Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Problem removing Tidserv.Activity.2


  • Please log in to reply

#91
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
OK.

File C:\Windows\assembly\tmp\kwrd.dll is infected by Win32:Malware-gen, Moved to chest


That means ZeroAccess is still active. That explains why things went South when we ran the OTL script.

There should not be a folder called C:\windows\assembly\tmp

See if you can delete the tmp folder.

I'd really like to see the logs from:

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

Advertisements


#92
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
When I go to the Windows/assembly directory, there is no temp file. Just downloads. and it is empty.


I will focus on the log viewers
  • 0

#93
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
Here are the SYSTME log files from VEW

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 11/10/2011 07:27:01 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 12/10/2011 12:22:38 AM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: Beep DMICall

Log: 'System' Date/Time: 12/10/2011 12:22:38 AM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The lxeaCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 12/10/2011 12:22:38 AM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.

Log: 'System' Date/Time: 12/10/2011 12:22:38 AM
Type: Error Category: 0
Event: 7024 Source: Service Control Manager
The Bonjour Service service terminated with service-specific error 11003 (0x2AFB).

Log: 'System' Date/Time: 12/10/2011 12:21:40 AM
Type: Error Category: 0
Event: 1060 Source: Application Popup
\SystemRoot\SysWow64\DRIVERS\DMICall.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#94
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
And here is the Application log

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 11/10/2011 07:28:25 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 12/10/2011 12:22:43 AM
Type: Error Category: 0
Event: 7 Source: VzCdbSvc
Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Log: 'Application' Date/Time: 12/10/2011 12:22:37 AM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Log: 'Application' Date/Time: 12/10/2011 12:22:24 AM
Type: Error Category: 0
Event: 10 Source: SQLBrowser
The SQLBrowser service was unable to establish SQL instance and connectivity discovery.

Log: 'Application' Date/Time: 12/10/2011 12:22:24 AM
Type: Error Category: 0
Event: 11 Source: SQLBrowser
The SQLBrowser service encountered a critical failure.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#95
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
Uninstall Bonjour


Copy the text in the code box:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg 
%systemroot%\*.jpg 
%systemroot%\*.png 
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav 
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x 
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
DMIcall.sys
beep.sys
Netshell.dll
netcfgx.dll
Netman.dll
connect.dll
mswsock.dll
mmswsock.dll 
mdnsNSP.dll
/md5stop

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them. (Don't worry we are not making changes this time. Just scanning for files)

Also

Start, Programs, Accessories then Right click Command Prompt and Run As Administrator.

netsh  winsock show catalog > \junk.txt



Please attach \junk.txt to your next post.
  • 0

#96
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
Before I run it, I have Windows Restore activated. Do I need to de-activate it?
  • 0

#97
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
Never mind..... I see it in the code, so I need to have it active
  • 0

#98
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
Do I leave Avast functional?
  • 0

#99
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
Here is the OTL.txt

OTL logfile created on: 10/11/2011 07:59:18 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Tim\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.97 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 51.70% Memory free
8.13 Gb Paging File | 5.94 Gb Available in Paging File | 73.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 108.18 Gb Total Space | 16.74 Gb Free Space | 15.47% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 406.35 Gb Free Space | 87.25% Space Free | Partition Type: NTFS
Drive H: | 250.61 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TIM-PC | User Name: Tim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/09 21:59:59 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Tim\Desktop\OTL.exe
PRC - [2011/09/06 15:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/19 01:07:38 | 000,421,736 | ---- | M] (Apple Inc.) -- D:\Joans Itunes\iTunesHelper.exe
PRC - [2011/01/23 20:08:55 | 000,148,280 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
PRC - [2011/01/23 20:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010/09/22 18:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\SysWOW64\atashost.exe
PRC - [2008/10/17 07:34:39 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2008/07/28 19:45:42 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2008/07/28 19:45:42 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008/07/21 15:10:06 | 000,014,376 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2008/06/21 03:53:53 | 000,679,936 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
PRC - [2008/06/20 10:56:44 | 000,415,744 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008/06/19 10:55:48 | 000,279,848 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2008/06/13 03:34:02 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2008/06/12 01:13:24 | 000,337,184 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2008/06/08 01:41:22 | 000,352,256 | ---- | M] (AVerMedia) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2008/05/24 21:01:16 | 000,086,016 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Media plus\VMpTtray.exe
PRC - [2008/05/22 16:23:10 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2008/05/20 21:05:40 | 000,353,568 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe
PRC - [2008/05/20 21:05:40 | 000,103,712 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe
PRC - [2008/05/20 21:05:40 | 000,062,752 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe
PRC - [2008/05/20 15:48:32 | 000,024,576 | ---- | M] (Sony Electronics, Inc.) -- C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
PRC - [2008/04/15 19:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 19:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/03 22:03:38 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2008/03/25 16:32:18 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
PRC - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/01/04 21:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/11 10:27:18 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll
MOD - [2011/08/11 10:26:59 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll
MOD - [2011/08/11 10:24:12 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll
MOD - [2011/06/22 03:25:46 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll
MOD - [2011/01/23 20:08:55 | 000,148,280 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
MOD - [2011/01/23 20:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
MOD - [2010/06/01 10:17:46 | 000,929,792 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2010/04/05 05:56:20 | 000,094,359 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epoemdll.dll
MOD - [2010/04/05 05:56:19 | 000,045,221 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epstring.dll
MOD - [2010/04/05 05:56:17 | 002,203,803 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epwizres.dll
MOD - [2010/04/05 05:56:07 | 000,716,954 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epwizard.dll
MOD - [2010/04/05 05:55:15 | 000,159,890 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\customui.dll
MOD - [2010/04/05 05:55:04 | 000,061,604 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epfunct.dll
MOD - [2010/04/05 05:54:59 | 000,123,033 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\eputil.dll
MOD - [2010/04/05 05:54:52 | 000,143,502 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\imagutil.dll
MOD - [2010/04/01 12:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadrs.dll
MOD - [2010/04/01 12:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeascw.dll
MOD - [2009/09/05 00:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/05/27 07:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadatr.dll
MOD - [2009/04/07 14:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\iptk.dll
MOD - [2009/03/10 00:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacaps.dll
MOD - [2009/03/02 09:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaptp.dll
MOD - [2009/02/27 16:39:29 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.DEU
MOD - [2009/02/27 16:32:27 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
MOD - [2009/02/20 03:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\SysWOW64\LXEAsmr.dll
MOD - [2009/02/20 03:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXEAsm.dll
MOD - [2008/07/28 19:45:44 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
MOD - [2008/06/13 03:34:02 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/04/14 15:45:36 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeacoms.exe -- (lxea_device)
SRV:64bit: - [2010/04/14 15:45:30 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV:64bit: - [2008/09/29 16:06:32 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector)
SRV:64bit: - [2008/08/06 20:06:48 | 000,407,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2008/06/12 01:13:24 | 000,337,184 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2008/06/12 01:10:46 | 000,107,808 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2008/04/30 22:20:42 | 001,371,136 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2008/04/30 21:42:20 | 000,826,368 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2008/04/25 07:08:03 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV:64bit: - [2008/01/20 21:50:23 | 000,195,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/01/20 21:46:39 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/06/25 22:17:18 | 000,567,024 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlbkcoms.exe -- (dlbk_device)
SRV - [2010/04/14 15:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxeacoms.exe -- (lxea_device)
SRV - [2010/02/19 07:44:44 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\VHStoDVD\SharedCOM\RoxMediaDBVHS.exe -- (RoxMediaDBVHS)
SRV - [2009/11/03 16:54:41 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2008/10/17 07:34:39 | 000,409,600 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2008/07/28 19:45:42 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008/07/12 22:40:36 | 000,133,120 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService)
SRV - [2008/06/20 10:56:44 | 000,415,744 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2008/06/19 10:55:48 | 000,279,848 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008/06/08 01:41:22 | 000,352,256 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2008/05/22 16:23:10 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008/05/22 16:21:44 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008/05/20 21:05:40 | 000,353,568 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008/05/20 21:05:40 | 000,103,712 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008/05/20 21:05:40 | 000,062,752 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008/05/20 03:51:34 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2008/05/20 03:49:04 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2008/05/20 03:29:06 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2008/04/15 19:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/03/25 16:32:18 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/11/12 22:59:54 | 000,020,480 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2007/05/24 09:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/01/04 21:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/06 15:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/09/06 15:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/09/06 15:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/09/06 15:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/09/06 15:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/09/06 15:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/08/24 21:53:49 | 000,056,408 | ---- | M] (NCH Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stdriver64.sys -- (stdriver)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/09/26 16:45:28 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010/08/20 23:59:12 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/19 17:36:38 | 000,754,808 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2009/06/19 17:36:16 | 000,673,272 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2008/08/09 09:34:31 | 000,021,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2008/08/09 09:34:29 | 000,132,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2008/08/09 09:34:29 | 000,095,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2008/08/09 09:33:05 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2008/08/09 08:10:58 | 000,056,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008/07/17 08:54:22 | 000,064,512 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2008/07/14 20:17:16 | 000,315,648 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerFx2hbtv64.sys -- (AVerFx2hbtv64)
DRV:64bit: - [2008/07/11 22:32:13 | 001,027,968 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVerAVF2.sys -- (AVerAVF2)
DRV:64bit: - [2008/07/01 23:13:36 | 000,073,104 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\jmcr_cfs.sys -- (JMCR_CFS)
DRV:64bit: - [2008/06/25 07:33:12 | 000,085,504 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rimssn64.sys -- (rimsptsk)
DRV:64bit: - [2008/05/27 13:10:52 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wimfltr.sys -- (WimFltr)
DRV:64bit: - [2008/05/20 07:11:21 | 000,321,072 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/05/16 12:38:11 | 000,062,480 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tcusb.sys -- (TcUsb)
DRV:64bit: - [2008/04/29 07:06:57 | 000,388,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/04/28 08:38:12 | 004,730,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel®
DRV:64bit: - [2008/04/25 07:08:09 | 000,391,680 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/04/25 07:08:03 | 000,009,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2008/04/25 07:07:54 | 001,511,936 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/04/25 07:07:54 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2008/04/25 07:07:49 | 000,731,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/04/25 07:07:49 | 000,300,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2008/03/10 05:45:53 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SFEP.sys -- (SFEP)
DRV:64bit: - [2008/01/30 19:33:30 | 000,019,456 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2008/01/20 21:46:34 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\avc.sys -- (Avc)
DRV:64bit: - [2008/01/20 21:46:34 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 21:46:05 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 21:46:05 | 000,058,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\61883.sys -- (61883)
DRV:64bit: - [2008/01/20 21:46:02 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/04/16 22:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2008/07/11 18:42:58 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\DMICall.sys -- (DMICall)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.atssb.org/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Joans Itunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/10/11 16:51:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/11 15:37:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/10 14:39:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.16\Extensions\\Components: C:\Program Files (x86)\mozilla.org\SeaMonkey\Components [2011/09/30 16:17:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.16\Extensions\\Plugins: C:\Program Files (x86)\mozilla.org\SeaMonkey\Plugins [2011/09/30 16:17:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.0.6\extensions\\Components: C:\Program Files (x86)\SeaMonkey\components [2011/09/30 16:17:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.0.6\extensions\\Plugins: C:\Program Files (x86)\SeaMonkey\plugins [2011/09/30 16:17:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.1.16\Extensions\\Components: C:\Program Files (x86)\mozilla.org\SeaMonkey\Components [2011/09/30 16:17:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.1.16\Extensions\\Plugins: C:\Program Files (x86)\mozilla.org\SeaMonkey\Plugins [2011/09/30 16:17:33 | 000,000,000 | ---D | M]

[2011/10/10 18:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tim\AppData\Roaming\Mozilla\Extensions
[2011/10/10 18:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2011/10/10 18:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tim\AppData\Roaming\Mozilla\SeaMonkey\Profiles\sf659vms.default\extensions
[2011/10/11 15:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/09/30 09:19:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/10/10 14:11:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/10/11 16:51:34 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/09/29 01:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/10 14:11:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/06/18 13:16:18 | 010,437,264 | ---- | M] (PDFTron Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll
[2009/06/18 13:36:06 | 000,108,272 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll
[2011/09/28 19:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/10/11 13:42:09 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxeamon.exe] C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe ()
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AML] C:\Program Files (x86)\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [iTunesHelper] D:\Joans Itunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Lexmark S300-S400 Series] C:\Program Files (x86)\Lexmark S300-S400 Series\fm3032.exe ()
O4 - HKLM..\Run: [VAIORegistration] C:\Program Files\Sony\First Experience\WelcomeLauncher.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe ()
O4 - HKLM..\Run: [VWLASU] C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe (Sony Electronics, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [VMpTtray.exe] C:\Program Files (x86)\Sony\VAIO Media plus\VMpTtray.exe (Sony Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {615A1925-0E5B-4767-A65E-3165AEAC32A3} http://quickscan.bit...qsax/qsax64.cab (BitDefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7702BF8E-EF73-483D-A40E-5A2B1BD30996}: DhcpNameServer = 192.168.0.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB5C9DDC-490A-458A-B066-3F6C53B032A2}: DhcpNameServer = 192.168.0.1 192.168.2.1
O18:64bit: - Protocol\Handler\intu-help-qb1 - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\SysNative\vrlogon.dll (UPEK Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\psfus: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Program Files (x86)\Sony\First Experience\wallpapers\wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\Program Files (x86)\Sony\First Experience\wallpapers\wallpaper1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/29 06:05:08 | 000,000,075 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/10/11 19:41:31 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/10/11 16:51:54 | 000,301,912 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/10/11 16:51:54 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/10/11 16:51:54 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/10/11 16:51:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/10/11 16:51:53 | 000,601,944 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/10/11 16:51:53 | 000,058,200 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/10/11 16:51:30 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/10/11 16:51:29 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/10/11 16:32:07 | 000,254,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/10/11 16:32:07 | 000,065,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/10/11 16:31:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/10/11 16:31:26 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/10/11 16:11:58 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Tim\Desktop\dds.com
[2011/10/11 16:09:17 | 000,061,440 | ---- | C] ( ) -- C:\Users\Tim\Desktop\VEW.exe
[2011/10/11 15:41:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/10/11 15:30:47 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/10/11 13:25:24 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/10/11 13:25:24 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/10/11 13:25:24 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/10/11 13:25:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/10/10 21:28:38 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Opera
[2011/10/10 21:28:38 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\Opera
[2011/10/10 21:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2011/10/10 18:41:38 | 000,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2011/10/10 14:46:06 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\CrashDumps
[2011/10/10 14:12:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/10/10 14:11:27 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/10/10 14:11:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/10/10 14:11:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/10/10 11:36:43 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Tim\Desktop\aswMBR.exe
[2011/10/10 11:33:49 | 001,558,832 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tim\Desktop\tdsskiller(1).exe
[2011/10/10 11:28:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/10 11:28:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/10/10 11:24:30 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Tim\Desktop\mbam-setup-1.51.2.1300(1).exe
[2011/10/10 09:13:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/10/09 21:59:59 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Tim\Desktop\OTL.exe
[2011/10/09 18:13:34 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\NPE
[2011/10/09 14:32:28 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011/10/09 14:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/10/09 14:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/10/09 12:52:10 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\QuickScan
[2011/10/09 09:25:19 | 000,000,000 | ---D | C] -- C:\found.000
[2011/10/07 09:34:20 | 000,055,384 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/10/07 09:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011/10/07 08:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/09/30 16:28:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/09/30 16:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/09/30 16:26:14 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/09/30 16:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/09/30 14:36:15 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\AVG2012
[2011/09/30 14:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011/09/30 13:03:06 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Intel
[2011/09/30 08:53:24 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2011/09/25 10:38:30 | 000,000,000 | ---D | C] -- C:\Update
[2011/09/25 09:48:20 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Auslogics
[2011/09/19 14:07:33 | 000,108,032 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMFCA.DLL
[2011/09/19 14:07:33 | 000,081,408 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBFCA.DLL
[2011/09/19 14:01:16 | 000,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICSDK2.dll
[2011/09/19 14:01:16 | 000,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICSDK.dll
[2011/09/19 14:01:15 | 000,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICEntry.dll
[2011/09/19 14:01:15 | 000,051,360 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\EpPicPrt.dll
[2011/09/19 14:01:15 | 000,051,360 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\EpPicMgr.dll
[2011/09/19 14:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2011/09/19 13:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2011/07/22 15:26:43 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeapmui.dll
[2011/07/22 15:26:43 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeainpa.dll
[2011/07/22 15:26:43 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeaiesc.dll
[2011/07/22 15:26:42 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeaserv.dll
[2011/07/22 15:26:42 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeausb1.dll
[2011/07/22 15:26:42 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacomc.dll
[2011/07/22 15:26:42 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeahbn3.dll
[2011/07/22 15:26:42 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacoms.exe
[2011/07/22 15:26:42 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxealmpm.dll
[2011/07/22 15:26:42 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacfg.exe
[2011/07/22 15:26:42 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacomm.dll
[2011/07/22 15:26:42 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeaih.exe
[2010/09/26 16:45:28 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Tim\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011/10/11 19:50:28 | 000,760,648 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/11 19:50:28 | 000,645,296 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/11 19:50:28 | 000,119,716 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/11 19:49:06 | 000,113,051 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/10/11 19:49:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/10/11 19:44:55 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/11 19:44:55 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/11 19:44:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/11 19:41:54 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/10/11 19:22:54 | 000,113,051 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/10/11 16:51:54 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/10/11 16:51:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/10/11 16:40:29 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/10/11 16:11:48 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Tim\Desktop\dds.com
[2011/10/11 16:09:03 | 000,061,440 | ---- | M] ( ) -- C:\Users\Tim\Desktop\VEW.exe
[2011/10/11 15:37:33 | 000,000,912 | ---- | M] () -- C:\Users\Tim\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/11 15:37:33 | 000,000,888 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/11 13:58:54 | 000,000,501 | ---- | M] () -- C:\Users\Tim\Desktop\ComboFix.exe - Shortcut.lnk
[2011/10/11 13:42:09 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/10/11 12:47:42 | 002,448,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/11 12:31:51 | 000,002,675 | ---- | M] () -- C:\Users\Tim\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007 (2).lnk
[2011/10/11 09:00:13 | 000,000,008 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/10/10 21:28:26 | 000,001,692 | ---- | M] () -- C:\Users\Tim\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/10/10 21:28:26 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2011/10/10 20:46:56 | 008,892,928 | ---- | M] () -- C:\ProgramData\atscie.msi
[2011/10/10 18:42:18 | 000,779,024 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/10 14:11:02 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/10/10 14:11:02 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/10/10 14:11:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/10/10 14:11:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/10/10 11:41:57 | 000,000,512 | ---- | M] () -- C:\Users\Tim\Desktop\MBR.dat
[2011/10/10 11:39:23 | 710,079,385 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/10/10 11:36:57 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Tim\Desktop\aswMBR.exe
[2011/10/10 11:33:24 | 001,558,832 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tim\Desktop\tdsskiller(1).exe
[2011/10/10 11:28:40 | 000,000,570 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/10 11:23:56 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Tim\Desktop\mbam-setup-1.51.2.1300(1).exe
[2011/10/09 21:59:59 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Tim\Desktop\OTL.exe
[2011/10/07 09:33:48 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/10/07 08:41:37 | 000,002,549 | ---- | M] () -- C:\Users\Tim\Desktop\HiJackThis.lnk
[2011/10/07 08:34:36 | 000,025,160 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/10/04 14:39:48 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/10/04 09:31:54 | 000,017,408 | ---- | M] () -- C:\Users\Tim\AppData\Local\WebpageIcons.db
[2011/09/30 16:28:20 | 000,001,412 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/09/30 16:16:59 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/09/25 09:52:17 | 000,516,921 | ---- | M] () -- C:\test.xml
[2011/09/25 09:32:33 | 000,000,040 | ---- | M] () -- C:\Users\Public\Documents\_rgpl
[2011/09/19 22:04:49 | 000,000,680 | ---- | M] () -- C:\Users\Tim\AppData\Local\d3d9caps.dat

========== Files Created - No Company Name ==========

[2011/10/11 16:51:54 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/10/11 16:32:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011/10/11 15:37:33 | 000,000,912 | ---- | C] () -- C:\Users\Tim\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/11 15:37:33 | 000,000,900 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/10/11 15:37:33 | 000,000,888 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/11 13:58:54 | 000,000,501 | ---- | C] () -- C:\Users\Tim\Desktop\ComboFix.exe - Shortcut.lnk
[2011/10/11 13:25:24 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/10/11 13:25:24 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/10/11 13:25:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/10/11 13:25:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/10/11 13:25:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/10/10 21:28:26 | 000,001,692 | ---- | C] () -- C:\Users\Tim\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/10/10 21:28:26 | 000,001,680 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011/10/10 21:28:26 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011/10/10 18:42:24 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/10/10 11:41:57 | 000,000,512 | ---- | C] () -- C:\Users\Tim\Desktop\MBR.dat
[2011/10/10 11:39:23 | 710,079,385 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/10/10 11:28:40 | 000,000,570 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/07 08:34:36 | 000,025,160 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/10/04 09:31:53 | 000,017,408 | ---- | C] () -- C:\Users\Tim\AppData\Local\WebpageIcons.db
[2011/09/30 16:28:20 | 000,001,412 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/09/30 16:16:59 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/09/25 09:52:15 | 000,516,921 | ---- | C] () -- C:\test.xml
[2011/09/25 09:32:33 | 000,000,040 | ---- | C] () -- C:\Users\Public\Documents\_rgpl
[2011/09/19 14:01:16 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/09/19 14:01:15 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011/09/19 14:01:15 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011/09/19 14:01:15 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011/09/19 14:01:15 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011/09/19 14:01:15 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011/09/19 14:01:15 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011/09/19 14:01:15 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011/09/19 14:01:15 | 000,012,669 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_EN.cfg
[2011/09/19 14:01:15 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011/09/19 14:01:15 | 000,006,478 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_PT.cfg
[2011/09/19 14:01:15 | 000,006,478 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_BP.cfg
[2011/09/19 14:01:15 | 000,006,366 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_FR.cfg
[2011/09/19 14:01:15 | 000,006,366 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_CF.cfg
[2011/09/19 14:01:15 | 000,006,226 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_ES.cfg
[2011/09/19 14:01:15 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011/09/19 14:01:15 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011/09/19 14:01:15 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011/09/19 14:01:15 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011/09/19 14:01:15 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011/09/19 14:01:15 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011/09/19 14:01:15 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011/07/22 15:26:43 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\LXEAinst.dll
[2011/07/22 15:26:43 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeacomx.dll
[2011/07/22 15:26:43 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxeains.dll
[2011/07/22 15:26:43 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxeainsb.dll
[2011/07/22 15:26:43 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\lxeainsr.dll
[2011/07/22 15:26:43 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxeajswr.dll
[2011/07/22 15:26:43 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeacur.dll
[2011/07/22 15:26:42 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeacu.dll
[2011/07/22 15:26:42 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeacub.dll
[2011/07/22 15:17:33 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXEAsm.dll
[2011/07/22 15:17:33 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\LXEAsmr.dll
[2011/03/05 14:53:58 | 000,000,000 | ---- | C] () -- C:\Users\Tim\AppData\Local\rx_image32.Cache
[2011/01/04 22:15:37 | 000,000,238 | ---- | C] () -- C:\Windows\dellstat.ini
[2010/12/24 12:06:27 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2010/11/30 20:19:28 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.dll
[2010/11/30 20:19:28 | 000,003,456 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.sys
[2010/11/30 20:19:27 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\sptlib03.dll
[2010/11/30 20:19:27 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\sptlib01.dll
[2010/11/30 20:19:27 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\sptlib02.dll
[2010/11/18 20:50:43 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/10/22 16:34:38 | 000,000,103 | ---- | C] () -- C:\Windows\SysWow64\hptrace.ini
[2010/10/22 16:33:46 | 000,007,138 | ---- | C] () -- C:\Windows\hpdj5800.ini
[2010/09/26 16:45:28 | 000,007,859 | ---- | C] () -- C:\Users\Tim\AppData\Roaming\pcouffin.cat
[2010/09/26 16:45:28 | 000,001,167 | ---- | C] () -- C:\Users\Tim\AppData\Roaming\pcouffin.inf
[2010/07/15 13:12:04 | 000,000,680 | ---- | C] () -- C:\Users\Tim\AppData\Local\d3d9caps.dat
[2010/04/17 10:48:19 | 000,211,340 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/02/07 14:02:49 | 000,024,226 | ---- | C] () -- C:\Users\Tim\AppData\Roaming\UserTile.png
[2009/08/18 16:59:39 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/08/18 16:59:25 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/08/18 16:59:10 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/31 15:59:48 | 000,008,704 | ---- | C] () -- C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/11 20:40:52 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/06/11 20:40:47 | 000,118,784 | ---- | C] () -- C:\Windows\SeaMonkeyUninstall.exe
[2009/06/11 20:40:42 | 000,118,784 | ---- | C] () -- C:\Windows\GREUninstall.exe
[2009/06/11 20:40:41 | 000,008,839 | ---- | C] () -- C:\Windows\mozver.dat
[2009/04/03 17:52:54 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/03/13 17:56:02 | 000,397,312 | R--- | C] () -- C:\Windows\SysWow64\zshp1020.exe
[2009/03/13 17:56:02 | 000,106,496 | R--- | C] () -- C:\Windows\SysWow64\vshp1020.dll
[2009/02/18 10:20:26 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/02/04 17:00:47 | 000,000,226 | ---- | C] () -- C:\Users\Tim\AppData\Roaming\wklnhst.dat
[2009/02/04 13:43:57 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2008/09/03 08:50:23 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008/09/03 08:24:19 | 000,779,024 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008/08/20 16:39:48 | 000,113,051 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/08/20 16:39:10 | 000,113,051 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/08/20 16:02:52 | 000,001,076 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/01/20 21:49:10 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 10:35:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== Custom Scans ==========


< dnsNSP.dll/md5stop >
Invalid Switch: md5stop


< End of report >
  • 0

#100
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
Forgot about Avast's sandbox.


Click on the Avast ball. Then click on Additional Protections then on AutoSandbox then on Settings then uncheck Enable AutoSandbox. OK

You don't need to turn Avast off with OTL but it will run faster if you do.

Right click on the Avast Ball and select Avast! Shields Control and Disable for 1 hour.

Ron
  • 0

Advertisements


#101
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
Here's the Extras file


OTL Extras logfile created on: 10/11/2011 07:59:18 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Tim\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.97 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 51.70% Memory free
8.13 Gb Paging File | 5.94 Gb Available in Paging File | 73.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 108.18 Gb Total Space | 16.74 Gb Free Space | 15.47% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 406.35 Gb Free Space | 87.25% Space Free | Partition Type: NTFS
Drive H: | 250.61 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TIM-PC | User Name: Tim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01 [binary data]
"VistaSp2" = C3 41 B2 C9 A2 68 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A6542EA-C236-46A2-BDC0-DAF9D41C507E}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{19FAA935-9B3D-44BC-B2D8-010F3CE55F84}" = rport=138 | protocol=17 | dir=out | app=system |
"{1AAAE430-7C02-4747-87F3-24A144983237}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{2013899E-9EB9-4078-AD33-EDE859C19ED3}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{21ED4E7F-E2DB-4C56-8934-74222F9105E3}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{27F87E52-1BFF-4CDA-A5C7-5268232CE1E2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{33CB7420-A6ED-4337-B6FA-81A6474B73DB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3DA9E6E7-42A2-4247-952D-DEC80F39005F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4895CB14-2DFD-4D28-9AE3-5B8E817C3DA8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4B80D2F7-CC2D-4A27-81A1-BFFB0E8FCF58}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4FE82F70-E87C-41E5-8757-0B695F825525}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{51B8C9C6-AD20-4103-833D-8AC4F2685783}" = lport=137 | protocol=17 | dir=in | app=system |
"{59343717-8741-45CC-AEB2-AB43E16AC6A6}" = lport=138 | protocol=17 | dir=in | app=system |
"{5AAB6D1A-17AD-4C68-BB88-F6062BAE5D27}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{5CBA5DB4-AC28-4489-9EB1-FC70EC14A2C6}" = rport=445 | protocol=6 | dir=out | app=system |
"{65EEC2C2-6C5F-4A20-B85D-39E96B232E5A}" = lport=139 | protocol=6 | dir=in | app=system |
"{6674AB1D-9FCC-4E32-99B4-0D113F5AF375}" = rport=137 | protocol=17 | dir=out | app=system |
"{67A3DA8F-342F-46C9-8008-D63562982709}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{712484A1-02FB-44AC-9FE9-D69FBDC3C854}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{738F1E7C-BAE7-48B1-8AF1-4F9843483B6F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{827A68D8-BBB1-4AC0-9254-7CD2189EF2F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{84C945AF-A307-4447-8CCB-56F8A1C58A5D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8D7535CA-243C-4471-B769-75EB3173FEF9}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{A1411F3D-26DE-4B87-9B8B-AF329DFB91B3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B100EF37-506A-4BE1-BAF7-6B15BB9F0ACC}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B3CEB5F1-71CE-49B4-A245-AFBB5FFCB807}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B57B5DC5-5419-453B-87E0-3AD37A83A453}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B8F41A1B-E067-4ED7-A3E0-90EEA6FA11EA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B9479E84-7250-41BF-97EB-0A4C700A83B0}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{C22705DB-1721-4DF1-85AE-19BD5E5C6495}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C6995374-86A3-4EBD-8262-45D8AB49E7C3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C77D5BCE-3DDF-4D4C-BFD8-C5B0B355628F}" = lport=445 | protocol=6 | dir=in | app=system |
"{C7E105C6-D68D-47EB-B39A-86BD7C4823B2}" = rport=139 | protocol=6 | dir=out | app=system |
"{CEBBC3FB-FF02-4FBA-BF91-F897909E0B63}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D3C1A44F-57C3-4B6B-9DB0-319F5CE73513}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE9D67D7-444E-47C1-B0AE-9E693380BF15}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DF3F8F05-D5B4-47E5-8F35-AE51C4C5C24A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0A60A8E-CF2C-42CA-8826-20282B30FF20}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F069370D-9FD1-4EFE-88A7-8E85CAD51D70}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{F4B63978-0F1F-4936-BCEC-C151A4B34322}" = lport=3389 | protocol=6 | dir=in | app=system |
"{FA084C43-8E8D-45BE-A744-A6F9AC2DE372}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02522027-B1FC-4296-9FDF-BF992F98E2FC}" = protocol=6 | dir=in | app=c:\users\tim\appdata\local\temp\7zs4818.tmp\symnrt.exe |
"{065BE00A-DE4A-42D7-B855-F641E077E5FC}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{0853D5C6-7604-45D8-B4A9-A2928C2F8BBC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0F059C2C-84C0-4587-B51C-2AF7FC49865A}" = protocol=1 | dir=out | [email protected],-28544 |
"{0F1FCC04-9C64-4693-886D-A9FEFDFFFDCC}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark s300-s400 series\lxeafax.exe |
"{1376730D-A7D6-43B4-A8BF-1D2F1B2ED740}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{1E713576-061B-4249-852E-3E4BB7AFD130}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio media plus\vmp.exe |
"{1EF61D39-C314-44DF-B44D-48F0FD76278E}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{24094273-82F1-4E16-9FAD-9073C4002CE3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{240D33CA-2671-453A-A114-DFAB4305E744}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{24B020C1-D512-4E8E-B8E2-AC61923FE95E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2698D81E-1A30-4FF8-B2EB-68D72A078CF5}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{26AEBA0D-FBA9-4D1A-A241-1A2557A66258}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{2A066B28-5A06-468F-A684-16F1C06EBA16}" = protocol=58 | dir=out | [email protected],-28546 |
"{359B9F86-286B-4A26-952F-1D47E01DC292}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3ABABC4E-8773-4EA3-8F2E-59668723628F}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{3D195EBB-8BEC-4ADD-818E-FE2617CDCBEC}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{3ED91C01-19BB-43FE-B51E-750EC0265650}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{499E857D-558D-46D0-8079-A97F74C3D818}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{4B743AB1-45EA-4005-8428-DB41D7A1012A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C313AAF-BC55-46EC-9D27-1ABF0A49A511}" = protocol=17 | dir=in | app=c:\windows\system32\dlbkcoms.exe |
"{505C5579-389F-4E8A-9D79-96D78003AD0F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{517165F8-752C-4BD6-B267-68DEC92E083B}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{51F3F04D-AF88-4947-B4AC-CA98EF5F4069}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{526B45B2-591C-4410-AC18-C5C8DC3BB608}" = protocol=17 | dir=in | app=c:\users\tim\appdata\local\temp\7zs4818.tmp\symnrt.exe |
"{52EEC3BE-9436-4A71-A80C-27526E9EFE03}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5326E781-EBFB-434C-BFC0-19A9D1DB9E91}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio media plus\sohcimp.exe |
"{5ABA11CA-C448-4F17-9109-A91E9EA812C5}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe |
"{5CF60E97-5C81-415C-BC60-E1D6C1F54318}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E5604B5-27A9-4C96-89FB-28E904096647}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5E7681E9-9CC8-4817-B344-85586E29DCA8}" = protocol=6 | dir=in | app=d:\frostwire\frostwire.exe |
"{60675F3E-FDBF-4002-BA08-00BEA1A6FC61}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark s300-s400 series\lxeafax.exe |
"{60DB9D01-D0AC-4840-BD5D-8971EC69606E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{63FC98E7-B156-486E-A5FC-EA0FB9C06C3C}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{65F04825-DFDF-4C76-9B1E-8F040CEE3BE8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6B1F72D5-4640-48ED-A674-0C33DABDF78B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{7061BF36-F96A-4E0D-BBA2-86612CA55C07}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio media plus\vmp.exe |
"{71DF8BD8-52C2-4518-9DDC-0BA81BFE0DC7}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{76BABC28-43F7-413A-929B-848D6EF94D8A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7B4184A1-D6CA-445A-AC01-73083E789183}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7D4DE55D-80CB-4A9C-8320-BC819C5165B6}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{7F56BD7D-F9CF-40A9-93ED-E54895E9C879}" = protocol=1 | dir=in | [email protected],-28543 |
"{858F155E-1AB6-463A-A321-43DC85E712CF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{863D3E98-581C-4C1E-8C13-56B4CF690371}" = protocol=58 | dir=in | [email protected],-28545 |
"{86E6450D-A996-4930-B4CD-37AB3F0D65CF}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{8A82E588-7FD5-43DB-82BC-F62EF2CE4A3D}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio media plus\sohdms.exe |
"{8B76DF73-8ED5-426D-AFA5-E0DAB70E5161}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{8B7CF56C-D90A-4465-B70D-9561E05A3283}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio media plus\sohdms.exe |
"{8DCBE253-F94A-426E-BC58-E4208CC2D2DE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe |
"{94417C53-0D84-46E0-8520-DC3832F77487}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{949E560D-4CA0-481E-AEBF-21D911820B3F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{9602395C-0D7D-4359-B2E4-D03E4A5063B6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{98F7A6FF-B69F-4D32-A422-6E95266E8320}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9BE3AD68-54BE-4281-93CD-B2E594E12935}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{AAF4B738-1058-4E90-AC23-DD004F7CC5D5}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{AF43A0B0-3D06-455C-B806-F620DBB09DF6}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{B68CCA07-2F72-4A96-8E4E-9F4CD2206EC0}" = dir=in | app=d:\joans itunes\itunes.exe |
"{C8B392AC-F2A9-4285-A73E-354E6899B89A}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio media plus\sohds.exe |
"{CA959F5B-D8D7-43B9-B887-5B5942EB3022}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CE8EF11E-5883-4AFC-8234-414E10D67F22}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8F49A58-3E36-46BE-86B7-94A2DF0C3983}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio media plus\sohcimp.exe |
"{DDCA7DAF-ED20-4ABE-86CA-E2245C93877E}" = protocol=17 | dir=in | app=d:\frostwire\frostwire.exe |
"{E14E5D7A-9971-4876-80F0-70FAF00C1C92}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E1C6235C-26CC-496F-BAC1-57122295861A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E1FE5CE1-CE83-44F4-A09D-A4E3E04494BC}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio media plus\sohds.exe |
"{E3042E8E-6AC6-4550-9730-950F3CDCFDCC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{E47ABE61-9AC7-456E-85C7-E14FFB64EC7D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E9984B18-D2CA-472C-821C-86190D6D3B65}" = protocol=6 | dir=in | app=c:\windows\system32\dlbkcoms.exe |
"{EF62CE2A-E214-4DAE-9620-37AC7FC71A8C}" = protocol=6 | dir=out | app=system |
"{FE0412C3-C0AA-4414-8B70-4439E23675B6}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"TCP Query User{1705D028-CDEA-4558-9454-407BD859BF98}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{2959C062-9B07-44FB-9C8E-9F38B7F4CEB4}C:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe |
"TCP Query User{33E528A4-146C-4E9B-ABA7-79B965F0FD28}C:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe |
"TCP Query User{3E34D1C6-EF0E-40C0-BCF7-765ABAE78C28}C:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe |
"TCP Query User{4BD166A6-D57E-4B2F-A206-B037C91ECC95}C:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe |
"TCP Query User{54422DEF-8A29-44ED-B203-73B305F7BC52}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{565F9A4A-5925-47D3-ADCA-0E15D5329781}C:\windows\syswow64\msiexec.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"TCP Query User{615711F8-464F-478B-89A6-2C5389C8B462}C:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe |
"TCP Query User{729AFA2C-9B96-4E52-AF34-946B83787BBA}C:\program files (x86)\look@lan\lookatlan.exe" = protocol=6 | dir=in | app=c:\program files (x86)\look@lan\lookatlan.exe |
"TCP Query User{79947826-42AB-4D55-8038-37379B611795}C:\program files (x86)\macromedia\dreamweaver mx 2004\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\macromedia\dreamweaver mx 2004\dreamweaver.exe |
"TCP Query User{84009FC0-5C6E-4327-829E-AC99E1CC1BD5}C:\program files (x86)\ws_ftp pro\wsftppro.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ws_ftp pro\wsftppro.exe |
"TCP Query User{96F0A75E-6943-4FDA-8744-F2A9A4D039D1}C:\users\tim\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\tim\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"TCP Query User{A072C793-2986-4F3C-B916-AA65BF802BC6}C:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe |
"TCP Query User{A13F71F2-2EE1-4776-B1A4-CA47BC3173C5}C:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe |
"TCP Query User{B5299967-5E93-4676-9345-4BE9EFB19B5B}C:\program files (x86)\look@lan\lookathost.exe" = protocol=6 | dir=in | app=c:\program files (x86)\look@lan\lookathost.exe |
"TCP Query User{CC281841-D5A2-4C4D-A8BF-8E5BD2628FBF}C:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe |
"TCP Query User{F2B2B188-0D0A-468C-A28F-F3611E44A759}C:\program files (x86)\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"TCP Query User{F2E46F14-3FE8-4EA4-A315-94BB6DF18C84}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe |
"TCP Query User{F3CB22C6-A82F-4991-9B80-23FF6301431D}C:\windows\syswow64\msiexec.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"UDP Query User{153C3630-6ED5-48FC-B39C-D90A31324ABA}C:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe |
"UDP Query User{166CEBCC-8B8C-40F1-8C2A-81541C49B465}C:\windows\syswow64\msiexec.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"UDP Query User{1C232EA2-AEE4-410F-A9D8-7E4E9CF55B35}C:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe |
"UDP Query User{1DC7AD79-D164-435F-8DAF-AD6421D29DB1}C:\program files (x86)\look@lan\lookathost.exe" = protocol=17 | dir=in | app=c:\program files (x86)\look@lan\lookathost.exe |
"UDP Query User{3C2A4F0B-E1D3-4096-BDE4-FB85A8EE538C}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe |
"UDP Query User{3F09B335-C9B4-4BED-9593-8512B96AC2F9}C:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe |
"UDP Query User{4D912F0D-8FD6-4204-8396-6B82D8C9994C}C:\program files (x86)\macromedia\dreamweaver mx 2004\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\macromedia\dreamweaver mx 2004\dreamweaver.exe |
"UDP Query User{63936F24-3200-422F-B6D0-FACC985C7CA7}C:\program files (x86)\ws_ftp pro\wsftppro.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ws_ftp pro\wsftppro.exe |
"UDP Query User{7635DAB8-BDAB-43AB-89FC-40E467AE152D}C:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe |
"UDP Query User{7CCA57AD-9987-4F81-8A39-E86EC52019B6}C:\program files (x86)\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"UDP Query User{88F14496-D947-4814-9A08-25059705AE30}C:\windows\syswow64\msiexec.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"UDP Query User{915C4D00-2B08-46BA-AF10-6D224C8309AD}C:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe |
"UDP Query User{B820F5D5-3D78-4B73-8907-61C98499C46B}C:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe |
"UDP Query User{BA051897-7571-4DA3-9057-F6661A4A2143}C:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe |
"UDP Query User{C3569C86-72C6-4B4E-841B-CB1284FCBB04}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{C50848C0-3FF1-4319-BF11-90254BA5C082}C:\program files (x86)\look@lan\lookatlan.exe" = protocol=17 | dir=in | app=c:\program files (x86)\look@lan\lookatlan.exe |
"UDP Query User{C67AE0D8-1C33-4DF7-9E78-492B1C19C7EA}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{CD1F634B-223F-42EE-8378-CCD3234FA223}C:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe |
"UDP Query User{FC16D2FC-21D4-4895-9135-07A80A4C940E}C:\users\tim\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\tim\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{151CB4B7-FC63-4C72-8A21-5E87EB419DBB}" = Protector Suite QL 5.6
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel® PROSet/Wireless WiFi Software
"{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}" = Regi
"{704ABF63-B0B1-446B-9D92-C5D06AFCE7B6}" = PlayReady PC runtime
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center
"{E464702F-5433-46EC-8F65-159276C0A54F}" = WIDCOMM Bluetooth Software 6.2.0.4500
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Garritan Instruments for Finale 2009_is1" = Garritan Instruments for Finale 2009
"Lexmark S300-S400 Series" = Lexmark S300-S400 Series
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15210C5B-9E04-4BF7-B019-AE958F238333}" = Roxio Easy VHS to DVD
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE and Welcome Center
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java™ 6 Update 27
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2B27EB8B-3AA6-438F-BCB0-719CE2C52E32}" = VAIO Content Metadata XML Interface Library
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{359FCAA7-B544-4147-AE3B-8C8A526E2427}" = Sony Image Data Suite
"{363611D9-1106-41F2-B74E-BD8481C41219}" = Click to Disc
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{4314FCA1-7D0D-45E7-B115-C142466BC60A}" = VAIO Content Metadata Manager Setting
"{44B23220-E68E-4FBC-B02C-1A89AC0C8C5F}" = Roxio CinePlayer Decoder Pack
"{472080B7-D6E7-49E8-9383-FF136B8A8C34}" = JMicron JMB368 ExpressCard CF Adapter
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DC49A9A-6DD0-40D2-A851-527764DA8379}" = Adobe Setup
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Power Management
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}" = VAIO Content Metadata Intelligent Analyzing Manager
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EE2B-62BF-4DEB-B4AA-91456D245F47}" = Sibelius Scorch (Firefox, Opera, Netscape only)
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{73E81E9B-7319-43AD-B7CC-1C61405E5089}" = Adobe After Effects CS3 Template Projects & Footage
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects
"{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB
"{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8ECB8220-F419-4BEB-9596-97033C533702}" = QuickBooks Simple Start 2008
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_SMALLBUSINESSR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A552C4EA-D41E-4C61-A0FB-C0E05440F7D7}" = VAIO Entertainment Platform
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_946" = Adobe Acrobat 9.4.6 - CPSID_83708
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B513C7B0-024A-498F-B0F5-00C67E2440A9}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus
"{BCED773C-99EE-48DD-8915-25733F69F0A8}" = VAIO Wireless Wizard
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C0990649-FEC2-423A-8F37-A8952404E6CD}" = Roxio Easy VHS to DVD
"{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB8A8696-93EC-414E-A752-850AB133F68A}" = VAIO Content Metadata XML Interface Library
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}" = AVer Media Center
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{D47FE987-EA3D-424B-9886-B752501D7CE7}" = VAIO Help and Support
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF0415CC-0563-407F-B560-9B7F277122C5}" = VAIO BD Menu Data
"{DFD0E9A9-F24A-492B-8975-8C938E32408F}" = VAIO Startup Assistant
"{E09A5851-B293-465E-A9FE-DFC11E0F4586}" = VAIO Content Metadata Intelligent Analyzing Manager
"{E1D25278-B51A-4163-BC3D-20A4D2D09F98}" = VAIO My Memory Center
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EACCC991-8E8C-4397-8854-349506741FC9}" = FileMaker Pro 11
"{EACCC991-8E8C-4397-8854-349506741FC9}_FileMaker" = FileMaker Pro 11
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE59BBF9-415C-45DB-8C4B-EE43CF635FEA}" = VAIO Content Metadata XML Interface Library
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{FAE74C2C-298A-41BA-8BDB-F5A005F93278}" = Roxio Express Labeler
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD72E69E-CF34-4071-BFD6-FD081A365E2C}" = VAIO Content Metadata Intelligent Analyzing Manager
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FE697886-F392-4E0D-A0C0-47587BF60992}" = VAIO Content Metadata Manager Setting
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_915239ded2552e78978d0dbab7657a5" = Add or Remove Adobe Creative Suite 3 Master Collection
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"AVerMedia H826 series driver" = AVerMedia H826 series driver 1.0.64.88
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ESET Online Scanner" = ESET Online Scanner v3
"Finale 2009" = Finale 2009
"Google Updater" = Google Updater
"HP-LaserJet 1020 series" = LaserJet 1020 series
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"InstallShield_{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}" = AVer Media Center
"iPod to Computer Transfer" = iPod to Computer Transfer 4.8.2
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Magic DVD Copier_is1" = Magic DVD Copier Version 5.0.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"Opera 11.51.1087" = Opera 11.51
"PROPLUS" = Microsoft Office Professional Plus 2007
"SeaMonkey (1.1.16)" = SeaMonkey (1.1.16)
"SeaMonkey (2.0.6)" = SeaMonkey (2.0.6)
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"SoundTap" = SoundTap Streaming Audio Recorder
"Switch" = Switch Sound File Converter
"WavePad" = WavePad Sound Editor
"WS_FTP Pro" = Ipswitch WS_FTP Pro
"Yahoo! Messenger" = Yahoo! Messenger

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/11/2011 08:22:24 PM | Computer Name = Tim-PC | Source = SQLBrowser | ID = 5111819
Description = The SQLBrowser service encountered a critical failure.

Error - 10/11/2011 08:22:24 PM | Computer Name = Tim-PC | Source = SQLBrowser | ID = 5111818
Description = The SQLBrowser service was unable to establish SQL instance and connectivity
discovery.

Error - 10/11/2011 08:22:37 PM | Computer Name = Tim-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/11/2011 08:22:43 PM | Computer Name = Tim-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 10/11/2011 08:45:14 PM | Computer Name = Tim-PC | Source = SQLBrowser | ID = 5111819
Description = The SQLBrowser service encountered a critical failure.

Error - 10/11/2011 08:45:14 PM | Computer Name = Tim-PC | Source = SQLBrowser | ID = 5111818
Description = The SQLBrowser service was unable to establish SQL instance and connectivity
discovery.

Error - 10/11/2011 08:45:20 PM | Computer Name = Tim-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/11/2011 08:45:21 PM | Computer Name = Tim-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

[ Media Center Events ]
Error - 1/15/2011 11:17:30 AM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (5220.1129)

Error - 1/16/2011 04:03:30 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (5760.1128)

Error - 1/16/2011 04:03:30 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (5760.1129)

Error - 1/16/2011 04:03:59 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (5760.1128)

Error - 1/16/2011 04:03:59 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (5760.1129)

Error - 6/20/2011 04:28:04 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (1488.1128)

Error - 6/20/2011 04:28:04 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (1488.1129)

Error - 6/20/2011 04:28:33 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (1488.1128)

Error - 6/20/2011 04:28:33 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (1488.1129)

Error - 9/24/2011 09:57:11 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Failed to retrieve Directory (Error: The operation has timed out)
(7260.1114)

[ System Events ]
Error - 10/11/2011 08:21:40 PM | Computer Name = Tim-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\DMICall.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 10/11/2011 08:22:38 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 10/11/2011 08:22:38 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 10/11/2011 08:22:38 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/11/2011 08:22:38 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 10/11/2011 08:44:41 PM | Computer Name = Tim-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\DMICall.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 10/11/2011 08:45:20 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 10/11/2011 08:45:20 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 10/11/2011 08:45:20 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/11/2011 08:45:20 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0

#102
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
It didn't work for some reason. When you paste the copied text it should look just like it did on the website. IF it loses the line feeds it will all run together and won't work. I'll attach the file and perhaps it will work better. Download script.txt and then open it with notepad and it should copy and paste OK.


Don't forget the junk file from "netsh winsock show catalog > \junk.txt"

Ron
  • 0

#103
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
I wondered about that.... Sorry.

It is working properly through the download
  • 0

#104
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
OTL

OTL logfile created on: 10/11/2011 08:22:53 PM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Tim\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.97 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 47.59% Memory free
8.13 Gb Paging File | 5.69 Gb Available in Paging File | 69.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 108.18 Gb Total Space | 16.74 Gb Free Space | 15.47% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 406.35 Gb Free Space | 87.25% Space Free | Partition Type: NTFS
Drive H: | 250.61 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TIM-PC | User Name: Tim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/09 21:59:59 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Tim\Desktop\OTL.exe
PRC - [2011/09/06 15:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/19 01:07:38 | 000,421,736 | ---- | M] (Apple Inc.) -- D:\Joans Itunes\iTunesHelper.exe
PRC - [2011/01/23 20:08:55 | 000,148,280 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
PRC - [2011/01/23 20:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
PRC - [2010/09/22 18:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\SysWOW64\atashost.exe
PRC - [2008/10/17 07:34:39 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2008/07/28 19:45:42 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2008/07/28 19:45:42 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008/07/21 15:10:06 | 000,014,376 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2008/06/21 03:53:53 | 000,679,936 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
PRC - [2008/06/20 10:56:44 | 000,415,744 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008/06/19 10:55:48 | 000,279,848 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2008/06/13 03:34:02 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2008/06/12 01:13:24 | 000,337,184 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2008/06/08 01:41:22 | 000,352,256 | ---- | M] (AVerMedia) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2008/05/24 21:01:16 | 000,086,016 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Media plus\VMpTtray.exe
PRC - [2008/05/22 16:23:10 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2008/05/20 21:05:40 | 000,353,568 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe
PRC - [2008/05/20 21:05:40 | 000,103,712 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe
PRC - [2008/05/20 21:05:40 | 000,062,752 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe
PRC - [2008/05/20 15:48:32 | 000,024,576 | ---- | M] (Sony Electronics, Inc.) -- C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
PRC - [2008/04/15 19:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 19:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/03 22:03:38 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2008/03/25 16:32:18 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
PRC - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/01/04 21:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/11 10:27:18 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll
MOD - [2011/08/11 10:26:59 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll
MOD - [2011/08/11 10:24:12 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll
MOD - [2011/06/22 03:25:46 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll
MOD - [2011/01/23 20:08:55 | 000,148,280 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
MOD - [2011/01/23 20:08:52 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
MOD - [2010/06/01 10:17:46 | 000,929,792 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2010/04/05 05:56:20 | 000,094,359 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epoemdll.dll
MOD - [2010/04/05 05:56:19 | 000,045,221 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epstring.dll
MOD - [2010/04/05 05:56:17 | 002,203,803 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epwizres.dll
MOD - [2010/04/05 05:56:07 | 000,716,954 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epwizard.dll
MOD - [2010/04/05 05:55:15 | 000,159,890 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\customui.dll
MOD - [2010/04/05 05:55:04 | 000,061,604 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\epfunct.dll
MOD - [2010/04/05 05:54:59 | 000,123,033 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\eputil.dll
MOD - [2010/04/05 05:54:52 | 000,143,502 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\imagutil.dll
MOD - [2010/04/01 12:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadrs.dll
MOD - [2010/04/01 12:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeascw.dll
MOD - [2009/09/05 00:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/05/27 07:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadatr.dll
MOD - [2009/04/07 14:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\iptk.dll
MOD - [2009/03/10 00:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacaps.dll
MOD - [2009/03/02 09:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaptp.dll
MOD - [2009/02/27 16:39:29 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.DEU
MOD - [2009/02/27 16:32:27 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA
MOD - [2009/02/20 03:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\SysWOW64\LXEAsmr.dll
MOD - [2009/02/20 03:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXEAsm.dll
MOD - [2008/07/28 19:45:44 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
MOD - [2008/06/13 03:34:02 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/04/14 15:45:36 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeacoms.exe -- (lxea_device)
SRV:64bit: - [2010/04/14 15:45:30 | 000,045,736 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxeaserv.exe -- (lxeaCATSCustConnectService)
SRV:64bit: - [2008/09/29 16:06:32 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector)
SRV:64bit: - [2008/08/06 20:06:48 | 000,407,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2008/06/12 01:13:24 | 000,337,184 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2008/06/12 01:10:46 | 000,107,808 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2008/04/30 22:20:42 | 001,371,136 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2008/04/30 21:42:20 | 000,826,368 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2008/04/25 07:08:03 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV:64bit: - [2008/01/20 21:50:23 | 000,195,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/01/20 21:46:39 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/06/25 22:17:18 | 000,567,024 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlbkcoms.exe -- (dlbk_device)
SRV - [2010/04/14 15:45:21 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxeacoms.exe -- (lxea_device)
SRV - [2010/02/19 07:44:44 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\VHStoDVD\SharedCOM\RoxMediaDBVHS.exe -- (RoxMediaDBVHS)
SRV - [2009/11/03 16:54:41 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2008/10/17 07:34:39 | 000,409,600 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2008/07/28 19:45:42 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008/07/12 22:40:36 | 000,133,120 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService)
SRV - [2008/06/20 10:56:44 | 000,415,744 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2008/06/19 10:55:48 | 000,279,848 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008/06/08 01:41:22 | 000,352,256 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2008/05/22 16:23:10 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008/05/22 16:21:44 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008/05/20 21:05:40 | 000,353,568 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008/05/20 21:05:40 | 000,103,712 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008/05/20 21:05:40 | 000,062,752 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008/05/20 03:51:34 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2008/05/20 03:49:04 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2008/05/20 03:29:06 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2008/04/15 19:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/03/25 16:32:18 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/11/12 22:59:54 | 000,020,480 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2007/05/24 09:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/01/04 21:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/06 15:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/09/06 15:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/09/06 15:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/09/06 15:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/09/06 15:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/09/06 15:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/08/24 21:53:49 | 000,056,408 | ---- | M] (NCH Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stdriver64.sys -- (stdriver)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/09/26 16:45:28 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010/08/20 23:59:12 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/19 17:36:38 | 000,754,808 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2009/06/19 17:36:16 | 000,673,272 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2008/08/09 09:34:31 | 000,021,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2008/08/09 09:34:29 | 000,132,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2008/08/09 09:34:29 | 000,095,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2008/08/09 09:33:05 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2008/08/09 08:10:58 | 000,056,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008/07/17 08:54:22 | 000,064,512 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2008/07/14 20:17:16 | 000,315,648 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVerFx2hbtv64.sys -- (AVerFx2hbtv64)
DRV:64bit: - [2008/07/11 22:32:13 | 001,027,968 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVerAVF2.sys -- (AVerAVF2)
DRV:64bit: - [2008/07/01 23:13:36 | 000,073,104 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\jmcr_cfs.sys -- (JMCR_CFS)
DRV:64bit: - [2008/06/25 07:33:12 | 000,085,504 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rimssn64.sys -- (rimsptsk)
DRV:64bit: - [2008/05/27 13:10:52 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wimfltr.sys -- (WimFltr)
DRV:64bit: - [2008/05/20 07:11:21 | 000,321,072 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/05/16 12:38:11 | 000,062,480 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tcusb.sys -- (TcUsb)
DRV:64bit: - [2008/04/29 07:06:57 | 000,388,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/04/28 08:38:12 | 004,730,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel®
DRV:64bit: - [2008/04/25 07:08:09 | 000,391,680 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/04/25 07:08:03 | 000,009,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2008/04/25 07:07:54 | 001,511,936 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/04/25 07:07:54 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2008/04/25 07:07:49 | 000,731,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/04/25 07:07:49 | 000,300,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2008/03/10 05:45:53 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SFEP.sys -- (SFEP)
DRV:64bit: - [2008/01/30 19:33:30 | 000,019,456 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2008/01/20 21:46:34 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\avc.sys -- (Avc)
DRV:64bit: - [2008/01/20 21:46:34 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 21:46:05 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 21:46:05 | 000,058,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\61883.sys -- (61883)
DRV:64bit: - [2008/01/20 21:46:02 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/04/16 22:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2008/07/11 18:42:58 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\DMICall.sys -- (DMICall)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.atssb.org/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Joans Itunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/10/11 16:51:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/11 15:37:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/10 14:39:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.16\Extensions\\Components: C:\Program Files (x86)\mozilla.org\SeaMonkey\Components [2011/09/30 16:17:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.16\Extensions\\Plugins: C:\Program Files (x86)\mozilla.org\SeaMonkey\Plugins [2011/09/30 16:17:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.0.6\extensions\\Components: C:\Program Files (x86)\SeaMonkey\components [2011/09/30 16:17:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.0.6\extensions\\Plugins: C:\Program Files (x86)\SeaMonkey\plugins [2011/09/30 16:17:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.1.16\Extensions\\Components: C:\Program Files (x86)\mozilla.org\SeaMonkey\Components [2011/09/30 16:17:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.1.16\Extensions\\Plugins: C:\Program Files (x86)\mozilla.org\SeaMonkey\Plugins [2011/09/30 16:17:33 | 000,000,000 | ---D | M]

[2011/10/10 18:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tim\AppData\Roaming\Mozilla\Extensions
[2011/10/10 18:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tim\AppData\Roaming\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2011/10/10 18:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tim\AppData\Roaming\Mozilla\SeaMonkey\Profiles\sf659vms.default\extensions
[2011/10/11 15:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/09/30 09:19:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/10/10 14:11:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/10/11 16:51:34 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/09/29 01:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/10 14:11:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/06/18 13:16:18 | 010,437,264 | ---- | M] (PDFTron Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll
[2009/06/18 13:36:06 | 000,108,272 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll
[2011/09/28 19:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/10/11 13:42:09 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxeamon.exe] C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe ()
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AML] C:\Program Files (x86)\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [iTunesHelper] D:\Joans Itunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Lexmark S300-S400 Series] C:\Program Files (x86)\Lexmark S300-S400 Series\fm3032.exe ()
O4 - HKLM..\Run: [VAIORegistration] C:\Program Files\Sony\First Experience\WelcomeLauncher.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe ()
O4 - HKLM..\Run: [VWLASU] C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe (Sony Electronics, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [VMpTtray.exe] C:\Program Files (x86)\Sony\VAIO Media plus\VMpTtray.exe (Sony Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {615A1925-0E5B-4767-A65E-3165AEAC32A3} http://quickscan.bit...qsax/qsax64.cab (BitDefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7702BF8E-EF73-483D-A40E-5A2B1BD30996}: DhcpNameServer = 192.168.0.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB5C9DDC-490A-458A-B066-3F6C53B032A2}: DhcpNameServer = 192.168.0.1 192.168.2.1
O18:64bit: - Protocol\Handler\intu-help-qb1 - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\SysNative\vrlogon.dll (UPEK Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\psfus: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Program Files (x86)\Sony\First Experience\wallpapers\wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\Program Files (x86)\Sony\First Experience\wallpapers\wallpaper1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/29 06:05:08 | 000,000,075 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.dvsd - C:\Program Files (x86)\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/10/11 19:41:31 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/10/11 16:51:54 | 000,301,912 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/10/11 16:51:54 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/10/11 16:51:54 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/10/11 16:51:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/10/11 16:51:53 | 000,601,944 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/10/11 16:51:53 | 000,058,200 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/10/11 16:51:30 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/10/11 16:51:29 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/10/11 16:32:07 | 000,254,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/10/11 16:32:07 | 000,065,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/10/11 16:31:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/10/11 16:31:26 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/10/11 16:11:58 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Tim\Desktop\dds.com
[2011/10/11 16:09:17 | 000,061,440 | ---- | C] ( ) -- C:\Users\Tim\Desktop\VEW.exe
[2011/10/11 15:41:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/10/11 15:30:47 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/10/11 13:25:24 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/10/11 13:25:24 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/10/11 13:25:24 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/10/11 13:25:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/10/10 21:28:38 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Opera
[2011/10/10 21:28:38 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\Opera
[2011/10/10 21:28:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2011/10/10 18:41:38 | 000,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2011/10/10 14:46:06 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\CrashDumps
[2011/10/10 14:12:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/10/10 14:11:27 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/10/10 14:11:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/10/10 14:11:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/10/10 11:36:43 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Tim\Desktop\aswMBR.exe
[2011/10/10 11:33:49 | 001,558,832 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tim\Desktop\tdsskiller(1).exe
[2011/10/10 11:28:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/10 11:28:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/10/10 11:24:30 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Tim\Desktop\mbam-setup-1.51.2.1300(1).exe
[2011/10/10 09:13:54 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/10/09 21:59:59 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Tim\Desktop\OTL.exe
[2011/10/09 18:13:34 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Local\NPE
[2011/10/09 14:32:28 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011/10/09 14:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/10/09 14:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/10/09 12:52:10 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\QuickScan
[2011/10/09 09:25:19 | 000,000,000 | ---D | C] -- C:\found.000
[2011/10/07 09:34:20 | 000,055,384 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/10/07 09:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011/10/07 08:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/09/30 16:28:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/09/30 16:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/09/30 16:26:14 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/09/30 16:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/09/30 14:36:15 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\AVG2012
[2011/09/30 14:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011/09/30 13:03:06 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Intel
[2011/09/30 08:53:24 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll
[2011/09/25 10:38:30 | 000,000,000 | ---D | C] -- C:\Update
[2011/09/25 09:48:20 | 000,000,000 | ---D | C] -- C:\Users\Tim\AppData\Roaming\Auslogics
[2011/09/19 14:07:33 | 000,108,032 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMFCA.DLL
[2011/09/19 14:07:33 | 000,081,408 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBFCA.DLL
[2011/09/19 14:01:16 | 000,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICSDK2.dll
[2011/09/19 14:01:16 | 000,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICSDK.dll
[2011/09/19 14:01:15 | 000,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\PICEntry.dll
[2011/09/19 14:01:15 | 000,051,360 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\EpPicPrt.dll
[2011/09/19 14:01:15 | 000,051,360 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWow64\EpPicMgr.dll
[2011/09/19 14:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2011/09/19 13:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2011/07/22 15:26:43 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeapmui.dll
[2011/07/22 15:26:43 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeainpa.dll
[2011/07/22 15:26:43 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeaiesc.dll
[2011/07/22 15:26:42 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeaserv.dll
[2011/07/22 15:26:42 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeausb1.dll
[2011/07/22 15:26:42 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacomc.dll
[2011/07/22 15:26:42 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeahbn3.dll
[2011/07/22 15:26:42 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacoms.exe
[2011/07/22 15:26:42 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxealmpm.dll
[2011/07/22 15:26:42 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacfg.exe
[2011/07/22 15:26:42 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacomm.dll
[2011/07/22 15:26:42 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeaih.exe
[2010/09/26 16:45:28 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Tim\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011/10/11 20:09:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/10/11 19:50:28 | 000,760,648 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/11 19:50:28 | 000,645,296 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/11 19:50:28 | 000,119,716 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/11 19:49:06 | 000,113,051 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/10/11 19:44:55 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/11 19:44:55 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/11 19:44:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/11 19:41:54 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/10/11 19:22:54 | 000,113,051 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/10/11 16:51:54 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/10/11 16:51:53 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/10/11 16:40:29 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/10/11 16:11:48 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Tim\Desktop\dds.com
[2011/10/11 16:09:03 | 000,061,440 | ---- | M] ( ) -- C:\Users\Tim\Desktop\VEW.exe
[2011/10/11 15:37:33 | 000,000,912 | ---- | M] () -- C:\Users\Tim\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/11 15:37:33 | 000,000,888 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/11 13:58:54 | 000,000,501 | ---- | M] () -- C:\Users\Tim\Desktop\ComboFix.exe - Shortcut.lnk
[2011/10/11 13:42:09 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/10/11 12:47:42 | 002,448,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/11 12:31:51 | 000,002,675 | ---- | M] () -- C:\Users\Tim\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007 (2).lnk
[2011/10/11 09:00:13 | 000,000,008 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/10/10 21:28:26 | 000,001,692 | ---- | M] () -- C:\Users\Tim\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/10/10 21:28:26 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2011/10/10 20:46:56 | 008,892,928 | ---- | M] () -- C:\ProgramData\atscie.msi
[2011/10/10 18:42:18 | 000,779,024 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/10 14:11:02 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/10/10 14:11:02 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/10/10 14:11:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/10/10 14:11:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/10/10 11:41:57 | 000,000,512 | ---- | M] () -- C:\Users\Tim\Desktop\MBR.dat
[2011/10/10 11:39:23 | 710,079,385 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/10/10 11:36:57 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Tim\Desktop\aswMBR.exe
[2011/10/10 11:33:24 | 001,558,832 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tim\Desktop\tdsskiller(1).exe
[2011/10/10 11:28:40 | 000,000,570 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/10 11:23:56 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Tim\Desktop\mbam-setup-1.51.2.1300(1).exe
[2011/10/09 21:59:59 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Tim\Desktop\OTL.exe
[2011/10/07 09:33:48 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/10/07 08:41:37 | 000,002,549 | ---- | M] () -- C:\Users\Tim\Desktop\HiJackThis.lnk
[2011/10/07 08:34:36 | 000,025,160 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/10/04 14:39:48 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/10/04 09:31:54 | 000,017,408 | ---- | M] () -- C:\Users\Tim\AppData\Local\WebpageIcons.db
[2011/09/30 16:28:20 | 000,001,412 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/09/30 16:16:59 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/09/25 09:52:17 | 000,516,921 | ---- | M] () -- C:\test.xml
[2011/09/25 09:32:33 | 000,000,040 | ---- | M] () -- C:\Users\Public\Documents\_rgpl
[2011/09/19 22:04:49 | 000,000,680 | ---- | M] () -- C:\Users\Tim\AppData\Local\d3d9caps.dat

========== Files Created - No Company Name ==========

[2011/10/11 16:51:54 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/10/11 16:32:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011/10/11 15:37:33 | 000,000,912 | ---- | C] () -- C:\Users\Tim\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/11 15:37:33 | 000,000,900 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/10/11 15:37:33 | 000,000,888 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/11 13:58:54 | 000,000,501 | ---- | C] () -- C:\Users\Tim\Desktop\ComboFix.exe - Shortcut.lnk
[2011/10/11 13:25:24 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/10/11 13:25:24 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/10/11 13:25:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/10/11 13:25:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/10/11 13:25:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/10/10 21:28:26 | 000,001,692 | ---- | C] () -- C:\Users\Tim\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/10/10 21:28:26 | 000,001,680 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011/10/10 21:28:26 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011/10/10 18:42:24 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/10/10 11:41:57 | 000,000,512 | ---- | C] () -- C:\Users\Tim\Desktop\MBR.dat
[2011/10/10 11:39:23 | 710,079,385 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/10/10 11:28:40 | 000,000,570 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/07 08:34:36 | 000,025,160 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro35.sys
[2011/10/04 09:31:53 | 000,017,408 | ---- | C] () -- C:\Users\Tim\AppData\Local\WebpageIcons.db
[2011/09/30 16:28:20 | 000,001,412 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/09/30 16:16:59 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/09/25 09:52:15 | 000,516,921 | ---- | C] () -- C:\test.xml
[2011/09/25 09:32:33 | 000,000,040 | ---- | C] () -- C:\Users\Public\Documents\_rgpl
[2011/09/19 14:01:16 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/09/19 14:01:15 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011/09/19 14:01:15 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011/09/19 14:01:15 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011/09/19 14:01:15 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011/09/19 14:01:15 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011/09/19 14:01:15 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011/09/19 14:01:15 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011/09/19 14:01:15 | 000,012,669 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_EN.cfg
[2011/09/19 14:01:15 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011/09/19 14:01:15 | 000,006,478 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_PT.cfg
[2011/09/19 14:01:15 | 000,006,478 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_BP.cfg
[2011/09/19 14:01:15 | 000,006,366 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_FR.cfg
[2011/09/19 14:01:15 | 000,006,366 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_CF.cfg
[2011/09/19 14:01:15 | 000,006,226 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_ES.cfg
[2011/09/19 14:01:15 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011/09/19 14:01:15 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011/09/19 14:01:15 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011/09/19 14:01:15 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011/09/19 14:01:15 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011/09/19 14:01:15 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011/09/19 14:01:15 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011/07/22 15:26:43 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\LXEAinst.dll
[2011/07/22 15:26:43 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeacomx.dll
[2011/07/22 15:26:43 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxeains.dll
[2011/07/22 15:26:43 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxeainsb.dll
[2011/07/22 15:26:43 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\lxeainsr.dll
[2011/07/22 15:26:43 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxeajswr.dll
[2011/07/22 15:26:43 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeacur.dll
[2011/07/22 15:26:42 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeacu.dll
[2011/07/22 15:26:42 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeacub.dll
[2011/07/22 15:17:33 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXEAsm.dll
[2011/07/22 15:17:33 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\LXEAsmr.dll
[2011/03/05 14:53:58 | 000,000,000 | ---- | C] () -- C:\Users\Tim\AppData\Local\rx_image32.Cache
[2011/01/04 22:15:37 | 000,000,238 | ---- | C] () -- C:\Windows\dellstat.ini
[2010/12/24 12:06:27 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2010/11/30 20:19:28 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.dll
[2010/11/30 20:19:28 | 000,003,456 | ---- | C] () -- C:\Windows\SysWow64\AVerIO.sys
[2010/11/30 20:19:27 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\sptlib03.dll
[2010/11/30 20:19:27 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\sptlib01.dll
[2010/11/30 20:19:27 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\sptlib02.dll
[2010/11/18 20:50:43 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/10/22 16:34:38 | 000,000,103 | ---- | C] () -- C:\Windows\SysWow64\hptrace.ini
[2010/10/22 16:33:46 | 000,007,138 | ---- | C] () -- C:\Windows\hpdj5800.ini
[2010/09/26 16:45:28 | 000,007,859 | ---- | C] () -- C:\Users\Tim\AppData\Roaming\pcouffin.cat
[2010/09/26 16:45:28 | 000,001,167 | ---- | C] () -- C:\Users\Tim\AppData\Roaming\pcouffin.inf
[2010/07/15 13:12:04 | 000,000,680 | ---- | C] () -- C:\Users\Tim\AppData\Local\d3d9caps.dat
[2010/04/17 10:48:19 | 000,211,340 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/02/07 14:02:49 | 000,024,226 | ---- | C] () -- C:\Users\Tim\AppData\Roaming\UserTile.png
[2009/08/18 16:59:39 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/08/18 16:59:25 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/08/18 16:59:10 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/31 15:59:48 | 000,008,704 | ---- | C] () -- C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/11 20:40:52 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/06/11 20:40:47 | 000,118,784 | ---- | C] () -- C:\Windows\SeaMonkeyUninstall.exe
[2009/06/11 20:40:42 | 000,118,784 | ---- | C] () -- C:\Windows\GREUninstall.exe
[2009/06/11 20:40:41 | 000,008,839 | ---- | C] () -- C:\Windows\mozver.dat
[2009/04/03 17:52:54 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/03/13 17:56:02 | 000,397,312 | R--- | C] () -- C:\Windows\SysWow64\zshp1020.exe
[2009/03/13 17:56:02 | 000,106,496 | R--- | C] () -- C:\Windows\SysWow64\vshp1020.dll
[2009/02/18 10:20:26 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/02/04 17:00:47 | 000,000,226 | ---- | C] () -- C:\Users\Tim\AppData\Roaming\wklnhst.dat
[2009/02/04 13:43:57 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2008/09/03 08:50:23 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008/09/03 08:24:19 | 000,779,024 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008/08/20 16:39:48 | 000,113,051 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/08/20 16:39:10 | 000,113,051 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/08/20 16:02:52 | 000,001,076 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/01/20 21:49:10 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 10:35:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2011/10/10 10:13:36 | 000,004,893 | ---- | M] () -- C:\aaw7boot.log
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/08/20 16:37:10 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011/10/11 14:36:39 | 000,023,019 | ---- | M] () -- C:\ComboFix.txt
[2011/07/24 13:10:01 | 000,000,249 | ---- | M] () -- C:\faxfile.log
[2008/09/03 08:41:32 | 000,000,188 | ---- | M] () -- C:\Installer_Setup.log
[2011/10/11 19:44:44 | 279,064,575 | -HS- | M] () -- C:\pagefile.sys
[2011/10/11 16:21:57 | 000,077,208 | ---- | M] () -- C:\TDSSKiller.2.6.7.0_11.10.2011_16.19.57_log.txt
[2011/09/25 09:52:17 | 000,516,921 | ---- | M] () -- C:\test.xml
[2009/02/18 10:14:04 | 000,000,065 | -H-- | M] () -- C:\TrackitAudit.id
[2008/09/03 08:36:06 | 000,392,734 | ---- | M] () -- C:\vcredist_x86.log
[2011/10/11 19:28:25 | 000,001,392 | ---- | M] () -- C:\VEW.txt
[2010/11/08 17:42:56 | 000,003,984 | ---- | M] () -- C:\WirelessDiagLog.csv

< %systemroot%\Fonts\*.com >
[2006/11/02 10:05:44 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 10:05:44 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 10:05:44 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/11/18 17:49:28 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:35:48 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2005/03/18 06:18:56 | 000,049,152 | R--- | M] (Zenographics, Inc.) -- C:\Windows\system32\spool\prtprocs\w32x86\IMFPRINT.DLL

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011/09/06 15:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/20 22:21:14 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >


< MD5 for: CONNECT.DLL >
[2008/10/21 00:25:17 | 001,645,568 | ---- | M] (Microsoft Corporation) MD5=1C560CA4FBE7675D044273C6B69F3DC1 -- C:\Windows\winsxs\x86_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6001.18159_none_64e182cb96dae69e\connect.dll
[2008/10/21 00:16:20 | 001,645,568 | ---- | M] (Microsoft Corporation) MD5=234400AD69C09B878D65E7385C9EA63A -- C:\Windows\winsxs\x86_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6000.16766_none_62ed735b99bf2599\connect.dll
[2008/10/21 00:37:33 | 001,691,648 | ---- | M] (Microsoft Corporation) MD5=312BD4704112CA00F192706555C836E6 -- C:\Windows\winsxs\amd64_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6000.16766_none_bf0c0edf521c96cf\connect.dll
[2009/04/11 01:28:18 | 001,645,568 | ---- | M] (Microsoft Corporation) MD5=36509ECC02172D09507A16FAD12C566F -- C:\Windows\SysWOW64\connect.dll
[2009/04/11 01:28:18 | 001,645,568 | ---- | M] (Microsoft Corporation) MD5=36509ECC02172D09507A16FAD12C566F -- C:\Windows\winsxs\x86_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6002.18005_none_66fa06f393dc44ff\connect.dll
[2008/10/21 00:21:42 | 001,645,568 | ---- | M] (Microsoft Corporation) MD5=5AE97043F91FAEDA8985C1561CC3EB4D -- C:\Windows\winsxs\x86_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6001.22291_none_6537dd96b0202b74\connect.dll
[2009/04/11 02:11:14 | 001,691,648 | ---- | M] (Microsoft Corporation) MD5=A322BB42609E9D728C9440FB2685F04D -- C:\Windows\SysNative\connect.dll
[2009/04/11 02:11:14 | 001,691,648 | ---- | M] (Microsoft Corporation) MD5=A322BB42609E9D728C9440FB2685F04D -- C:\Windows\winsxs\amd64_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6002.18005_none_c318a2774c39b635\connect.dll
[2008/10/21 00:30:44 | 001,691,136 | ---- | M] (Microsoft Corporation) MD5=BD6503E83B592850F16B1CE82FAF33A8 -- C:\Windows\winsxs\amd64_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6000.20940_none_bfa54bac6b2f63d4\connect.dll
[2008/10/21 01:26:26 | 001,691,648 | ---- | M] (Microsoft Corporation) MD5=BFAAB2FE4DF6A35F12178853784761EA -- C:\Windows\winsxs\amd64_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6001.22291_none_c156791a687d9caa\connect.dll
[2008/01/20 21:48:11 | 001,691,136 | ---- | M] (Microsoft Corporation) MD5=CD27BEE7657BC7F5AB21DC4A66DCD2BF -- C:\Windows\winsxs\amd64_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6001.18000_none_c12d296b4f17eae9\connect.dll
[2008/10/21 00:06:53 | 001,645,568 | ---- | M] (Microsoft Corporation) MD5=E1742674170F9566321C9AFBC2D22527 -- C:\Windows\winsxs\x86_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6000.20940_none_6386b028b2d1f29e\connect.dll
[2008/01/20 21:48:59 | 001,645,568 | ---- | M] (Microsoft Corporation) MD5=EBAC4F3E45CC12F6433ED658C1853105 -- C:\Windows\winsxs\x86_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6001.18000_none_650e8de796ba79b3\connect.dll
[2008/10/21 00:49:01 | 001,691,648 | ---- | M] (Microsoft Corporation) MD5=F542132CCCC6C9B47C0207411B8E3014 -- C:\Windows\winsxs\amd64_microsoft-windows-getconnectedwizards_31bf3856ad364e35_6.0.6001.18159_none_c1001e4f4f3857d4\connect.dll

< MD5 for: DMICALL.SYS >
[2008/07/11 18:42:58 | 000,010,216 | ---- | M] (Sony Corporation) MD5=F206E28ED74C491FD5D7C0A1119CE37F -- C:\Windows\SysWOW64\drivers\DMICall.sys

< MD5 for: MSWSOCK.DLL >
[2008/01/20 21:49:59 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=66306D7E90650EBE667811C1AF010BAC -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_1471f289e5a92fc4\mswsock.dll
[2009/04/11 01:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\ERDNT\cache86\mswsock.dll
[2009/04/11 01:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\SysWOW64\mswsock.dll
[2009/04/11 01:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[2008/01/20 21:47:46 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
[2009/04/11 02:11:16 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=BB08D93011B82883EC33C7707A9627BE -- C:\Windows\ERDNT\cache64\mswsock.dll
[2009/04/11 02:11:16 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=BB08D93011B82883EC33C7707A9627BE -- C:\Windows\SysNative\mswsock.dll
[2009/04/11 02:11:16 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=BB08D93011B82883EC33C7707A9627BE -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_165d6b95e2cafb10\mswsock.dll

< MD5 for: NETCFGX.DLL >
[2008/01/20 21:47:35 | 000,386,560 | ---- | M] (Microsoft Corporation) MD5=6BC5FCEF351E4CB5A269C1E84B5A06DA -- C:\Windows\SysWOW64\netcfgx.dll
[2008/01/20 21:47:35 | 000,386,560 | ---- | M] (Microsoft Corporation) MD5=6BC5FCEF351E4CB5A269C1E84B5A06DA -- C:\Windows\winsxs\x86_microsoft-windows-ndis-tdi-bindingengine_31bf3856ad364e35_6.0.6001.18000_none_3e14e7642587c68e\netcfgx.dll
[2008/01/20 21:49:49 | 000,503,808 | ---- | M] (Microsoft Corporation) MD5=C1AE82B8F60ADB630C00DCE48E571CDD -- C:\Windows\SysNative\netcfgx.dll
[2008/01/20 21:49:49 | 000,503,808 | ---- | M] (Microsoft Corporation) MD5=C1AE82B8F60ADB630C00DCE48E571CDD -- C:\Windows\winsxs\amd64_microsoft-windows-ndis-tdi-bindingengine_31bf3856ad364e35_6.0.6001.18000_none_9a3382e7dde537c4\netcfgx.dll

< MD5 for: NETMAN.DLL >
[2008/01/20 21:47:16 | 000,348,160 | ---- | M] (Microsoft Corporation) MD5=9B63B29DEFC0F3115A559D2597BF5D75 -- C:\Windows\ERDNT\cache64\netman.dll
[2008/01/20 21:47:16 | 000,348,160 | ---- | M] (Microsoft Corporation) MD5=9B63B29DEFC0F3115A559D2597BF5D75 -- C:\Windows\SysNative\netman.dll
[2008/01/20 21:47:16 | 000,348,160 | ---- | M] (Microsoft Corporation) MD5=9B63B29DEFC0F3115A559D2597BF5D75 -- C:\Windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_6bdbb71a0a2d4469\netman.dll

< MD5 for: NETSHELL.DLL >
[2008/01/20 21:49:34 | 003,341,312 | ---- | M] (Microsoft Corporation) MD5=1DA9A97633442FF5349B742FDCFD3E2C -- C:\Windows\winsxs\amd64_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_31a20656c6683a63\netshell.dll
[2008/01/20 21:47:20 | 003,173,376 | ---- | M] (Microsoft Corporation) MD5=5AA18E7840E880E10789DE414BF3131A -- C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\netshell.dll
[2009/04/11 02:11:16 | 003,341,312 | ---- | M] (Microsoft Corporation) MD5=AA6FAA30D3D0D4424DBA3D74D1CA1E14 -- C:\Windows\SysNative\netshell.dll
[2009/04/11 02:11:16 | 003,341,312 | ---- | M] (Microsoft Corporation) MD5=AA6FAA30D3D0D4424DBA3D74D1CA1E14 -- C:\Windows\winsxs\amd64_microsoft-windows-netshell_31bf3856ad364e35_6.0.6002.18005_none_338d7f62c38a05af\netshell.dll
[2009/04/11 01:28:23 | 003,174,400 | ---- | M] (Microsoft Corporation) MD5=E98E402067978DB38282158F9E8609CA -- C:\Windows\SysWOW64\netshell.dll
[2009/04/11 01:28:23 | 003,174,400 | ---- | M] (Microsoft Corporation) MD5=E98E402067978DB38282158F9E8609CA -- C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6002.18005_none_d76ee3df0b2c9479\netshell.dll

< End of report >
  • 0

#105
tedins

tedins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts
OTL Extras logfile created on: 10/11/2011 08:22:53 PM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Tim\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.97 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 47.59% Memory free
8.13 Gb Paging File | 5.69 Gb Available in Paging File | 69.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 108.18 Gb Total Space | 16.74 Gb Free Space | 15.47% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 406.35 Gb Free Space | 87.25% Space Free | Partition Type: NTFS
Drive H: | 250.61 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: TIM-PC | User Name: Tim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWOW64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\SysWOW64\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\SysWOW64\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\SysWOW64\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01 [binary data]
"VistaSp2" = C3 41 B2 C9 A2 68 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A6542EA-C236-46A2-BDC0-DAF9D41C507E}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{19FAA935-9B3D-44BC-B2D8-010F3CE55F84}" = rport=138 | protocol=17 | dir=out | app=system |
"{1AAAE430-7C02-4747-87F3-24A144983237}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{2013899E-9EB9-4078-AD33-EDE859C19ED3}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{21ED4E7F-E2DB-4C56-8934-74222F9105E3}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{27F87E52-1BFF-4CDA-A5C7-5268232CE1E2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{33CB7420-A6ED-4337-B6FA-81A6474B73DB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3DA9E6E7-42A2-4247-952D-DEC80F39005F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4895CB14-2DFD-4D28-9AE3-5B8E817C3DA8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4B80D2F7-CC2D-4A27-81A1-BFFB0E8FCF58}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4FE82F70-E87C-41E5-8757-0B695F825525}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{51B8C9C6-AD20-4103-833D-8AC4F2685783}" = lport=137 | protocol=17 | dir=in | app=system |
"{59343717-8741-45CC-AEB2-AB43E16AC6A6}" = lport=138 | protocol=17 | dir=in | app=system |
"{5AAB6D1A-17AD-4C68-BB88-F6062BAE5D27}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{5CBA5DB4-AC28-4489-9EB1-FC70EC14A2C6}" = rport=445 | protocol=6 | dir=out | app=system |
"{65EEC2C2-6C5F-4A20-B85D-39E96B232E5A}" = lport=139 | protocol=6 | dir=in | app=system |
"{6674AB1D-9FCC-4E32-99B4-0D113F5AF375}" = rport=137 | protocol=17 | dir=out | app=system |
"{67A3DA8F-342F-46C9-8008-D63562982709}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{712484A1-02FB-44AC-9FE9-D69FBDC3C854}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{738F1E7C-BAE7-48B1-8AF1-4F9843483B6F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{827A68D8-BBB1-4AC0-9254-7CD2189EF2F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{84C945AF-A307-4447-8CCB-56F8A1C58A5D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8D7535CA-243C-4471-B769-75EB3173FEF9}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{A1411F3D-26DE-4B87-9B8B-AF329DFB91B3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B100EF37-506A-4BE1-BAF7-6B15BB9F0ACC}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B3CEB5F1-71CE-49B4-A245-AFBB5FFCB807}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B57B5DC5-5419-453B-87E0-3AD37A83A453}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B8F41A1B-E067-4ED7-A3E0-90EEA6FA11EA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B9479E84-7250-41BF-97EB-0A4C700A83B0}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{C22705DB-1721-4DF1-85AE-19BD5E5C6495}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C6995374-86A3-4EBD-8262-45D8AB49E7C3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C77D5BCE-3DDF-4D4C-BFD8-C5B0B355628F}" = lport=445 | protocol=6 | dir=in | app=system |
"{C7E105C6-D68D-47EB-B39A-86BD7C4823B2}" = rport=139 | protocol=6 | dir=out | app=system |
"{CEBBC3FB-FF02-4FBA-BF91-F897909E0B63}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D3C1A44F-57C3-4B6B-9DB0-319F5CE73513}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE9D67D7-444E-47C1-B0AE-9E693380BF15}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DF3F8F05-D5B4-47E5-8F35-AE51C4C5C24A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0A60A8E-CF2C-42CA-8826-20282B30FF20}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F069370D-9FD1-4EFE-88A7-8E85CAD51D70}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{F4B63978-0F1F-4936-BCEC-C151A4B34322}" = lport=3389 | protocol=6 | dir=in | app=system |
"{FA084C43-8E8D-45BE-A744-A6F9AC2DE372}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02522027-B1FC-4296-9FDF-BF992F98E2FC}" = protocol=6 | dir=in | app=c:\users\tim\appdata\local\temp\7zs4818.tmp\symnrt.exe |
"{065BE00A-DE4A-42D7-B855-F641E077E5FC}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{0853D5C6-7604-45D8-B4A9-A2928C2F8BBC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0F059C2C-84C0-4587-B51C-2AF7FC49865A}" = protocol=1 | dir=out | [email protected],-28544 |
"{0F1FCC04-9C64-4693-886D-A9FEFDFFFDCC}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark s300-s400 series\lxeafax.exe |
"{1376730D-A7D6-43B4-A8BF-1D2F1B2ED740}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{1E713576-061B-4249-852E-3E4BB7AFD130}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio media plus\vmp.exe |
"{1EF61D39-C314-44DF-B44D-48F0FD76278E}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{24094273-82F1-4E16-9FAD-9073C4002CE3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{240D33CA-2671-453A-A114-DFAB4305E744}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{24B020C1-D512-4E8E-B8E2-AC61923FE95E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2698D81E-1A30-4FF8-B2EB-68D72A078CF5}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{26AEBA0D-FBA9-4D1A-A241-1A2557A66258}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{2A066B28-5A06-468F-A684-16F1C06EBA16}" = protocol=58 | dir=out | [email protected],-28546 |
"{359B9F86-286B-4A26-952F-1D47E01DC292}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3ABABC4E-8773-4EA3-8F2E-59668723628F}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{3D195EBB-8BEC-4ADD-818E-FE2617CDCBEC}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{3ED91C01-19BB-43FE-B51E-750EC0265650}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{499E857D-558D-46D0-8079-A97F74C3D818}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{4B743AB1-45EA-4005-8428-DB41D7A1012A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C313AAF-BC55-46EC-9D27-1ABF0A49A511}" = protocol=17 | dir=in | app=c:\windows\system32\dlbkcoms.exe |
"{505C5579-389F-4E8A-9D79-96D78003AD0F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{517165F8-752C-4BD6-B267-68DEC92E083B}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{51F3F04D-AF88-4947-B4AC-CA98EF5F4069}" = dir=in | app=c:\windows\system32\lxeacoms.exe |
"{526B45B2-591C-4410-AC18-C5C8DC3BB608}" = protocol=17 | dir=in | app=c:\users\tim\appdata\local\temp\7zs4818.tmp\symnrt.exe |
"{52EEC3BE-9436-4A71-A80C-27526E9EFE03}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5326E781-EBFB-434C-BFC0-19A9D1DB9E91}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio media plus\sohcimp.exe |
"{5ABA11CA-C448-4F17-9109-A91E9EA812C5}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe |
"{5CF60E97-5C81-415C-BC60-E1D6C1F54318}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E5604B5-27A9-4C96-89FB-28E904096647}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5E7681E9-9CC8-4817-B344-85586E29DCA8}" = protocol=6 | dir=in | app=d:\frostwire\frostwire.exe |
"{60675F3E-FDBF-4002-BA08-00BEA1A6FC61}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark s300-s400 series\lxeafax.exe |
"{60DB9D01-D0AC-4840-BD5D-8971EC69606E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{63FC98E7-B156-486E-A5FC-EA0FB9C06C3C}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{65F04825-DFDF-4C76-9B1E-8F040CEE3BE8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6B1F72D5-4640-48ED-A674-0C33DABDF78B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{7061BF36-F96A-4E0D-BBA2-86612CA55C07}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio media plus\vmp.exe |
"{71DF8BD8-52C2-4518-9DDC-0BA81BFE0DC7}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{76BABC28-43F7-413A-929B-848D6EF94D8A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7B4184A1-D6CA-445A-AC01-73083E789183}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7D4DE55D-80CB-4A9C-8320-BC819C5165B6}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{7F56BD7D-F9CF-40A9-93ED-E54895E9C879}" = protocol=1 | dir=in | [email protected],-28543 |
"{858F155E-1AB6-463A-A321-43DC85E712CF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{863D3E98-581C-4C1E-8C13-56B4CF690371}" = protocol=58 | dir=in | [email protected],-28545 |
"{86E6450D-A996-4930-B4CD-37AB3F0D65CF}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{8A82E588-7FD5-43DB-82BC-F62EF2CE4A3D}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio media plus\sohdms.exe |
"{8B76DF73-8ED5-426D-AFA5-E0DAB70E5161}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{8B7CF56C-D90A-4465-B70D-9561E05A3283}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio media plus\sohdms.exe |
"{8DCBE253-F94A-426E-BC58-E4208CC2D2DE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe |
"{94417C53-0D84-46E0-8520-DC3832F77487}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{949E560D-4CA0-481E-AEBF-21D911820B3F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{9602395C-0D7D-4359-B2E4-D03E4A5063B6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{98F7A6FF-B69F-4D32-A422-6E95266E8320}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9BE3AD68-54BE-4281-93CD-B2E594E12935}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{AAF4B738-1058-4E90-AC23-DD004F7CC5D5}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{AF43A0B0-3D06-455C-B806-F620DBB09DF6}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{B68CCA07-2F72-4A96-8E4E-9F4CD2206EC0}" = dir=in | app=d:\joans itunes\itunes.exe |
"{C8B392AC-F2A9-4285-A73E-354E6899B89A}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio media plus\sohds.exe |
"{CA959F5B-D8D7-43B9-B887-5B5942EB3022}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CE8EF11E-5883-4AFC-8234-414E10D67F22}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8F49A58-3E36-46BE-86B7-94A2DF0C3983}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\vaio media plus\sohcimp.exe |
"{DDCA7DAF-ED20-4ABE-86CA-E2245C93877E}" = protocol=17 | dir=in | app=d:\frostwire\frostwire.exe |
"{E14E5D7A-9971-4876-80F0-70FAF00C1C92}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E1C6235C-26CC-496F-BAC1-57122295861A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E1FE5CE1-CE83-44F4-A09D-A4E3E04494BC}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\vaio media plus\sohds.exe |
"{E3042E8E-6AC6-4550-9730-950F3CDCFDCC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{E47ABE61-9AC7-456E-85C7-E14FFB64EC7D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E9984B18-D2CA-472C-821C-86190D6D3B65}" = protocol=6 | dir=in | app=c:\windows\system32\dlbkcoms.exe |
"{EF62CE2A-E214-4DAE-9620-37AC7FC71A8C}" = protocol=6 | dir=out | app=system |
"{FE0412C3-C0AA-4414-8B70-4439E23675B6}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"TCP Query User{1705D028-CDEA-4558-9454-407BD859BF98}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{2959C062-9B07-44FB-9C8E-9F38B7F4CEB4}C:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe |
"TCP Query User{33E528A4-146C-4E9B-ABA7-79B965F0FD28}C:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe |
"TCP Query User{3E34D1C6-EF0E-40C0-BCF7-765ABAE78C28}C:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe |
"TCP Query User{4BD166A6-D57E-4B2F-A206-B037C91ECC95}C:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe |
"TCP Query User{54422DEF-8A29-44ED-B203-73B305F7BC52}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{565F9A4A-5925-47D3-ADCA-0E15D5329781}C:\windows\syswow64\msiexec.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"TCP Query User{615711F8-464F-478B-89A6-2C5389C8B462}C:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe |
"TCP Query User{729AFA2C-9B96-4E52-AF34-946B83787BBA}C:\program files (x86)\look@lan\lookatlan.exe" = protocol=6 | dir=in | app=c:\program files (x86)\look@lan\lookatlan.exe |
"TCP Query User{79947826-42AB-4D55-8038-37379B611795}C:\program files (x86)\macromedia\dreamweaver mx 2004\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\macromedia\dreamweaver mx 2004\dreamweaver.exe |
"TCP Query User{84009FC0-5C6E-4327-829E-AC99E1CC1BD5}C:\program files (x86)\ws_ftp pro\wsftppro.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ws_ftp pro\wsftppro.exe |
"TCP Query User{96F0A75E-6943-4FDA-8744-F2A9A4D039D1}C:\users\tim\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\tim\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"TCP Query User{A072C793-2986-4F3C-B916-AA65BF802BC6}C:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe |
"TCP Query User{A13F71F2-2EE1-4776-B1A4-CA47BC3173C5}C:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe |
"TCP Query User{B5299967-5E93-4676-9345-4BE9EFB19B5B}C:\program files (x86)\look@lan\lookathost.exe" = protocol=6 | dir=in | app=c:\program files (x86)\look@lan\lookathost.exe |
"TCP Query User{CC281841-D5A2-4C4D-A8BF-8E5BD2628FBF}C:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe" = protocol=6 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe |
"TCP Query User{F2B2B188-0D0A-468C-A28F-F3611E44A759}C:\program files (x86)\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"TCP Query User{F2E46F14-3FE8-4EA4-A315-94BB6DF18C84}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe |
"TCP Query User{F3CB22C6-A82F-4991-9B80-23FF6301431D}C:\windows\syswow64\msiexec.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"UDP Query User{153C3630-6ED5-48FC-B39C-D90A31324ABA}C:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe |
"UDP Query User{166CEBCC-8B8C-40F1-8C2A-81541C49B465}C:\windows\syswow64\msiexec.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"UDP Query User{1C232EA2-AEE4-410F-A9D8-7E4E9CF55B35}C:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe |
"UDP Query User{1DC7AD79-D164-435F-8DAF-AD6421D29DB1}C:\program files (x86)\look@lan\lookathost.exe" = protocol=17 | dir=in | app=c:\program files (x86)\look@lan\lookathost.exe |
"UDP Query User{3C2A4F0B-E1D3-4096-BDE4-FB85A8EE538C}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe |
"UDP Query User{3F09B335-C9B4-4BED-9593-8512B96AC2F9}C:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe |
"UDP Query User{4D912F0D-8FD6-4204-8396-6B82D8C9994C}C:\program files (x86)\macromedia\dreamweaver mx 2004\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\macromedia\dreamweaver mx 2004\dreamweaver.exe |
"UDP Query User{63936F24-3200-422F-B6D0-FACC985C7CA7}C:\program files (x86)\ws_ftp pro\wsftppro.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ws_ftp pro\wsftppro.exe |
"UDP Query User{7635DAB8-BDAB-43AB-89FC-40E467AE152D}C:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe |
"UDP Query User{7CCA57AD-9987-4F81-8A39-E86EC52019B6}C:\program files (x86)\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"UDP Query User{88F14496-D947-4814-9A08-25059705AE30}C:\windows\syswow64\msiexec.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"UDP Query User{915C4D00-2B08-46BA-AF10-6D224C8309AD}C:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\filemaker pro.exe |
"UDP Query User{B820F5D5-3D78-4B73-8907-61C98499C46B}C:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 11\filemaker pro.exe |
"UDP Query User{BA051897-7571-4DA3-9057-F6661A4A2143}C:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\xdbc support\bin\ddfmsoc.exe |
"UDP Query User{C3569C86-72C6-4B4E-841B-CB1284FCBB04}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{C50848C0-3FF1-4319-BF11-90254BA5C082}C:\program files (x86)\look@lan\lookatlan.exe" = protocol=17 | dir=in | app=c:\program files (x86)\look@lan\lookatlan.exe |
"UDP Query User{C67AE0D8-1C33-4DF7-9E78-492B1C19C7EA}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{CD1F634B-223F-42EE-8378-CCD3234FA223}C:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe" = protocol=17 | dir=in | app=c:\program files (x86)\filemaker\filemaker pro 10\extensions\web support\fm web publishing.exe |
"UDP Query User{FC16D2FC-21D4-4895-9135-07A80A4C940E}C:\users\tim\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\tim\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{151CB4B7-FC63-4C72-8A21-5E87EB419DBB}" = Protector Suite QL 5.6
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel® PROSet/Wireless WiFi Software
"{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}" = Regi
"{704ABF63-B0B1-446B-9D92-C5D06AFCE7B6}" = PlayReady PC runtime
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center
"{E464702F-5433-46EC-8F65-159276C0A54F}" = WIDCOMM Bluetooth Software 6.2.0.4500
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"Garritan Instruments for Finale 2009_is1" = Garritan Instruments for Finale 2009
"Lexmark S300-S400 Series" = Lexmark S300-S400 Series
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}" = HiJackThis
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15210C5B-9E04-4BF7-B019-AE958F238333}" = Roxio Easy VHS to DVD
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE and Welcome Center
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java™ 6 Update 27
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2B27EB8B-3AA6-438F-BCB0-719CE2C52E32}" = VAIO Content Metadata XML Interface Library
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{359FCAA7-B544-4147-AE3B-8C8A526E2427}" = Sony Image Data Suite
"{363611D9-1106-41F2-B74E-BD8481C41219}" = Click to Disc
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{4314FCA1-7D0D-45E7-B115-C142466BC60A}" = VAIO Content Metadata Manager Setting
"{44B23220-E68E-4FBC-B02C-1A89AC0C8C5F}" = Roxio CinePlayer Decoder Pack
"{472080B7-D6E7-49E8-9383-FF136B8A8C34}" = JMicron JMB368 ExpressCard CF Adapter
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DC49A9A-6DD0-40D2-A851-527764DA8379}" = Adobe Setup
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =
"{5F5867F0-2D23-4338-A206-01A76C823924}" = VAIO Power Management
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}" = VAIO Content Metadata Intelligent Analyzing Manager
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EE2B-62BF-4DEB-B4AA-91456D245F47}" = Sibelius Scorch (Firefox, Opera, Netscape only)
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{73E81E9B-7319-43AD-B7CC-1C61405E5089}" = Adobe After Effects CS3 Template Projects & Footage
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects
"{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB
"{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8ECB8220-F419-4BEB-9596-97033C533702}" = QuickBooks Simple Start 2008
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_SMALLBUSINESSR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A552C4EA-D41E-4C61-A0FB-C0E05440F7D7}" = VAIO Entertainment Platform
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_946" = Adobe Acrobat 9.4.6 - CPSID_83708
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B513C7B0-024A-498F-B0F5-00C67E2440A9}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus
"{BCED773C-99EE-48DD-8915-25733F69F0A8}" = VAIO Wireless Wizard
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C0990649-FEC2-423A-8F37-A8952404E6CD}" = Roxio Easy VHS to DVD
"{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB8A8696-93EC-414E-A752-850AB133F68A}" = VAIO Content Metadata XML Interface Library
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}" = AVer Media Center
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{D47FE987-EA3D-424B-9886-B752501D7CE7}" = VAIO Help and Support
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF0415CC-0563-407F-B560-9B7F277122C5}" = VAIO BD Menu Data
"{DFD0E9A9-F24A-492B-8975-8C938E32408F}" = VAIO Startup Assistant
"{E09A5851-B293-465E-A9FE-DFC11E0F4586}" = VAIO Content Metadata Intelligent Analyzing Manager
"{E1D25278-B51A-4163-BC3D-20A4D2D09F98}" = VAIO My Memory Center
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EACCC991-8E8C-4397-8854-349506741FC9}" = FileMaker Pro 11
"{EACCC991-8E8C-4397-8854-349506741FC9}_FileMaker" = FileMaker Pro 11
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE59BBF9-415C-45DB-8C4B-EE43CF635FEA}" = VAIO Content Metadata XML Interface Library
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{FAE74C2C-298A-41BA-8BDB-F5A005F93278}" = Roxio Express Labeler
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD72E69E-CF34-4071-BFD6-FD081A365E2C}" = VAIO Content Metadata Intelligent Analyzing Manager
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FE697886-F392-4E0D-A0C0-47587BF60992}" = VAIO Content Metadata Manager Setting
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_915239ded2552e78978d0dbab7657a5" = Add or Remove Adobe Creative Suite 3 Master Collection
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"AVerMedia H826 series driver" = AVerMedia H826 series driver 1.0.64.88
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ESET Online Scanner" = ESET Online Scanner v3
"Finale 2009" = Finale 2009
"Google Updater" = Google Updater
"HP-LaserJet 1020 series" = LaserJet 1020 series
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}" = OpenMG Secure Module 5.1.00
"InstallShield_{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}" = AVer Media Center
"iPod to Computer Transfer" = iPod to Computer Transfer 4.8.2
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Magic DVD Copier_is1" = Magic DVD Copier Version 5.0.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"Opera 11.51.1087" = Opera 11.51
"PROPLUS" = Microsoft Office Professional Plus 2007
"SeaMonkey (1.1.16)" = SeaMonkey (1.1.16)
"SeaMonkey (2.0.6)" = SeaMonkey (2.0.6)
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"SoundTap" = SoundTap Streaming Audio Recorder
"Switch" = Switch Sound File Converter
"WavePad" = WavePad Sound Editor
"WS_FTP Pro" = Ipswitch WS_FTP Pro
"Yahoo! Messenger" = Yahoo! Messenger

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/11/2011 08:22:24 PM | Computer Name = Tim-PC | Source = SQLBrowser | ID = 5111819
Description = The SQLBrowser service encountered a critical failure.

Error - 10/11/2011 08:22:24 PM | Computer Name = Tim-PC | Source = SQLBrowser | ID = 5111818
Description = The SQLBrowser service was unable to establish SQL instance and connectivity
discovery.

Error - 10/11/2011 08:22:37 PM | Computer Name = Tim-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/11/2011 08:22:43 PM | Computer Name = Tim-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 10/11/2011 08:45:14 PM | Computer Name = Tim-PC | Source = SQLBrowser | ID = 5111819
Description = The SQLBrowser service encountered a critical failure.

Error - 10/11/2011 08:45:14 PM | Computer Name = Tim-PC | Source = SQLBrowser | ID = 5111818
Description = The SQLBrowser service was unable to establish SQL instance and connectivity
discovery.

Error - 10/11/2011 08:45:20 PM | Computer Name = Tim-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/11/2011 08:45:21 PM | Computer Name = Tim-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

[ Media Center Events ]
Error - 1/15/2011 11:17:30 AM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (5220.1129)

Error - 1/16/2011 04:03:30 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (5760.1128)

Error - 1/16/2011 04:03:30 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (5760.1129)

Error - 1/16/2011 04:03:59 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (5760.1128)

Error - 1/16/2011 04:03:59 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (5760.1129)

Error - 6/20/2011 04:28:04 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (1488.1128)

Error - 6/20/2011 04:28:04 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (1488.1129)

Error - 6/20/2011 04:28:33 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (1488.1128)

Error - 6/20/2011 04:28:33 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (1488.1129)

Error - 9/24/2011 09:57:11 PM | Computer Name = Tim-PC.CAMPUS.LOCAL | Source = MCUpdate | ID = 0
Description = Failed to retrieve Directory (Error: The operation has timed out)
(7260.1114)

[ System Events ]
Error - 10/11/2011 08:21:40 PM | Computer Name = Tim-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\DMICall.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 10/11/2011 08:22:38 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 10/11/2011 08:22:38 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 10/11/2011 08:22:38 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/11/2011 08:22:38 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 10/11/2011 08:44:41 PM | Computer Name = Tim-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\DMICall.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 10/11/2011 08:45:20 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 10/11/2011 08:45:20 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 10/11/2011 08:45:20 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 10/11/2011 08:45:20 PM | Computer Name = Tim-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP