM02\Desktop\~$16 Sept Marketing Resource Utiliziation by Business Process Cluster.xlsx
[2010/10/08 12:20:05 | 000,647,085 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource and Demand Management - TL Discussion - 20101008.pptx
[2010/10/08 12:20:05 | 000,000,165 | -H-- | C] () -- C:\Documents and Settings\mattM02\Desktop\~$US SMSC Resource and Demand Management - TL Discussion - 20101008.pptx
[2010/10/08 09:59:37 | 000,000,165 | -H-- | C] () -- C:\Documents and Settings\mattM02\Desktop\~$US SMSC Project Approval Workflow.pptx
[2010/10/08 09:04:49 | 000,902,536 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\CXI_Services_Capabilities Matt.pptx
[2010/10/06 16:31:52 | 000,038,506 | ---- | C] () -- C:\Documents and Settings\mattM02\Application Data\Comma Separated Values (Windows).ADR
[2010/10/06 09:50:28 | 001,450,552 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\IMW14324USEN.PDF
[2010/10/04 09:01:23 | 000,383,939 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Project Approval Workflow.pptx
[2010/09/29 09:58:35 | 000,409,600 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\Risk Based Testing Process Rel Diagram with Bus Processes.vsd
[2010/09/29 09:58:08 | 000,118,393 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\Risk Based Testing and Verification Process Building Diagram.pptx
[2010/09/29 09:57:08 | 000,407,040 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\Guidelines for Risk Based Testing Process.doc
[2010/09/29 09:56:54 | 000,475,648 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\Risk Based Testing and Verification Process SOP.doc
[2010/09/28 18:31:01 | 000,029,655 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\Pre-Work for October 3 Day Work Session - WBB BT.docx
[2010/09/28 15:24:27 | 000,016,423 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Governance and Operations - 60 Day Plan - 20100928.xlsx
[2010/09/28 15:23:53 | 000,013,770 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\60 Day Plan.xlsx
[2010/09/24 10:35:37 | 001,721,344 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\Risk Approach Pre-Work Summary for 20-Sep-2010.ppt
[2010/09/20 17:25:34 | 000,499,200 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\2011 Project Portfolio - US.ppt
[2010/09/17 15:39:20 | 000,820,548 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\SMSC Contractor Analysis - 20100914.pptx
[2010/09/17 01:57:03 | 000,025,970 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Governance and Operations Team Status Report 20100917.docx
[2010/09/16 20:50:09 | 000,003,132 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\Event_Calendar_Roll-Up.dwp
[2010/09/16 15:40:09 | 000,023,971 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\GIDM SMSC Contractor Data - Sept 07 2010.xlsx
[2010/09/15 15:35:42 | 000,013,925 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\Traditional Commercial Business Model Process Definitions.xlsx
[2010/09/14 10:30:39 | 000,452,608 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\SMSC Project Approval Request - PROJECT NAME - YYYYMMDD.ppt
[2010/09/14 10:25:56 | 000,369,098 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\SMSC Project Communication Template.pptx
[2010/09/11 18:42:48 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
[2010/09/11 18:36:46 | 000,000,090 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/09/11 18:34:09 | 000,001,264 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ss.ini
[2010/09/08 14:56:54 | 000,076,437 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US_SMSC_Resource_Utiliziation_by_Business_Process_Cluster.xlsx
[2010/09/07 10:54:03 | 000,000,344 | ---- | C] () -- C:\Documents and Settings\mattM02\Application Data\BBMS_EXCEPTION.txt
[2010/09/07 09:44:20 | 000,000,077 | ---- | C] () -- C:\Documents and Settings\mattM02\Application Data\Rim.Desktop.Exception.log
[2010/09/03 11:48:29 | 000,144,685 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\smsc resource and demand mgmt.jpg
[2010/08/17 13:01:50 | 001,076,436 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\SMSC Organization Structure.pptx
[2010/08/16 13:24:06 | 000,000,857 | ---- | C] () -- C:\Documents and Settings\mattM02\Application Data\Rim.Desktop.HttpServerSetup.log
[2010/08/04 16:09:29 | 000,069,114 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource Utiliziation by Business Process Cluster.xlsx
[2010/08/04 16:09:29 | 000,069,114 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource Utiliziation by Business Process Cluster - 20100803.xlsx
[2010/08/02 21:44:46 | 000,069,233 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource Utiliziation by Business Process Cluster - YYYYMMDD.xlsx
[2010/08/02 15:56:11 | 000,077,152 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource Utiliziation.xlsm
[2010/07/20 14:44:12 | 000,070,249 | ---- | C] () -- C:\Documents and Settings\mattM02\Desktop\US SMSC Resource Utiliziation.xlsx
[2010/07/08 10:32:03 | 000,091,154 | ---- | C] () -- C:\WINDOWS\System32\CcmFramework.ini
[2010/07/08 10:09:10 | 000,000,223 | ---- | C] () -- C:\WINDOWS\mercury.ini
[2010/05/10 08:02:10 | 000,000,990 | -HS- | C] () -- C:\Documents and Settings\mattM02\Application Data\systemfl.$dk
[2010/01/31 16:49:09 | 000,001,362 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2010/01/30 18:53:04 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\mattM02\Local Settings\Application Data\keyfile3.drm
[2009/10/19 22:36:04 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SgHtmHlp040C.Dll
[2009/10/19 22:36:04 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SgHtmHlp0409.Dll
[2009/10/19 22:36:04 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SgHtmHlp0407.Dll
[2009/10/19 22:36:04 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SgeMigWz040C.DLL
[2009/10/19 22:36:04 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SgeMigWz0407.DLL
[2009/10/19 22:36:01 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\SgeCompConfig.dll
[2009/10/19 22:36:01 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\SGE_MSG0409.dll
[2009/10/19 22:36:01 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\SgeCtlps.Dll
[2009/10/19 22:36:01 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\SgeComp040C.dll
[2009/10/19 22:36:01 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\SgeComp0409.dll
[2009/10/19 22:36:01 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\SgeComp0407.dll
[2009/10/19 22:36:01 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\SgeAdm040C.dll
[2009/10/19 22:36:01 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\SgeAdm0407.dll
[2009/10/19 22:36:01 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SgeDrse040C.dll
[2009/10/19 22:36:01 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SgeDrse0407.dll
[2009/10/19 22:36:01 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SGECRYPT040C.Dll
[2009/10/19 22:36:01 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SGECRYPT0407.Dll
[2009/10/19 22:36:01 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SgeAdm0409.dll
[2009/10/19 22:36:00 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SGE_ERR040C.dll
[2009/10/19 22:36:00 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SGE_ERR0409.dll
[2009/10/19 22:36:00 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SGE_ERR0407.dll
[2009/10/19 22:36:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SGE_MSG040C.dll
[2009/10/19 22:36:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SGE_MSG0407.dll
[2009/10/19 22:36:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\SecClassFactoryPs.dll
[2009/10/19 22:36:00 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\PropManager040C.dll
[2009/10/19 22:36:00 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\PropManager0407.dll
[2009/10/19 22:36:00 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\propmanager0409.dll
[2009/10/19 22:36:00 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\Evt_Msg040C.dll
[2009/10/19 22:36:00 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\Evt_Msg0407.dll
[2009/10/19 22:36:00 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\EDWizard0407.Dll
[2009/10/19 22:36:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SGE_INFO040C.dll
[2009/10/19 22:36:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SGE_INFO0409.dll
[2009/10/19 22:36:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SGE_INFO0407.dll
[2009/10/19 22:36:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SgChall040C.Dll
[2009/10/19 22:36:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\SgChall0407.Dll
[2009/10/19 22:36:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\Evt_Msg0409.dll
[2009/10/19 22:35:59 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\WksCfgSrvps.dll
[2009/10/19 22:35:59 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\EDWizard040C.Dll
[2009/10/19 22:35:59 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\DCOMSec0409.dll
[2009/10/19 22:35:59 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\EcView040C.dll
[2009/10/19 22:35:59 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\EcView0407.dll
[2009/10/19 22:35:59 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\CHGSAL040C.Dll
[2009/10/19 22:35:59 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\CHGSAL0407.Dll
[2009/09/26 19:58:47 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2009/09/22 16:20:47 | 000,001,136 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2009/09/21 14:49:30 | 000,081,408 | ---- | C] () -- C:\Documents and Settings\mattM02\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/16 13:39:56 | 005,243,345 | ---- | C] () -- C:\Documents and Settings\mattM02\Local Settings\Application Data\OfflineVaultPH.log
[2009/09/16 08:39:46 | 000,048,586 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xpif-v02030a.dtd
[2009/09/16 04:31:30 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009/09/16 04:31:29 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009/09/16 04:31:29 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009/09/16 04:31:29 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009/09/16 04:31:29 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009/09/16 04:31:29 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009/09/16 04:30:49 | 000,000,184 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/09/16 04:27:10 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2009/09/16 04:26:33 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2009/09/15 16:43:54 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/09/15 16:23:07 | 000,000,218 | ---- | C] () -- C:\WINDOWS\ORAODBC.INI
[2009/09/15 16:09:47 | 005,243,027 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\OfflineVaultPH.log
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/11/13 16:38:05 | 000,000,455 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/10/22 14:15:12 | 000,036,912 | ---- | C] () -- C:\WINDOWS\System32\pcimsg.dll
[2008/10/22 14:15:12 | 000,020,536 | ---- | C] () -- C:\WINDOWS\System32\pcivdd.dll
[2008/10/21 18:16:49 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2008/10/21 16:22:46 | 000,000,344 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.ini
[2008/10/21 11:28:21 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/09/05 14:14:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4990.dll
[2007/08/16 16:17:50 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll
[2007/01/03 11:24:36 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/01/03 11:22:46 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/01/03 11:22:14 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/09/29 20:52:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\jdde.dll
[2005/12/21 17:57:04 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll
[2005/12/21 17:54:34 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll
[2005/09/22 13:16:12 | 000,051,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2005/03/31 11:27:18 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\SGCleanLocalGPO.dll
[2004/05/24 18:33:18 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\ArcotOCSPUtil.dll
[2004/04/02 14:01:22 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\HPB1320V.DLL
[2002/03/13 15:46:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2001/07/31 10:17:12 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
========== LOP Check ========== [2010/09/11 18:34:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP
[2009/09/17 10:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2009/09/15 17:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lenovo
[2008/10/22 14:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NetSupport
[2009/09/16 04:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Network Associates
[2009/11/30 15:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\company
[2010/09/07 10:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2009/09/16 15:13:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2009/09/16 04:24:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UIB
[2010/03/08 18:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/04/28 09:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\Amazon
[2010/05/04 08:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/08/15 13:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\CVS
[2009/09/16 08:30:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\eRoom
[2009/10/14 09:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\evoffline3x
[2009/09/23 11:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\InterVideo
[2009/09/27 10:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\KeePass
[2009/09/16 08:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\Lenovo
[2010/09/07 09:44:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\Research In Motion
[2010/08/27 18:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\Tether
[2010/09/29 09:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\webex
[2009/09/16 08:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mattM02\Application Data\Windows Desktop Search
[2010/10/17 18:13:01 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
[2010/10/17 08:33:06 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7064549A-867A-4424-B1B6-1B44E64DA9AF}.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2010/10/17 18:19:44 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/05/04 08:00:28 | 000,002,460 | ---- | M] () -- C:\aaw7boot.log
[2009/11/05 08:27:01 | 000,085,464 | ---- | M] () -- C:\AMRNYCLL3CCC3N_AMRNYCLL3CCC3N.csv
[2008/10/21 15:39:58 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/05/24 09:10:46 | 000,077,856 | ---- | M] () -- C:\BACKUP.svf
[2009/09/16 04:17:30 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/10/16 01:29:30 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2010/10/16 02:26:26 | 000,370,224 | ---- | M] () -- C:\ComboFix.txt
[2008/10/21 15:39:58 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2010/10/17 18:18:40 | 2072,010,752 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2008/10/21 15:39:58 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/10/17 18:19:35 | 000,097,054 | ---- | M] () -- C:\Log.txt
[2010/09/20 10:39:10 | 000,000,109 | ---- | M] () -- C:\mbam-error.txt
[2008/10/21 15:39:58 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 05:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/10/17 18:18:38 | 3106,930,688 | -HS- | M] () -- C:\pagefile.sys
[2008/05/26 10:09:38 | 000,271,360 | ---- | M] () -- C:\Personal Folders.pst
[2008/05/13 14:43:18 | 000,120,395 | ---- | M] () -- C:\PerUser.exe
[2007/09/05 13:41:14 | 000,220,358 | ---- | M] () -- C:\SGEASY.exe
[2007/09/05 13:41:14 | 000,040,882 | ---- | M] () -- C:\SGEASY.hmf
[2007/09/05 13:41:12 | 000,075,728 | ---- | M] () -- C:\SGECRYPT.mod
[2007/09/05 13:41:12 | 000,070,200 | ---- | M] () -- C:\SGEKRNL.mod
[2007/09/05 13:41:12 | 000,005,584 | ---- | M] () -- C:\SGENLS.mod
[2010/05/10 08:03:24 | 000,000,605 | ---- | M] () -- C:\Sys_LogWin.log
[2010/10/16 01:14:28 | 000,003,078 | ---- | M] () -- C:\TDSSKiller.2.4.4.0_16.10.2010_00.35.43_log.txt
[2010/10/16 01:23:51 | 000,003,078 | ---- | M] () -- C:\TDSSKiller.2.4.4.0_16.10.2010_01.23.41_log.txt
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2010/10/14 17:14:03 | 000,007,305 | ---- | M] () -- C:\WirelessDiagLog.csv
< %systemroot%\Fonts\*.com >[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
< %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini >[2008/10/21 15:39:09 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.exe > < %systemroot%\system32\spool\prtprocs\w32x86\*.* >[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/04/04 21:01:40 | 000,272,896 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpcpp5r1.DLL
[2004/04/15 19:43:08 | 000,061,952 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\HPZPP041.DLL
[2008/05/30 16:29:56 | 000,084,480 | ---- | M] (Microsoft Corporation.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lmdippr8.dll
[2006/10/26 19:58:12 | 000,030,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr > < %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* > < %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav >[2008/10/21 11:26:35 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008/10/21 11:26:35 | 001,089,536 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008/10/21 11:26:35 | 000,909,312 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%\bak. /s > < %systemroot%\system32\bak. /s > < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[2008/10/21 15:40:07 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x > < %systemroot%\*.config > < %systemroot%\system32\*.db > < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[2009/09/16 08:31:53 | 000,000,060 | -HS- | M] () -- C:\Documents and Settings\mattM02\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2009/09/16 08:31:53 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\mattM02\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >[2010/10/14 22:37:33 | 000,532,480 | ---- | M] (Trend Micro Incorporated) -- C:\Documents and Settings\mattM02\Desktop\cwshredder.exe
[2010/10/15 18:05:50 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\mattM02\Desktop\gmer.exe
[2010/10/14 19:00:14 | 005,837,848 | ---- | M] (Webroot Software, Inc. ) -- C:\Documents and Settings\mattM02\Desktop\WRInstallSnr_99999.exe
< %PROGRAMFILES%\Common Files\*.* > < %systemroot%\*.src > < %systemroot%\install\*.* > < %systemroot%\system32\DLL\*.* > < %systemroot%\system32\HelpFiles\*.* > < %systemroot%\system32\rundll\*.* > < %systemroot%\winn32\*.* > < %systemroot%\Java\*.* >[2009/10/17 23:18:49 | 000,000,038 | ---- | M] () -- C:\WINDOWS\java\jagex_runescape_preferences.dat
[2009/10/17 20:25:16 | 000,000,045 | ---- | M] () -- C:\WINDOWS\java\jagex_runescape_preferences2.dat
< %systemroot%\system32\test\*.* > < %systemroot%\system32\Rundll32\*.* > < %systemroot%\AppPatch\Custom\*.* > < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x > < %PROGRAMFILES%\PC-Doctor\Downloads\*.* > < %PROGRAMFILES%\Internet Explorer\*.tmp > < %PROGRAMFILES%\Internet Explorer\*.dat > < %USERPROFILE%\My Documents\*.exe > < %USERPROFILE%\*.exe > < %systemroot%\ADDINS\*.* > < %systemroot%\assembly\*.bak2 > < %systemroot%\Config\*.* > < %systemroot%\REPAIR\*.bak2 > < %systemroot%\SECURITY\Database\*.sdb /x > < %systemroot%\SYSTEM\*.bak2 > < %systemroot%\Web\*.bak2 > < %systemroot%\Driver Cache\*.* > < %PROGRAMFILES%\Mozilla Firefox\0*.exe > < %ProgramFiles%\Microsoft Common\*.* > < %ProgramFiles%\TinyProxy. > < %USERPROFILE%\Favorites\*.url /x >[2009/09/16 08:31:53 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\mattM02\Favorites\Desktop.ini
< %systemroot%\system32\*.bk > < %systemroot%\*.te > < %systemroot%\system32\system32\*.* > < %ALLUSERSPROFILE%\*.dat /x >[2010/09/17 17:38:25 | 000,009,192 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
< %systemroot%\system32\drivers\*.rmv > < dir /b "%systemroot%\system32\*.exe" | find /i " " /c > < dir /b "%systemroot%\*.exe" | find /i " " /c > < %PROGRAMFILES%\Microsoft\*.* > < %systemroot%\System32\Wbem\proquota.exe > < %PROGRAMFILES%\Mozilla Firefox\*.dat > < %USERPROFILE%\Cookies\*.txt /x >[2010/05/16 13:40:39 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\mattM02\Cookies\desktop.ini
[2010/10/17 18:24:01 | 000,016,384 | -HS- | M] () -- C:\Documents and Settings\mattM02\Cookies\index.dat
< %SystemRoot%\system32\fonts\*.* > < %systemroot%\system32\winlog\*.* > < %systemroot%\system32\Language\*.* > < %systemroot%\system32\Settings\*.* > < %systemroot%\system32\*.quo > < %SYSTEMROOT%\AppPatch\*.exe > < %SYSTEMROOT%\inf\*.exe >[2007/06/26 22:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe
< %SYSTEMROOT%\Installer\*.exe > < %systemroot%\system32\config\*.bak2 > < %systemroot%\system32\Computers\*.* > < %SystemRoot%\system32\Sound\*.* > < %SystemRoot%\system32\SpecialImg\*.* > < %SystemRoot%\system32\code\*.* > < %SystemRoot%\system32\draft\*.* > < %SystemRoot%\system32\MSSSys\*.* > < %ProgramFiles%\Javascript\*.* > < %systemroot%\pchealth\helpctr\System\*.exe /s > < %systemroot%\Web\*.exe > < %systemroot%\system32\msn\*.* > < %systemroot%\system32\*.tro > < %AppData%\Microsoft\Installer\msupdates\*.* > < %ProgramFiles%\Messenger\*.exe >[2008/06/02 21:44:28 | 001,660,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\Msmsgs.exe
< %systemroot%\system32\systhem32\*.* > < %systemroot%\system\*.exe > < %USERPROFILE%\Templates\*.tmp > < %SYSTEMDRIVE%\explorexxx.exe\*.* > < %Windir%\Installer\*.tmp >[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
< %systemroot%\System32\*.xco > < %ProgramFiles%\system32\*.* > < %systemroot%\System32\windos\*.* > < %SystemRoot%\system32\sandbox\*.* > < %SystemRoot%\system32\*.amo > < %SystemRoot%\system32\Windows Live\*.* > < %ProgramFiles%\logs\*.* > < %ProgramFiles%\Bifrost\*.* > < %SystemRoot%\system32\*.goo > < %systemroot%\system32\IME\*.* > < %systemroot%\BackUp\*.* > < %systemroot%\system32\*.ico >[2005/03/14 01:01:38 | 000,008,478 | ---- | M] () -- C:\WINDOWS\system32\SP119.ICO
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system\*.dat > < %systemroot%\system\*.exe > < %AppData%\Macromedia\Common\*.* > < %SYSTEMDRIVE%\dir\*.* /s > < %systemroot%\system32\ras\*.exe > < %SYSTEMDRIVE%\MFILES\*.* > < %SYSTEMDRIVE%\mDNSRespon.exe\*.* > < %systemroot%\system32\services\*.* > < %systemroot%\Spooler\*.* > < %ProgramFiles%\system32\*.* > < %systemroot%\system32\Setup\*.dll /x > < %systemroot%\system32\*.mine > < %SYSTEMDRIVE%\cleansweep.exe\*.* > < %systemroot%\system32\ras\*.dll > < %systemroot%\system32\ras\*.drv > < %systemroot%\*.iq > < %systemroot%\system32\XP\*.* > < %SYSTEMDRIVE%\Extracted\*.* > < %systemroot%\system32\windows\*.* > < %systemroot%\logs\*.* >[2010/07/15 11:05:59 | 000,393,390 | ---- | M] () -- C:\WINDOWS\Logs\DirectX.log
< %SYSTEMDRIVE%\Win.Msi\*.* > < %systemroot%\regedit\*.* > < %systemroot%\system32\skype\*.* > < %AppData%\Adobe\dlluplwin25\*.* > < %UserProfile%\*.dat >[2010/02/06 22:23:12 | 000,000,039 | ---- | M] () -- C:\Documents and Settings\mattM02\jagex_runescape_preferences.dat
[2010/02/07 00:36:16 | 000,000,069 | ---- | M] () -- C:\Documents and Settings\mattM02\jagex_runescape_preferences2.dat
[2010/10/16 11:53:06 | 013,369,344 | ---- | M] () -- C:\Documents and Settings\mattM02\NTUSER.DAT
[2 C:\Documents and Settings\mattM02\*.tmp files -> C:\Documents and Settings\mattM02\*.tmp -> ]
< %UserProfile%\*.dll >[2010/08/26 10:37:43 | 000,036,864 | ---- | M] (WebEx Communications, Inc) -- C:\Documents and Settings\mattM02\atwbxdet.dll
[2 C:\Documents and Settings\mattM02\*.tmp files -> C:\Documents and Settings\mattM02\*.tmp -> ]
< %systemroot%\system32\*.sxo > < %SYSTEMDRIVE%\Gazma\*.* /s > < %systemroot%\system32\spynet\*.* > < %systemroot%\system32\System\*.* > < %appdata%\Microsoft\Windows\*.* > < %systemroot%\system32\WinDir\*.* > < %systemroot%\_\*.* > < %systemroot%\system32\windows32\*.* > < %ProgramFiles%\win\*.* > < %AppData%\Microsoft\CD Burning\*.* > < %systemroot%\*.cab > < %systemroot%\K.Backup\*.* > < %ProgramFiles%\Massenger\*.* > < %systemroot%\System32\*.doc > < %systemroot%\Office12\*.* > < %systemroot%\System32\Rundl32.exe\*.* > < %ProgramFiles%\yahoo.net\*.* > < %systemroot%\system32\*.igo > < %systemroot%\*.rew > < %systemroot%\System32\spool\DRIVERS\W32X86\3\*.exe >[2008/10/09 03:29:37 | 000,061,440 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPNRA.EXE
[2007/04/26 17:40:50 | 000,483,328 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\XBDSTAT.EXE
[2006/09/20 09:46:36 | 001,376,256 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\XFAXST32.EXE
[2006/09/20 09:46:46 | 000,827,392 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\XPHBK01.EXE
< %USERPROFILE%\.COMMgr\*.* > < %USERPROFILE%\Desktop\*.bat > < %PROGRAMFILES%\Common Files\Real\visualizations\*.* >[2009/10/13 19:47:00 | 000,043,008 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Visualizations\Annabelle.rpv
[2009/10/13 19:47:00 | 000,080,384 | ---- | M] () -- C:\Program Files\Common Files\Real\Visualizations\CosmicBelt.rpv
[2009/10/13 19:47:00 | 000,007,168 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Visualizations\Fire.rpv
[2009/10/13 19:47:00 | 000,007,680 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Visualizations\FreqBands.rpv
[2009/10/13 19:47:00 | 000,069,632 | ---- | M] () -- C:\Program Files\Common Files\Real\Visualizations\Nebula.rpv
< %PROGRAMFILES%\Internet Explorer\*.Jmp > < %PROGRAMFILES%\Windows NT\system\*.dll > < %systemroot%\system32\*.ext > < %systemroot%\system32\Com\*.cfg > < %systemroot%\system32\btz\*.* > < %systemroot%\system32\EMP\*.* > < %systemroot%\system32\expo\*.* > < %systemroot%\system32\inet2\*.* > < %systemroot%\system32\xrem\*.* > < %ProgramFiles%\Microsoft\*.* > < %systemroot%\usgwmt\*.* > < %ProgramFiles%\B\*.* > < %SYSTEMDRIVE%\lspp\*.* > < %systemroot%\Kral\*.* > < %SYSTEMDRIVE%\windowsdvd.exe\*.* > < %systemroot%\system32\*.ipo > < %SYSTEMDRIVE%\usxxxxxxxx.exe\*.* > < %systemroot%\system32\*.mof > < %systemroot%\*.atm > < %systemroot%\system32\svhost\*.* > < %ProgramFiles%\system32\*.* > < %ProgramFiles%\Docmentt\*.* > < %systemroot%\Help\*.vbs > < %ProgramFiles%\Windows WinSxs\*.* /s > < %ProgramFiles%\Outlook Express\IDT\*.* /s > < %ProgramFiles%\Microsoft Office\365\*.* /s > < %ProgramFiles%\Windows Live\*.* > < %systemroot%\system32\win32\*.* > < %SYSTEMDRIVE%\RECYCLER\*.* > < %systemroot%\Fresh1\*.* > < %ProgramFiles%\Kekj\*.* /s > < %systemroot%\GDU\*.* > < %systemroot%\KA\*.* > < %systemroot%\R\*.* > < %systemroot%\system32\*.fyo > < %USERPROFILE%\System\*.* > < %systemroot%\Source\*.* > < %systemroot%\system32\ac\*.* > < %ProgramFiles%\MSDN\*.* > < %AppData%\AdobeUM\winvcldll54\*.* /s > < %ProgramFiles%\Internet Explorer\*.ico > < %systemroot%\system32\*.ojo > < %systemroot%\system32\d323s\*.* > < %systemroot%\system32\re\*.* > < %UserProfile%\Microsoft\*.dll > < %UserProfile%\Microsoft\*.log > < %systemroot%\Bios\*.* > < %ProgramFiles%\Spool\*.* > < %ProgramFiles%\promp3\*.* > < %SYSTEMDRIVE%\Driver\*.* /s > < %SYSTEMDRIVE%\inetserver.exe\*.* > < %systemroot%\java\trustlib\*.* > < %ProgramFiles%\Common Files\designer\*.exe > < %ProgramFiles%\*. >[2010/06/21 12:00:06 | 000,000,000 | ---D | M] -- C:\Program Files\AAdvantage eShoppingSM Toolbar
[2010/05/04 08:57:45 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/04/28 09:47:04 | 000,000,000 | ---D | M] -- C:\Program Files\Amazon
[2010/01/31 16:48:06 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/09/15 16:07:00 | 000,000,000 | ---D | M] -- C:\Program Files\Arcot Systems
[2010/03/08 18:47:45 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/02/24 17:17:25 | 000,000,000 | ---D | M] -- C:\Program Files\Business Objects
[2010/10/16 01:24:43 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2008/10/22 14:07:30 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2010/10/16 01:36:13 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2008/10/21 15:35:47 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2009/09/16 04:16:34 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2009/09/16 04:24:57 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2010/04/22 09:39:34 | 000,000,000 | ---D | M] -- C:\Program Files\Educational Simulations
[2009/09/15 16:08:44 | 000,000,000 | ---D | M] -- C:\Program Files\Enterprise Vault
[2010/07/09 08:48:46 | 000,000,000 | ---D | M] -- C:\Program Files\Fiberlink
[2009/09/16 04:24:52 | 000,000,000 | ---D | M] -- C:\Program Files\Fingerprint Sensor
[2009/12/30 01:33:25 | 000,000,000 | ---D | M] -- C:\Program Files\Firefly Studios
[2010/09/11 18:42:51 | 000,000,000 | ---D | M] -- C:\Program Files\FreeRIP3
[2009/09/15 16:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\Gemplus
[2010/10/16 11:18:24 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2009/09/16 04:54:51 | 000,000,000 | ---D | M] -- C:\Program Files\gRAS
[2009/09/22 16:11:31 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2010/01/20 10:08:30 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2009/12/30 01:33:22 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2009/09/16 04:32:09 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/10/15 08:23:06 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/09/16 04:31:25 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2009/09/26 20:02:39 | 000,000,000 | ---D | M] -- C:\Program Files\iriver
[2009/09/16 04:48:02 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2008/10/22 13:18:06 | 000,000,000 | ---D | M] -- C:\Program Files\JavaSoft
[2009/09/19 18:08:11 | 000,000,000 | ---D | M] -- C:\Program Files\kcSystems
[2009/09/27 10:25:09 | 000,000,000 | ---D | M] -- C:\Program Files\KeePass Password Safe
[2009/09/17 10:18:31 | 000,000,000 | ---D | M] -- C:\Program Files\Last.fm
[2009/09/16 04:31:01 | 000,000,000 | ---D | M] -- C:\Program Files\Lenovo
[2009/09/16 04:25:14 | 000,000,000 | ---D | M] -- C:\Program Files\Lenovo Fingerprint Software
[2009/09/26 19:54:25 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2010/10/15 08:58:56 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/16 04:22:29 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee
[2008/10/22 09:44:31 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/09/15 16:43:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2008/10/22 09:38:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2008/10/21 15:40:33 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2009/09/15 16:53:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2008/10/22 13:58:15 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office Communicator
[2010/10/15 08:23:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2008/10/22 13:33:17 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/09/15 16:23:32 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio .NET 2003
[2008/10/22 13:30:38 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2009/10/18 13:44:31 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2008/10/22 13:32:38 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/10/14 23:09:15 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/10/17 09:01:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2008/10/22 13:33:35 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2008/10/22 13:52:46 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2008/10/21 15:40:34 | 000,000,000 | ---D | M] -- C:\Program Files\msn gaming zone
[2008/10/21 16:23:41 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2008/10/21 16:23:55 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2010/05/11 10:25:42 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2008/10/22 14:15:09 | 000,000,000 | ---D | M] -- C:\Program Files\NetSupport
[2009/10/31 19:08:45 | 000,000,000 | ---D | M] -- C:\Program Files\Nortel Networks
[2009/09/15 16:51:20 | 000,000,000 | ---D | M] -- C:\Program Files\NotesSQL
[2010/07/06 12:34:55 | 000,000,000 | ---D | M] -- C:\Program Files\OfficeCM
[2008/10/21 15:37:35 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2009/09/15 16:17:06 | 000,000,000 | ---D | M] -- C:\Program Files\Oracle
[2010/10/14 22:47:26 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/05/20 13:16:16 | 000,000,000 | ---D | M] -- C:\Program Files\Paint.NET
[2009/09/30 13:01:04 | 000,000,000 | ---D | M] -- C:\Program Files\Peregrine Systems
[2010/01/31 16:52:44 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/10/13 19:46:44 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2008/10/21 16:36:52 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/09/07 10:46:34 | 000,000,000 | ---D | M] -- C:\Program Files\Research In Motion
[2010/09/07 10:50:35 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2009/09/16 04:24:20 | 000,000,000 | ---D | M] -- C:\Program Files\RSA SecurID Token Common
[2009/12/04 18:36:32 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung ML-2010 Series
[2010/05/04 09:21:48 | 000,000,000 | ---D | M] -- C:\Program Files\ServiceCenter 625
[2009/09/26 19:56:28 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2009/11/20 09:24:35 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2009/09/16 04:26:07 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2010/10/15 10:42:23 | 000,000,000 | ---D | M] -- C:\Program Files\Taskbar Shuffle
[2009/09/16 15:13:03 | 000,000,000 | ---D | M] -- C:\Program Files\TechSmith
[2010/07/07 19:01:01 | 000,000,000 | ---D | M] -- C:\Program Files\Tether
[2009/09/16 04:27:35 | 000,000,000 | ---D | M] -- C:\Program Files\ThinkPad
[2009/09/16 04:27:59 | 000,000,000 | ---D | M] -- C:\Program Files\ThinkVantage
[2009/09/16 04:57:41 | 000,000,000 | ---D | M] -- C:\Program Files\ThinkVantage Fingerprint Software
[2010/10/14 19:14:46 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2008/10/21 15:46:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/09/15 15:56:20 | 000,000,000 | ---D | M] -- C:\Program Files\Utimaco
[2009/09/15 16:35:54 | 000,000,000 | ---D | M] -- C:\Program Files\Virtual Ink
[2010/09/29 09:32:38 | 000,000,000 | ---D | M] -- C:\Program Files\WebEx
[2010/07/15 17:33:31 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
[2010/07/15 11:02:07 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp Detect
[2008/10/22 14:11:58 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2010/07/08 10:23:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Imaging
[2008/10/21 16:43:10 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2009/09/17 10:19:01 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/10/21 15:35:10 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2008/10/21 15:37:41 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2008/10/22 13:55:18 | 000,000,000 | ---D | M] -- C:\Program Files\WinZip
[2008/10/21 15:40:34 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2010/06/02 12:21:57 | 000,000,000 | ---D | M] -- C:\Program Files\YouTube Downloader
< %systemroot%\system32\*.tso > < %ALLUSERSPROFILE%\Documents\Server\*.* >[2008/04/14 05:00:00 | 000,036,635 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Server\hlp.dat
< %systemroot%\*.pif >[2008/04/14 05:00:00 | 000,000,707 | ---- | M] () -- C:\WINDOWS\_default.pif
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
< %systemroot%\system32\n7533\*.* > < %systemroot%\Us18336\*.* > < %systemroot%\system32\*.zip > < %systemroot%\system32\*.wgo > < %systemroot%\system32\dllcache\*.com > < %systemroot%\system32\dllchache\*.* > < %systemroot%\system32\038840\*.* > < %systemroot%\system32\13E92A\*.* > < %systemroot%\system32\1CB5AD\*.* > < %systemroot%\system32\52682A\*.* > < %USERPROFILE%\My Documents\*.htm > < %SYSTEMDRIVE%\Mr_CF\*.* > < %USERPROFILE%\My Documents\*.dll > < %USERPROFILE%\My Documents\*.ccc > < %systemroot%\system32\Sis\*.* > < %systemroot%\Microsft\*.* > < %SYSTEMDRIVE%\driverwinx.exe\*.* > < %systemroot%\BifroXx\*.* > < %SYSTEMDRIVE%\TSTP\*.* > < %systemroot%\winsn\*.* > < %ProgramFiles%\windata\*.* > < %SYSTEMDRIVE%\msixxxxxxx.exe\*.* > < %systemroot%\system32\*.sao > < %systemroot%\system32\*.iem > < %systemroot%\system32\*.mdd > < %systemroot%\system32\*.wlo > < %systemroot%\system32\*.skn > < %SYSTEMDRIVE%\Winup\*.* > < %SYSTEMDRIVE%\test\*.* > < %systemroot%\system32\med\*.* > < %systemroot%\Bifrost\*.* > < %systemroot%\system32\explorer.exe\*.* > < %UserProfile%\UserData\*.dat /x > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >"UseWUServer" = 1
"NoAutoUpdate" = 1
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >< End of report >
*****Extras.Txt*****
---
OTL Extras logfile created on: 10/17/2010 6:27:57 PM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = \\mopcitnas06\mattm02$\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 67.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2963 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 76.60 Gb Free Space | 51.39% Space Free | Partition Type: NTFS
Computer Name: AMRNYCLL3CCC3N | User Name: mattM02 | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-436374069-879983540-682003330-508785\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DoNotAllowExceptions" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\NetSupport\NetSupport Manager\client32.exe" = C:\Program Files\NetSupport\NetSupport Manager\client32.exe:*:Enabled:NetSupport Client -- (NetSupport Ltd)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
".NET Framework 1.1.4322" = .NET Framework 1.1.4322
".Net Framework 3.5" = .Net Framework 3.5
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad EasyEject Utility
"{13222614-9C54-438C-B589-E73A9286296D}" = Crypteze
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}" = McAfee VirusScan Enterprise
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.5
"{1B4177AA-4441-4AD0-B2D2-F199F9D1B7C5}" = Fiberlink Global Remote
"{1BD5B33C-7F2F-48E5-BEA6-9606153CA776}" = Adobe SVG Viewer 3.02 (english)
"{1FF06B85-EB4F-400D-8602-30A1DD48673B}" = Business Objects Desktop Intelligence 11.2 Sp2 (MUI)
"{201CF24B-1C4C-434C-A997-1529D6495799}" = Business Objects FP2.4
"{22443966-38F8-8A4D-AA16-0FBFA246881F}" = Acrobat.com
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2624B680-02BC-4CBC-839C-DA20DF6EF6EC}" = Citrix Presentation Server Client
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java 6 Update 12
"{2863C12B-2A02-4258-8495-6220605B2E5C}_is1" = Tether 1.1.0.6
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2FE4F7D0-49ED-4A85-88C1-1EA443789C4F}" = Microsoft Office Communicator 2005 MUI Pack
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FE3EDA-0C18-48DE-934B-D9862F82A7A8}" = McAfee Agent
"{3D8994A3-02A8-45B5-B955-53E608BC69ED}" = Lenovo Fingerprint Software
"{3E8BE5D1-6223-4147-8A9D-1ADEAEA3DA04}" = Symantec Enterprise Vault Outlook Add-In
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40A594D0-1490-4979-9382-D2B764F949C6}" = BlackBerry® Media Sync
"{43216FBE-D869-489D-90DE-87D22E816757}" = SafeGuard® Easy Client 4.40.2
"{44E9D4C2-946C-4378-9354-558803C47A68}" = Client Security - Password Manager
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{52A7C6A6-6B88-47D1-922E-9F8A7E089E6A}" = Intel® PROSet/Wireless WiFi Software
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3
"{6293FA50-80FE-4695-B591-F580B9C045F6}" = Quality Center Client Side
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Presentation Director
"{670BF4E7-642D-4FC4-A5A7-D98B8593061F}" = Java 2 Runtime Environment Standard Edition
"{67132715-2BCB-422A-86B9-40DD558B14F3}" = HP ServiceCenter 6.2.5 (English)
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}" = Oracle Data Provider for .NET Help
"{7148F0A8-6813-11D6-A77B-00B0D0142010}" = Java 2 Runtime Environment, SE v1.4.2_01
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{721ABC3B-5F12-4332-9C0C-C11424EF666C}" = WIMGAPI
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7CA4F780-7AD0-417A-82A1-46EB825CFD53}" = HP Managed Printing Admin
"{7CE752EE-AC9E-11D1-B22A-085A08C10627}" = mimio Studio
"{82840AE3-780C-4328-A3C6-FB901E948E43}" = ServiceCenter Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A069D23-AB53-490C-9DC6-0DF8E982BFE1}" = NetSupport Manager
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-0017-0000-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer 2007
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{E1C33B03-3FE9-45BF-91E4-0266F38618C6}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0017-0409-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (English) 2007
"{90120000-0017-0409-0000-0000000FF1CE}_SharePointDesigner_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-001F-0409-0000-0000000FF1CE}_SharePointDesigner_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_SharePointDesigner_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-001F-040C-0000-0000000FF1CE}_SharePointDesigner_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_SharePointDesigner_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-001F-0C0A-0000-0000000FF1CE}_SharePointDesigner_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_SharePointDesigner_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-006E-0409-0000-0000000FF1CE}_SharePointDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_SharePointDesigner_{F958975E-C02E-4E9B-A241-62BAE669C12D}" =
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_SharePointDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{90A54C33-C3FB-416C-B4BE-1AD893DE0007}" = WinZip
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9485762F-2853-46B9-928B-FE7ED99175E5}" = Business Objects FP5.5
"{95120000-0052-0409-0000-0000000FF1CE}" = Microsoft Office Visio Viewer 2007
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{9DE3F260-B88E-42CE-90E7-73C78C37D95E}" = 32 Bit HP BiDi Channel Components Installer
"{9F98C9F8-9B49-411C-AFB9-AF633249FA7C}" = ThinkVantage Fingerprint Software 5.8
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Power Manager
"{A1BEF7EC-35ED-488E-930A-A7B5E7C8890C}" = TMS Shortcuts
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = Microsoft MSXML 6.0 SP1 (English)
"{A54453DD-9408-45B2-B179-9BBD83498249}" = GemSafe Libraries 4.2.0 SP4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA67F760-FC67-488B-B968-257D74F5FCE9}" = GemPCExp
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update
"{AC76BA86-0000-7EC8-7489-000000000603}" = Adobe Acrobat and Reader 6.0.3 Update
"{AC76BA86-0000-7EC8-7489-000000000604}" = Adobe Acrobat and Reader 6.0.4 Update
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B332732A-4958-41DD-B439-DDA2D32753C5}" = McAfee Host Intrusion Prevention
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}" = Windows Rights Management Client with Service Pack 2
"{BE5AD430-9E0C-4243-AB3F-593835869855}" = Microsoft Office Communicator 2005
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2DA1CDC-EF9D-4B7C-91F8-710B17AD44A7}" = Microsoft Office Live Meeting 2007
"{C6FA39A7-26B1-480A-BC74-6D17531AC222}" = Access Help
"{CAE5379F-5C3D-4D0D-AA57-DC1134125BA5}" = Configuration Manager Client
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Picture Package Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D1E44702-21F5-4918-B8A3-6D126D5BD33C}" = Windows Messenger 5.1
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D728E945-256D-4477-B377-6BBA693714AC}" = Productivity Center Supplement for ThinkPad
"{D73C89D3-BFF0-4384-B52D-E1F2F7697F69}" = BusinessObjects XI R2 Service Pack 5
"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E49F0B10-C1CC-474F-B4AB-D8E409E4E949}" = Oracle Sqlldr
"{EA0081D6-673A-4166-B9B2-70CC3CF0574E}" = ThinkVantage Fingerprint Software 5.8.2 Patch
"{EA69491C-339D-46E1-BC0A-8FCC54F9FA3E}" = Techsmith Dubit 2.0 (English)
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility SP2
"{EF964A78-078C-11D1-B7A7-0000C0134CE6}" = Nortel Networks Contivity VPN Client
"{EFEBC9F4-F16C-4435-AE85-AE675C5E5D2F}" = Arcot Systems Arcot PlugIn 4.5 (English)
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F2AB2488-A0BF-4A9B-98A9-A88CF20FD2FF}" = Meeting Manager for Internet Explorer
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F75B970D-0543-49E6-B529-32E84ADA54B1}" = Microsoft Organization Chart 2.0 (English)
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"A4680BD43717441189C52EBF2C4FD6B182EE1101" = Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (10/02/2008 8.1.2.37)
"Acrobat Reader 9.0" = Acrobat Reader 9.0
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"aPod Client 3.0" = aPod Client 3.0
"Arcot PlugIn 4.5" = Arcot PlugIn 4.5
"BlackBerry_{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"BOXIR2 11.5 Sp5" = BOXIR2 11.5 Sp5
"CCleaner" = CCleaner
"Certificates 2.0" = Certificates 2.0
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = ThinkPad Modem Adapter
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Digital Certificate SmartCard 4.0" = Digital Certificate SmartCard 4.0
"DMS Add New Programs Shortcut 1.0" = DMS Add New Programs Shortcut 1.0
"DMS Stale System Checker 1.0" = DMS Stale System Checker 1.0
"Enterprise Vault 7.5 SP3" = Enterprise Vault 7.5 SP3
"Fiberlink 2.6" = Fiberlink 2.6
"Flash and Shockwave Latest Versions" = Flash and Shockwave Latest Versions
"Gemplus Smart Card Reader Tools" = Gemplus Smart Card Reader Tools
"GemSafe Libraries 4.2 SP4" = GemSafe Libraries 4.2 SP4
"HD Password Info Utility 1.0" = HD Password Info Utility 1.0
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"ICA Web Client 10.2" = ICA Web Client 10.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IE7-MUI" = Windows Internet Explorer 7 Multilingual User Interface (MUI)
"iriver plus 3" = iriver plus 3 (remove only)
"Java Runtime Environment (JRE) 1.4.2_01" = Java Runtime Environment (JRE) 1.4.2_01
"Java Runtime Environment 1.31" = Java Runtime Environment 1.31
"Java Runtime Environment 1.5.0.06" = Java Runtime Environment 1.5.0.06
"Java Runtime Environment 1.6.0_05" = Java Runtime Environment 1.6.0_05
"JRE 1.6.0.12" = JRE 1.6.0.12
"KeePass Password Safe_is1" = KeePass Password Safe 1.16
"LastFM_is1" = Last.fm 1.5.4.24567
"Live Meeting 2007 Client 8.0.6362.70" = Live Meeting 2007 Client 8.0.6362.70
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Anti-Spyware Enterprise Module" = McAfee AntiSpyware Enterprise Module
"Meeting Manager 1.0" = Meeting Manager 1.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Movie Converter" = Movie Converter (remove only)
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSXML 6.0 SP1" = MSXML 6.0 SP1
"NetMeeting 3.01" = NetMeeting 3.01
"NetSupport Manager Client 10" = NetSupport Manager Client 10
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Office 2007 Interactive Guide 1.0" = Office 2007 Interactive Guide 1.0
"Office 2007 SP1 Professional Plus" = Office 2007 SP1 Professional Plus
"Office 2007 SP2 Professional Plus" = Office 2007 SP2 Professional Plus
"Office Communicator 2005 1.0.559" = Office Communicator 2005 1.0.559
"OnScreenDisplay" = On Screen Display
"Oracle Client 9i206" = Oracle Client 9i206
"Organization Chart 2.0" = Organization Chart 2.0
"PCoDE Updater" = company PCoDE Updater
"Photoshop" = Photoshop 7.0
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel PROSet Wireless
"PROPLUS" = Microsoft Office Professional Plus 2007
"PROSet" = Intel® PRO Network Adapters and Drivers
"PROSet Wireless 12.1" = PROSet Wireless 12.1
"PVC 1.1" = PVC 1.1
"Q828026" = Windows Media Player Hotfix [See Q828026 for more information]
"Quality Center Client 10" = Quality Center Client 10
"Quicktime 7.1.5" = Quicktime 7.1.5
"Quicktime 7.2" = Quicktime 7.2
"RDC" = RDC
"Reader Drivers 1.0" = Reader Drivers 1.0
"RealPlayer 6.0" = RealPlayer
"Safeguard Easy 4.40.2" = Safeguard Easy 4.40.2
"Samsung ML-2010 Series" = Samsung ML-2010 Series
"SCCM Client 2007 R2 SP2" = SCCM Client 2007 R2 SP2
"ServiceCenter 6.2.5" = ServiceCenter 6.2.5
"SharePointDesigner" = Microsoft Office SharePoint Designer 2007
"SnagIt 8.0" = SnagIt 8.0
"Studio 5.30" = Studio 5.30
"SVG Viewer 3.02" = SVG Viewer 3.02
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"Taskbar Shuffle_is1" = Taskbar Shuffle version 2.5
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"Toolbar and Icon 1.0" = Toolbar and Icon 1.0
"Toolbar for Enterprise 4.0.1" = Toolbar for Enterprise 4.0.1
"VirusScan 8.7i Patch 1 with HIPs 7.0" = VirusScan 8.7i Patch 1 with HIPs 7.0
"Visio Professional 2003 SP2" = Visio Professional 2003 SP2
"Visio Viewer 2007 SP1" = Visio Viewer 2007 SP1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WDS 3.01" = WDS 3.01
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Messenger 5.1.0715" = Windows Messenger 5.1.0715
"Windows Script Host 5.7" = Windows Script Host 5.7
"WinZip 9.0 SR-1" = WinZip 9.0 SR-1
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Workstation Utilities Pack 2007" = Workstation Utilities Pack 2007
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-436374069-879983540-682003330-508785\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ========== [ aPodClient Events ]
Error - 9/15/2009 5:01:07 PM | Computer Name = AMRNYCLL3CCC3N | Source = aPodClient | ID = 214
Description = Unable to refresh demographic data because a broker could not be obtained
Error - 9/15/2009 5:02:08 PM | Computer Name = AMRNYCLL3CCC3N | Source = aPodClient | ID = 214
Description = Unable to refresh demographic data because a broker could not be obtained
Error - 9/15/2009 5:03:09 PM | Computer Name = AMRNYCLL3CCC3N | Source = aPodClient | ID = 214
Description = Unable to refresh demographic data because a broker could not be obtained
Error - 9/15/2009 5:04:10 PM | Computer Name = AMRNYCLL3CCC3N | Source = aPodClient | ID = 214
Description = Unable to refresh demographic data because a broker could not be obtained
Error - 9/15/2009 5:06:12 PM | Computer Name = AMRNYCLL3CCC3N | Source = aPodClient | ID = 214
Description = Unable to refresh demographic data because a broker could not be obtained
Error - 9/15/2009 5:08:14 PM | Computer Name = AMRNYCLL3CCC3N | Source = aPodClient | ID = 214
Description = Unable to refresh demographic data because a broker could not be obtained
Error - 9/15/2009 5:10:16 PM | Computer Name = AMRNYCLL3CCC3N | Source = aPodClient | ID = 214
Description = Unable to refresh demographic data because a broker could not be obtained
Error - 9/15/2009 5:11:17 PM | Computer Name = AMRNYCLL3CCC3N | Source = aPodClient | ID = 214
Description = Unable to refresh demographic data because a broker could not be obtained
Error - 9/15/2009 5:12:17 PM | Computer Name = AMRNYCLL3CCC3N | Source = aPodClient | ID = 214
Description = Unable to refresh demographic data because a broker could not be obtained
Error - 9/15/2009 5:13:18 PM | Computer Name = AMRNYCLL3CCC3N | Source = aPodClient | ID = 214
Description = Unable to refresh demographic data because a broker could not be obtained
[ Application Events ]
Error - 10/16/2010 12:18:12 AM | Computer Name = AMRNYCLL3CCC3N | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
unknown, version 0.0.0.0, fault address 0x01680000.
Error - 10/16/2010 12:35:30 AM | Computer Name = AMRNYCLL3CCC3N | Source = Windows Search Service | ID = 3084
Description = Failed to load protocol handler OfflineVaultPH3x.OfflineVaultSP.1.
Error description: Unspecified error .
Error - 10/16/2010 1:22:36 AM | Computer Name = AMRNYCLL3CCC3N | Source = Windows Search Service | ID = 3084
Description = Failed to load protocol handler OfflineVaultPH3x.OfflineVaultSP.1.
Error description: Unspecified error .
Error - 10/16/2010 6:57:50 AM | Computer Name = AMRNYCLL3CCC3N | Source = Windows Search Service | ID = 3084
Description = Failed to load protocol handler OfflineVaultPH3x.OfflineVaultSP.1.
Error description: Unspecified error .
Error - 10/16/2010 9:56:43 AM | Computer Name = AMRNYCLL3CCC3N | Source = WinMgmt | ID = 28
Description = WinMgmt could not initialize the core parts. This could be due to
a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient
disk space or insufficient memory.
Error - 10/16/2010 9:57:03 AM | Computer Name = AMRNYCLL3CCC3N | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 10/16/2010 9:59:06 AM | Computer Name = AMRNYCLL3CCC3N | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 10/16/2010 9:59:18 AM | Computer Name = AMRNYCLL3CCC3N | Source = UserInit | ID = 1000
Description = Could not execute the following script \\amer.company.com\sysvol\amer.company.com\scripts\CIT\chkp2p.vbs.
No network provider accepted the given network path. .
Error - 10/16/2010 10:03:10 AM | Computer Name = AMRNYCLL3CCC3N | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 10/16/2010 10:03:48 AM | Computer Name = AMRNYCLL3CCC3N | Source = WinMgmt | ID = 28
Description = WinMgmt could not initialize the core parts. This could be due to
a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient
disk space or insufficient memory.
[ OSession Events ]
Error - 6/22/2010 6:04:37 PM | Computer Name = AMRNYCLL3CCC3N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 465428
seconds with 17880 seconds of active time. This session ended with a crash.
Error - 6/22/2010 6:14:29 PM | Computer Name = AMRNYCLL3CCC3N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 561
seconds with 240 seconds of active time. This session ended with a crash.
Error - 7/15/2010 7:42:09 PM | Computer Name = AMRNYCLL3CCC3N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 205048 seconds with 12840 seconds of active time. This session ended with
a crash.
Error - 8/1/2010 10:55:39 PM | Computer Name = AMRNYCLL3CCC3N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 19340
seconds with 1980 seconds of active time. This session ended with a crash.
Error - 9/1/2010 11:52:44 AM | Computer Name = AMRNYCLL3CCC3N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 146112
seconds with 5880 seconds of active time. This session ended with a crash.
Error - 9/1/2010 12:32:40 PM | Computer Name = AMRNYCLL3CCC3N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2376
seconds with 720 seconds of active time. This session ended with a crash.
Error - 9/1/2010 12:35:44 PM | Computer Name = AMRNYCLL3CCC3N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 92
seconds with 60 seconds of active time. This session ended with a crash.
Error - 9/16/2010 6:19:09 PM | Computer Name = AMRNYCLL3CCC3N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 295205
seconds with 8760 seconds of active time. This session ended with a crash.
Error - 10/1/2010 12:41:59 PM | Computer Name = AMRNYCLL3CCC3N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1273
seconds with 540 seconds of active time. This session ended with a crash.
Error - 10/11/2010 6:21:10 PM | Computer Name = AMRNYCLL3CCC3N | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 12525
seconds with 5340 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 10/17/2010 6:07:57 PM | Computer Name = AMRNYCLL3CCC3N | Source = SCardSvr | ID = 110
Description = Comm Responder could not create communications object
Error - 10/17/2010 6:07:57 PM | Computer Name = AMRNYCLL3CCC3N | Source = SCardSvr | ID = 201
Description = Failed to initialize Server Application: Access is denied.
Error - 10/17/2010 6:10:31 PM | Computer Name = AMRNYCLL3CCC3N | Source = SCardSvr | ID = 104
Description = Comm Responder could not access the Calais key: Access is denied.
Error - 10/17/2010 6:10:31 PM | Computer Name = AMRNYCLL3CCC3N | Source = SCardSvr | ID = 110
Description = Comm Responder could not create communications object
Error - 10/17/2010 6:10:31 PM | Computer Name = AMRNYCLL3CCC3N | Source = SCardSvr | ID = 201
Description = Failed to initialize Server Application: Access is denied.
Error - 10/17/2010 6:10:31 PM | Computer Name = AMRNYCLL3CCC3N | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain AMER due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 10/17/2010 6:18:46 PM | Computer Name = AMRNYCLL3CCC3N | Source = SCardSvr | ID = 104
Description = Comm Responder could not access the Calais key: Access is denied.
Error - 10/17/2010 6:18:46 PM | Computer Name = AMRNYCLL3CCC3N | Source = SCardSvr | ID = 110
Description = Comm Responder could not create communications object
Error - 10/17/2010 6:18:46 PM | Computer Name = AMRNYCLL3CCC3N | Source = SCardSvr | ID = 201
Description = Failed to initialize Server Application: Access is denied.
Error - 10/17/2010 6:18:47 PM | Computer Name = AMRNYCLL3CCC3N | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain AMER due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
< End of report >
Thanks you guys for your help here again! You
ROCK!