here you are sir.
CKScanner - Additional Security Risks - These are not necessarily bad
c:\users\storm\desktop\cs4master\adobe cs4\crack\7z457-x64.msi
c:\users\storm\desktop\cs4master\adobe cs4\crack\7z460.exe
c:\users\storm\desktop\cs4master\adobe cs4\crack\install.txt
hosts 127.0.0.1 activate.adobe.com
scanner sequence 3.CA.11.XFNADG
----- EOF -----
OTL logfile created on: 5/3/2012 9:27:42 AM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\storm\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.12 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 61.03% Memory free
6.46 Gb Paging File | 5.08 Gb Available in Paging File | 78.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 454.63 Gb Total Space | 270.93 Gb Free Space | 59.59% Space Free | Partition Type: NTFS
Drive D: | 11.13 Gb Total Space | 9.41 Gb Free Space | 84.56% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 232.40 Gb Free Space | 49.90% Space Free | Partition Type: NTFS
Computer Name: STORM-ART | User Name: storm | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/05/03 09:24:01 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\storm\Desktop\OTL.exe
PRC - [2012/04/26 15:40:40 | 003,497,368 | ---- | M] (PC Drivers Headquarters) -- C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe
PRC - [2012/03/16 21:06:42 | 004,608,656 | R--- | M] (Carbonite, Inc. (
www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2012/03/16 21:06:42 | 001,059,984 | R--- | M] (Carbonite, Inc.) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2012/02/29 17:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2011/08/30 13:24:59 | 000,624,056 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\5.2.1.3\ccsvchst.exe
PRC - [2011/03/09 02:49:43 | 000,422,912 | ---- | M] () -- C:\UPS\WSTD\WSTDMessaging.exe
PRC - [2010/12/10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) -- c:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2010/01/21 01:52:14 | 000,167,528 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2010/01/21 01:52:12 | 000,370,792 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2009/12/05 11:37:28 | 003,121,760 | ---- | M] (SammSoft (
www.sammsoft.com)) -- C:\Program Files\MemTurbo 4\MemTurbo.exe
PRC - [2009/12/01 21:36:12 | 000,024,576 | ---- | M] () -- C:\UPS\WSTD\UPSNA1Msgr.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/25 16:29:37 | 000,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2008/12/04 12:51:02 | 001,839,104 | ---- | M] () -- C:\Program Files\Fawkes Engineering\AccuRIP\RipCore.exe
PRC - [2008/07/21 18:16:06 | 000,169,312 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe
PRC - [2008/07/21 18:15:14 | 000,193,888 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Maxtor\Sync\SyncServices.exe
========== Modules (No Company Name) ========== MOD - [2012/05/01 21:34:25 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\XPBurnComponent\02eff0fb39113e53d560fca51973ab0d\XPBurnComponent.ni.dll
MOD - [2012/05/01 21:34:24 | 000,150,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\37006c18e3eb63bbc3798edddd1efe89\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll
MOD - [2012/05/01 21:34:23 | 000,304,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\6aa7990207abae6476976d1790a9f9e5\Microsoft.Practices.ObjectBuilder.ni.dll
MOD - [2012/05/01 21:34:22 | 000,309,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\627c54ced0a4c17a6106907aac651703\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll
MOD - [2012/05/01 21:34:22 | 000,235,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\86537360d44333217d4e15004200fd6d\Microsoft.ApplicationBlocks.Updater.ni.dll
MOD - [2012/05/01 21:34:21 | 001,765,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\RuleEngine\25596366e26826175159601cec69fe77\RuleEngine.ni.dll
MOD - [2012/05/01 21:34:19 | 000,357,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Win32.Tas#\50beeb516077774681d5db132b1c00db\Microsoft.Win32.TaskScheduler.ni.dll
MOD - [2012/05/01 21:34:18 | 000,740,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Agent.Communication\1455095ff5fc35a7d8c0696fd89224ca\Agent.Communication.ni.dll
MOD - [2012/05/01 21:34:17 | 000,202,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.WUApiLib\b9835b2235b6e1d78b95a5f586afc76c\Interop.WUApiLib.ni.dll
MOD - [2012/05/01 21:34:15 | 000,060,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ExceptionLogging\7580701e7fd705729094da876ccb94fd\ExceptionLogging.ni.dll
MOD - [2012/05/01 21:34:14 | 002,173,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Common\12e92dae4e3816b8612fa3f6e7757992\Common.ni.dll
MOD - [2012/05/01 21:34:10 | 000,745,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Agent.Common\d0b84938122e7b15b1405d4aa621d36d\Agent.Common.ni.dll
MOD - [2012/05/01 21:34:09 | 007,542,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Agent\f286152f5e1825c8b18a44ee5b82dac1\Agent.ni.exe
MOD - [2012/04/26 15:40:44 | 000,634,792 | ---- | M] () -- C:\Program Files\Driver Manager\Driver Manager\ThemePack.DriverManager.dll
MOD - [2012/04/26 15:37:10 | 000,309,184 | ---- | M] () -- C:\Program Files\Driver Manager\Driver Manager\Agent.Communication.XmlSerializers.dll
MOD - [2012/04/12 03:10:22 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\48302596a8c8f2ab396b3be518dbd800\System.Web.ni.dll
MOD - [2012/04/12 03:03:36 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09b9cd1c630210237b5b46d9943e1946\System.Windows.Forms.ni.dll
MOD - [2012/04/12 03:03:22 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\61759b9905aed9a87347d04b5fad046b\System.Drawing.ni.dll
MOD - [2012/02/16 04:40:12 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8b5f54e3b382fc1720c76557ef8c8bc3\System.Management.ni.dll
MOD - [2012/02/16 04:38:20 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1a5853155c4e5ab3f91cd37da331e89b\System.Web.Services.ni.dll
MOD - [2012/02/16 04:38:19 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5c3bfd69e0c268baff0d169e11a6a784\System.Runtime.Remoting.ni.dll
MOD - [2012/02/16 04:38:17 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\a333ad288c1a4bbbba8f61249202bc1a\System.EnterpriseServices.ni.dll
MOD - [2012/02/16 04:38:16 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\0ef893bbf33d38a1f7a63b9cee2dabfe\System.Transactions.ni.dll
MOD - [2012/02/16 04:37:46 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll
MOD - [2012/02/16 04:35:17 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll
MOD - [2012/02/16 04:34:36 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\029217106fa24787ff7a61b754f8ebf7\System.Data.ni.dll
MOD - [2012/02/16 04:33:46 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2011/10/14 03:32:05 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/03/09 02:49:43 | 000,422,912 | ---- | M] () -- C:\UPS\WSTD\WSTDMessaging.exe
MOD - [2009/12/01 21:37:08 | 000,053,248 | ---- | M] () -- C:\UPS\WSTD\POLICYMGR\UPS.Components.PolicyHolder.dll
MOD - [2009/12/01 21:37:06 | 000,024,576 | ---- | M] () -- C:\UPS\WSTD\POLICYMGR\Microsoft.ApplicationBlocks.Data.dll
MOD - [2009/12/01 21:36:12 | 000,045,056 | ---- | M] () -- C:\UPS\WSTD\POLICYMGR\UPS.Components.NA1MessengerServer.dll
MOD - [2009/12/01 21:36:12 | 000,024,576 | ---- | M] () -- C:\UPS\WSTD\UPSNA1Msgr.exe
MOD - [2009/12/01 19:34:16 | 000,018,944 | ---- | M] () -- C:\UPS\WSTD\UPSResourceManager.dll
MOD - [2009/03/29 22:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/29 22:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
========== Win32 Services (SafeList) ========== SRV - [2012/04/30 12:00:51 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/26 15:15:58 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/16 21:06:42 | 004,608,656 | R--- | M] (Carbonite, Inc. (
www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV - [2012/02/29 17:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe -- (N360)
SRV - [2010/12/10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$UPSWSDBSERVER) SQL Server (UPSWSDBSERVER)
SRV - [2010/01/21 01:52:14 | 000,167,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010/01/21 01:52:12 | 000,370,792 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2009/01/25 16:29:37 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/12/04 12:51:02 | 001,839,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Fawkes Engineering\AccuRIP\RipCore.exe -- (RipCore)
SRV - [2008/07/21 18:15:14 | 000,193,888 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/20 17:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2012/04/27 18:18:22 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120502.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012/04/02 17:38:08 | 000,821,880 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120413.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/02/03 20:42:58 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/02/03 20:42:58 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/11/28 11:55:08 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120502.034\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/11/28 11:55:08 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120502.034\NAVENG.SYS -- (NAVENG)
DRV - [2011/07/18 12:36:47 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/04/20 19:37:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502010.003\symtdiv.sys -- (SYMTDIv)
DRV - [2011/04/05 17:35:20 | 000,221,784 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SbFw.sys -- (SbFw)
DRV - [2011/04/05 17:35:20 | 000,094,040 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbhips.sys -- (sbhips)
DRV - [2011/04/05 17:35:20 | 000,078,936 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\sbtis.sys -- (SbTis)
DRV - [2011/03/30 21:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\0502010.003\srtsp.sys -- (SRTSP)
DRV - [2011/03/30 21:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502010.003\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/14 20:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\0502010.003\symefa.sys -- (SymEFA)
DRV - [2011/02/08 09:14:22 | 000,069,208 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV - [2011/02/08 09:14:22 | 000,069,208 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2011/01/27 00:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\0502010.003\symds.sys -- (SymDS)
DRV - [2010/11/15 19:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502010.003\ironx86.sys -- (SymIRON)
DRV - [2010/06/03 14:53:18 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2010/03/15 23:52:00 | 011,573,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/03/04 18:26:58 | 000,291,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVNET)
DRV - [2010/03/04 18:26:58 | 000,291,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/05/07 11:55:22 | 000,767,488 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/02/12 08:27:34 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS3.sys -- (HSXHWBS3)
DRV - [2008/02/12 08:25:22 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/12/14 15:48:16 | 000,005,120 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rcmirror.sys -- (rcmirror)
DRV - [2007/10/18 08:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/30 06:10:54 | 000,738,304 | ---- | M] (D-Link Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\A3ABv.sys -- (A3AB) D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB)
DRV - [2007/05/03 14:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2007/02/02 18:18:58 | 000,078,648 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
DRV - [2002/04/02 17:30:16 | 000,033,024 | ---- | M] (Colorvision Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cvspydr2.sys -- (cvspydr2)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/IE - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 06 DB 9F 75 47 FC C9 01 [binary data]
IE - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\..\SearchScopes,DefaultScope = {9A4AC6DF-0E62-4C49-9737-D0061C2529D1}
IE - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\..\SearchScopes\{9A4AC6DF-0E62-4C49-9737-D0061C2529D1}: "URL" =
http://www.fastbrowsersearch.com/result ... ts.aspx?q={searchTerms}&c=web&s=DSP&v=18&tid={3D58FCB4-1076-4582-9327-BF3510E9F589}
IE - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NSS&chn=retail&geo=US&ver=4
IE - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/02/14 13:08:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_7_5 [2012/05/03 09:12:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/26 15:15:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/03 09:21:08 | 000,000,000 | ---D | M]
[2010/05/26 13:01:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\storm\AppData\Roaming\Mozilla\Extensions
[2009/12/26 14:36:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\storm\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2012/05/03 08:47:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\storm\AppData\Roaming\Mozilla\Firefox\Profiles\xhj5oaco.default\extensions
[2012/03/08 13:33:11 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\storm\AppData\Roaming\Mozilla\Firefox\Profiles\xhj5oaco.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/08/02 11:50:28 | 000,002,468 | ---- | M] () -- C:\Users\storm\AppData\Roaming\Mozilla\Firefox\Profiles\xhj5oaco.default\searchplugins\safesearch.xml
[2011/11/09 19:54:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/26 15:15:58 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/02/14 13:17:23 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/14 13:17:23 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2009/03/24 14:36:20 | 000,000,794 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\5.2.1.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O4 - HKLM..\Run: [NA1Messenger] C:\UPS\WSTD\UPSNA1Msgr.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-456745801-3816342965-4259963633-1000..\Run: [Driver Manager] C:\Program Files\Driver Manager\Driver Manager\DriverManager.exe (PC Drivers Headquarters)
O4 - HKU\S-1-5-21-456745801-3816342965-4259963633-1007..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\storm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MemTurbo.lnk = C:\Program Files\MemTurbo 4\MemTurbo.exe (SammSoft (
www.sammsoft.com))
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: &Search -
http://edits.mywebsearch.com/toolbaredi ... xdm080YYUS File not found
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Lookup on Merriam Webster -
file://C:\Program Files\ieSpell\Merriam Webster.HTM File not found
O8 - Extra context menu item: Lookup on Wikipedia -
file://C:\Program Files\ieSpell\wikipedia.HTM File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-456745801-3816342965-4259963633-1000\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FB840BF-3584-46D5-A03C-B7BD426055DD}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\storm\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\storm\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/10/28 09:02:31 | 000,000,055 | ---- | M] () - F:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{503ba2e5-5de2-11e1-9842-001fe2019543}\Shell - "" = AutoRun
O33 - MountPoints2\{53d705e4-eb26-11dd-acc1-001fe2019543}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe
O33 - MountPoints2\{cf6576e6-921f-11de-b778-001fe2019543}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2012/05/03 09:23:34 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\storm\Desktop\OTL.exe
[2012/05/03 09:21:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/05/03 09:21:08 | 000,772,552 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/05/03 09:21:08 | 000,687,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012/05/03 09:21:08 | 000,227,784 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/05/03 09:20:56 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/05/03 09:20:56 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/05/02 15:57:33 | 000,000,000 | ---D | C] -- C:\perflogs
[2012/05/02 15:41:29 | 000,000,000 | ---D | C] -- C:\Users\storm\Documents\Windows7_Vista_jcgriff2
[2012/05/02 15:39:57 | 000,638,784 | ---- | C] (Sysinternals -
www.sysinternals.com) -- C:\Users\storm\Documents\autoruns.exe
[2012/05/01 22:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/05/01 22:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/05/01 22:37:15 | 000,000,000 | ---D | C] -- C:\swsetup
[2012/05/01 22:19:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/05/01 22:14:05 | 000,758,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
[2012/05/01 21:51:44 | 000,048,760 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\RUNCLOSE.OCX
[2012/05/01 21:45:50 | 001,000,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll
[2012/05/01 21:45:50 | 000,881,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll
[2012/05/01 21:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2012/05/01 21:35:29 | 000,000,000 | ---D | C] -- C:\Users\storm\AppData\Local\PC_Drivers_Headquarters
[2012/05/01 21:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Manager
[2012/05/01 21:33:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Manager
[2012/05/01 21:33:20 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Manager
[2012/05/01 17:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ARO 2012
[2012/05/01 17:42:22 | 000,000,000 | ---D | C] -- C:\Program Files\ARO 2012
[2012/05/01 11:56:19 | 000,000,000 | ---D | C] -- C:\Users\storm\Desktop\Tahoe
[2012/04/30 21:53:17 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/04/30 13:04:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
[2012/04/30 13:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Carbonite
[2012/04/30 13:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Carbonite
[2012/04/27 15:13:51 | 000,094,040 | ---- | C] (Sunbelt Software, Inc.) -- C:\Windows\System32\drivers\sbhips.sys
[2012/04/27 15:13:41 | 000,078,936 | ---- | C] (Sunbelt Software, Inc.) -- C:\Windows\System32\drivers\sbtis.sys
[2012/04/27 15:12:21 | 000,069,208 | ---- | C] (Sunbelt Software, Inc.) -- C:\Windows\System32\drivers\SbFwIm.sys
[2012/04/27 15:12:20 | 000,221,784 | ---- | C] (Sunbelt Software, Inc.) -- C:\Windows\System32\drivers\SbFw.sys
[2012/04/27 15:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2012/04/27 15:11:33 | 000,000,000 | ---D | C] -- C:\Users\storm\AppData\Local\adawarebp
[2012/04/26 15:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/04/26 15:16:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/04/21 13:36:46 | 000,000,000 | ---D | C] -- C:\Users\storm\AppData\Local\{764190CB-9BF0-4FD2-98EC-5B94027B63E4}
[2012/04/21 13:36:30 | 000,000,000 | ---D | C] -- C:\Users\storm\AppData\Local\{8B91168B-57EE-47C5-AFFD-EA04D1D9D064}
[2012/04/12 12:24:20 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/04/12 03:12:11 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/04/12 03:12:10 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/04/12 03:12:09 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/04/12 03:12:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/04/12 03:12:08 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/04/12 03:12:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/04/12 03:09:27 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/04/12 03:09:27 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/05/03 09:24:01 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\storm\Desktop\OTL.exe
[2012/05/03 09:19:54 | 000,772,552 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/05/03 09:19:54 | 000,227,784 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/05/03 09:19:54 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/05/03 09:19:54 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/05/03 09:19:53 | 000,687,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012/05/03 09:19:37 | 000,458,240 | ---- | M] () -- C:\Users\storm\Desktop\CKScanner.exe
[2012/05/03 09:14:31 | 000,000,868 | ---- | M] () -- C:\Users\storm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MemTurbo.lnk
[2012/05/03 09:13:35 | 000,000,199 | ---- | M] () -- C:\Windows\wstdUPSWSHIP.INI
[2012/05/03 09:12:55 | 000,034,901 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/05/03 09:12:54 | 000,034,901 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/05/03 09:12:51 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/03 09:11:23 | 000,004,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/03 09:11:22 | 000,004,688 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/03 09:11:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/03 08:57:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/03 08:48:17 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/02 16:01:55 | 000,152,424 | ---- | M] () -- C:\Users\storm\Documents\PERFMON.zip
[2012/05/02 15:59:20 | 003,119,802 | ---- | M] () -- C:\Users\storm\Documents\PERFMON.html
[2012/05/02 15:56:18 | 001,825,587 | ---- | M] () -- C:\Users\storm\Documents\Windows7_Vista_jcgriff2.zip
[2012/05/02 15:40:41 | 000,055,296 | ---- | M] () -- C:\Users\storm\Documents\BSOD_Windows7_Vista_v2.64_jcgriff2_.exe
[2012/05/02 15:39:01 | 000,638,784 | ---- | M] (Sysinternals -
www.sysinternals.com) -- C:\Users\storm\Documents\autoruns.exe
[2012/05/01 22:15:18 | 002,431,106 | ---- | M] () -- C:\Windows\System32\drivers\N360\0502010.003\Cat.DB
[2012/05/01 21:58:40 | 000,000,228 | ---- | M] () -- C:\Windows\tasks\ARO 2012.job
[2012/05/01 21:33:37 | 000,002,210 | ---- | M] () -- C:\Users\Public\Desktop\Driver Manager.lnk
[2012/05/01 18:10:49 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\Advanced Registry Optimizer.job
[2012/05/01 17:43:27 | 000,001,697 | ---- | M] () -- C:\Users\storm\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk
[2012/05/01 17:43:26 | 000,001,691 | ---- | M] () -- C:\Users\storm\Desktop\Check PC For Errors.lnk
[2012/05/01 13:22:28 | 000,000,605 | -H-- | M] () -- C:\Windows\System32\GelSprinter GX e3300N.CAC
[2012/04/30 13:04:16 | 000,001,981 | ---- | M] () -- C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
[2012/04/30 12:37:00 | 000,001,190 | ---- | M] () -- C:\Windows\System32\ServiceConfig.xml
[2012/04/30 12:00:51 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/04/30 12:00:51 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/04/27 15:24:31 | 000,002,294 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2012/04/16 15:34:33 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\N360\0502010.003\isolate.ini
[2012/04/12 03:06:23 | 000,654,744 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/04/12 03:06:23 | 000,123,498 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/05/03 09:19:35 | 000,458,240 | ---- | C] () -- C:\Users\storm\Desktop\CKScanner.exe
[2012/05/02 16:01:55 | 000,152,424 | ---- | C] () -- C:\Users\storm\Documents\PERFMON.zip
[2012/05/02 16:00:37 | 003,119,802 | ---- | C] () -- C:\Users\storm\Documents\PERFMON.html
[2012/05/02 15:56:12 | 001,825,587 | ---- | C] () -- C:\Users\storm\Documents\Windows7_Vista_jcgriff2.zip
[2012/05/02 15:40:56 | 000,055,296 | ---- | C] () -- C:\Users\storm\Documents\BSOD_Windows7_Vista_v2.64_jcgriff2_.exe
[2012/05/01 22:25:27 | 000,034,901 | ---- | C] () -- C:\ProgramData\nvModes.001
[2012/05/01 22:17:14 | 000,034,901 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2012/05/01 21:33:37 | 000,002,210 | ---- | C] () -- C:\Users\Public\Desktop\Driver Manager.lnk
[2012/05/01 18:31:06 | 000,000,228 | ---- | C] () -- C:\Windows\tasks\ARO 2012.job
[2012/05/01 17:43:26 | 000,001,697 | ---- | C] () -- C:\Users\storm\Application Data\Microsoft\Internet Explorer\Quick Launch\Check PC For Errors.lnk
[2012/05/01 17:43:26 | 000,001,691 | ---- | C] () -- C:\Users\storm\Desktop\Check PC For Errors.lnk
[2012/04/30 13:04:16 | 000,001,981 | ---- | C] () -- C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
[2012/04/30 12:37:00 | 000,001,190 | ---- | C] () -- C:\Windows\System32\ServiceConfig.xml
[2012/04/12 12:24:21 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011/05/18 15:43:04 | 000,001,940 | ---- | C] () -- C:\Users\storm\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/12/08 17:24:58 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/07/26 13:21:42 | 000,947,712 | ---- | C] () -- C:\Windows\System32\RCDCD140.DLL
========== LOP Check ========== [2011/01/15 17:37:32 | 000,000,000 | ---D | M] -- C:\Users\storm\AppData\Roaming\BSD
[2011/07/15 11:41:16 | 000,000,000 | ---D | M] -- C:\Users\storm\AppData\Roaming\EurekaLog
[2009/08/13 16:53:43 | 000,000,000 | ---D | M] -- C:\Users\storm\AppData\Roaming\ieSpell
[2009/01/21 20:03:00 | 000,000,000 | ---D | M] -- C:\Users\storm\AppData\Roaming\Leadertech
[2009/01/28 16:27:36 | 000,000,000 | ---D | M] -- C:\Users\storm\AppData\Roaming\PACE Anti-Piracy
[2012/05/01 17:43:42 | 000,000,000 | ---D | M] -- C:\Users\storm\AppData\Roaming\Sammsoft
[2012/05/02 15:27:48 | 000,000,000 | ---D | M] -- C:\Users\storm\AppData\Roaming\Spotify
[2012/04/30 12:50:41 | 000,000,000 | ---D | M] -- C:\Users\storm\AppData\Roaming\ToneFXsCreator
[2008/09/21 18:32:15 | 000,000,000 | ---D | M] -- C:\Users\storm\AppData\Roaming\WinBatch
[2012/05/01 18:10:49 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\Advanced Registry Optimizer.job
[2012/05/01 21:58:40 | 000,000,228 | ---- | M] () -- C:\Windows\Tasks\ARO 2012.job
[2012/05/03 09:06:50 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 956 bytes -> C:\ProgramData\Microsoft:GXygY9qGF2afdv6gRKFMONd
@Alternate Data Stream - 922 bytes -> C:\Program Files\Common Files\microsoft shared:MwczuReD5CvSZQnUkZFHA7nppl
@Alternate Data Stream - 202 bytes -> C:\ProgramData\TEMP:C8A26DAA
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:1CA73D29
@Alternate Data Stream - 1046 bytes -> C:\Program Files\Common Files\microsoft shared:48jEM4f0F8opHurfHE33kRy
@Alternate Data Stream - 1036 bytes -> C:\Users\storm\AppData\Local\Temp:M4WncEGWlVnSQR7T0c2CzTS8
@Alternate Data Stream - 1008 bytes -> C:\ProgramData\Microsoft:3WFGL83kfvMOjAEEZjR31smsV
< End of report >
OTL Extras logfile created on: 5/3/2012 9:27:43 AM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\storm\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.12 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 61.03% Memory free
6.46 Gb Paging File | 5.08 Gb Available in Paging File | 78.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 454.63 Gb Total Space | 270.93 Gb Free Space | 59.59% Space Free | Partition Type: NTFS
Drive D: | 11.13 Gb Total Space | 9.41 Gb Free Space | 84.56% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 232.40 Gb Free Space | 49.90% Space Free | Partition Type: NTFS
Computer Name: STORM-ART | User Name: storm | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-456745801-3816342965-4259963633-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01361FC8-C110-40F7-93FC-8B4B1C39C82B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0632C22C-D579-4BD2-92D4-1C1DFED13B20}" = lport=10243 | protocol=6 | dir=in | app=system |
"{07A0DA02-A5CB-4175-AFBB-6A1CC302EA4F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{1F7918BA-8DE2-4129-92F0-DBCBEF713295}" = lport=50901 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{206308D0-113E-4A29-A101-9960B7E232CD}" = lport=50900 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{22E9BF49-4283-42ED-8246-3903FEAB4842}" = rport=10243 | protocol=6 | dir=out | app=system |
"{27158ED9-B12F-4B8A-B2AA-1DDA87554A7A}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{2F2FD4A6-246B-4256-99AF-963D61193D0E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3E16864B-C3FE-4134-8188-1589961111BB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3FD46E4F-A581-4383-A03C-C986AAA836E3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{46C6967E-1F1E-4C53-B6A7-3BE4426240E4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4E83FA22-8521-44DD-99E3-60E4F8EF45B8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{58D4D41A-CBCD-4A83-B4C3-2528153B054C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5EA3BFC9-6D26-456D-B49B-DE4E1A0E87B5}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{6D8ADCE3-6BD4-4BCB-98B1-B8B397B5163E}" = lport=445 | protocol=6 | dir=in | app=system |
"{6EFB978F-7515-4773-92C8-6383E054FE3C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{714958EA-4635-41EA-866F-AE7E1EE8BB2C}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{7893B269-4A64-4E85-903F-12ADE64D7819}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{83588338-0357-4271-A18C-B9FCA4F92D6B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8384213A-3A4E-4036-9088-FDF3E34FBBC4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{84269CB4-4D34-4ED6-905F-AB607703DE84}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{84AFB708-C565-4AAB-AEB5-DA30162000EC}" = lport=50901 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{8FCBB678-E0E2-4576-B765-AD1D89112950}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{96BC4E20-55F3-4CCB-9D11-B3493F0A7BBD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{98FB2871-321C-416A-9876-642AC4E59C66}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{A19C935F-E470-4FCC-879F-E96AAA296EA2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B71D21FA-A2F3-4C7A-9140-0292A351ADBD}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C3F9A3D5-3A56-41ED-8F36-193258E2C349}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9A862BD-EE9F-42B7-BA90-09F46C83FA88}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{CDF6E312-0FE2-4559-926A-4C6E67DA7319}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D29309B9-2711-4CA4-B734-E8F6F5060A57}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe |
"{D6B646D8-659F-404A-AF61-F5419105750C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DC10B2E7-1BF1-4ACE-9FD9-7E811FC89864}" = lport=50900 | protocol=6 | dir=in | name=adobe version cue cs3 server |
"{EBEB07B7-070D-4369-B8C2-2DCD71D307FE}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FBCC89AB-F77A-4941-9ACE-6C1E973A7C6F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{018E2740-1905-4E2C-81CA-F5226CF34288}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{01D2AEE3-A98C-4DE3-952C-11DA5826A017}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{031C906C-EE96-4761-8932-F6B88D213204}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{04E9BDF1-FDF4-47B3-BF75-D3F3CF43FFD3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{05F48289-4DA5-4BF0-A1D5-A80C90E21697}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0FC45198-5E2B-4532-9E32-16F6F1C9AA0C}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{1A791310-21BA-41BD-9018-6267EFFFAC3F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1AB25626-BABF-4053-9F33-758589742D96}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{24324316-3936-4D95-AB1A-4A8D4952464B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{2D437DFB-5F9E-4B91-8114-D302742ACA39}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{33AEEC17-12EF-42CD-A455-394C41FE2C00}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3DA189F2-6B11-4A72-B48C-C7613DC55E9C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{412137DF-F874-4C0B-859D-229A2AF771E3}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{47E5D1E4-F73E-402E-9D39-28C10B16BA62}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{4C1EE12B-ACDF-4B90-A071-2D77856B77B6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{58C31D4B-26D2-4BF9-8120-4E3138343FC9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6303710B-830B-48FE-8C40-D883CEFBC6F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{67931EA9-E785-42CF-918F-608E02163835}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68133D70-F72E-4DF7-BFAC-C042CBECF52F}" = protocol=17 | dir=in | app=c:\program files\tightvnc\tvnserver.exe |
"{71FAD317-5CFE-4F13-B691-3B5224F072EA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77413AC2-931C-43B7-9D1C-04D3B9AF6DB4}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{78759666-8F57-4CAA-B578-099724353B78}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7ABEFC56-0B74-46CF-92B2-EE4EAF9E51F8}" = protocol=6 | dir=out | app=system |
"{85F55126-7061-4F84-AE17-815E03548FC2}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{A062BECC-439B-4861-83F0-6145B6623D8C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A9893550-2EC8-494D-A48C-4A9A93149BFC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B3A7D297-9B2F-4DAC-8CD6-BA549C0FBB40}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\tsmagent.exe |
"{C6760B41-9434-4279-9413-E49C59075638}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{CB56F51A-3ACE-4975-B45D-589008D57D22}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{D273F3F0-CF6A-467D-95A0-80C295BA5E7F}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{D90CF434-F17D-4C58-9F74-E7DD01734064}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D9457D65-F072-43C3-807F-F65A0641A2E1}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{E43FD6EC-B7A8-4A57-B07F-0245A996FB7E}" = protocol=6 | dir=in | app=c:\program files\tightvnc\tvnserver.exe |
"{E6A6161D-02DA-41D7-A281-ABD633214115}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{E71162E0-7AC3-47E4-90B2-450029032E7D}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{F330B8B9-3A41-4C9A-8E29-8653B5801752}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{F704829F-8610-4996-B851-A6084F5109E9}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{FA0D70E8-1A8D-46AD-BDD8-6CAB97B7CBE1}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe |
"{FAFC1AC3-AC53-4FE0-9889-76E7A982C6A8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FB5A6374-EF26-400C-B271-141AAA64EEAD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{2728E9FB-AC63-43EC-BEA9-69989D4CFFA4}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe |
"TCP Query User{5207CD1A-5DBE-46B5-949B-E82989E5488C}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe |
"TCP Query User{7655F6D7-5831-4012-81E3-C65C23773AC4}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{8CD31DC0-CA14-4455-A90C-442A8F73E398}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{4BF95987-B9A3-42FF-BBCB-19F88EB6C074}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{5C36ED82-56FC-417F-9EDD-B699D137AD07}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{8067EB06-BAD0-4E90-90C1-679477E077E0}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe |
"UDP Query User{A252E503-C92F-4211-8CAA-3D7DAF5258DD}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{005C2096-B4F2-4E99-A64D-A867B2E69471}" = InterLok Driver Kit
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{177CD779-4EEC-43C5-8DEA-4E0EC103624B}" = Driver Manager
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BDC1AB0-2677-4593-8F94-329F7CA8F670}" = Adobe Creative Suite 3 Design Premium
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR}
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FAF0F08-7120-4192-BF6A-B1EC7E26A935}" = UPSVCMM
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A033A00-FE0D-4609-B0E8-2C49CC494FC8}" = WorldShip
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (UPSWSDBSERVER)
"{2b02f836-a9b9-458c-80e5-3ea8c0de8471}" = QuickBooks Premier: Mfg and Whsle Edition 2004
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{33035862-543C-4405-9CC6-08593CF2C25F}" = ReportServer
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{390160B4-D276-4A04-8002-8D3101A0D367}" = UPSICC
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE3EAC8-FAD9-4ECC-A339-BBAD8C72DE71}" = UPSDB
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56B59C2A-EFB8-44AC-88F5-3280171E4522}" = PolicyManager
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5AE59A84-B2F3-42CC-A246-5AF80F6EE770}" = Reconciler
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6446BBD0-CB83-40E1-BEA1-0C147065E2A6}" = Maxtor Manager
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AF09E3-1167-4771-903C-CCCDCF7E171C}" = NRF
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A5F34E2-37CF-4AD4-808C-2D413786E31A}" = Microsoft Visual C Runtime
"{8C5BD501-AD5D-4A75-9321-076509B438FC}" = WebHelp
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{952EF359-55CA-4432-AF69-E568526A834B}" = GX e3300N User Guide
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{95749C5B-BC37-41E3-8D39-EEF4C21A2825}" = CCC
"{96327C3C-96BE-4C7A-A6F7-A71635E5949A}" = Microsoft SQL Server 2005 Backward compatibility
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5763105-D1D5-4862-A3FE-EC058F9AA73E}" = ICCHelp
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC728F95-2D3F-4D05-9E1E-F2A3CEBF3FE8}" = FormsComponent
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C23415D8-FE94-4F52-B5C4-0FFA2202C6D9}" = UPSVCMM
"{C30E30A6-0AB5-470A-AB67-D322938F5429}" = SupportUtility
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8BA6802-38DA-43F9-8ACB-73161C277C9A}" = Adobe Setup
"{C9D43B38-34AD-4EC2-B696-46F42D49D174}" = MSIChecker
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CD4D567E-44D7-4CDA-977D-C918D88FA3D9}_is1" = MemTurbo 4
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF2962CB-E3E7-4AA5-B6CE-EE59A600ECBE}" = UnifiedPrinting
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D44E7219-947E-4F1B-830E-66EF11ACC543}" = NA1Messenger
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB2C58E0-6284-4B48-97F2-22A980B6360B}" = System
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E358CC1E-4953-4E27-ADEB-8B27D8BBC20E}" = UPSlinkHTTP
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EA9629DA-5715-48BA-B054-28169702B176}" = FOSS
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"019BA247F4BF373BFF125045DCD742221AF9A191" = Windows Driver Package - Intel System (11/07/2008 7.0.1.1011)
"78E323AD9D89319D83E2FCD94ECFBF167EAA1783" = Windows Driver Package - NVIDIA (nvlddmkm) Display (10/08/2010 8.17.12.6089)
"A0729A9A0C26BBEB6A691F1C0774DB40F1AF4E5B" = Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (07/06/2010 6.0.1.6151)
"AccuRIP" = AccuRIP 01.01.044 - Fawkes Engineering
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe Acrobat 8 Professional_831" = Adobe Acrobat 8.3.1 - CPSID_83708
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_498b43b77cac072081a5692bfc52804" = Add or Remove Adobe Creative Suite 3 Design Premium
"ARO 2012_is1" = ARO 2012
"Carbonite Backup" = Carbonite
"CNXT_MODEM_PCI_HSF" = PCIe Soft Data Fax Modem with SmartCP
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FILE RECOVERY for WindowsNSIS" = FILE RECOVERY for Windows
"InstallShield_{6446BBD0-CB83-40E1-BEA1-0C147065E2A6}" = Maxtor Manager
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MultiPASS" = Canon FAXPHONE L75
"N360" = Norton Security Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Revo Uninstaller" = Revo Uninstaller 1.88
"sp44626" = sp44626
"UPS" = UPS Hundredweight Service Uninstall
"UPS WorldShip" = UPS WorldShip
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-456745801-3816342965-4259963633-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 5/2/2012 12:17:15 AM | Computer Name = storm-art | Source = Windows Search Service | ID = 3013
Description =
Error - 5/2/2012 12:17:15 AM | Computer Name = storm-art | Source = Windows Search Service | ID = 3013
Description =
Error - 5/2/2012 12:17:15 AM | Computer Name = storm-art | Source = Windows Search Service | ID = 3013
Description =
Error - 5/2/2012 12:17:15 AM | Computer Name = storm-art | Source = Windows Search Service | ID = 3013
Description =
Error - 5/2/2012 12:17:15 AM | Computer Name = storm-art | Source = Windows Search Service | ID = 3013
Description =
Error - 5/2/2012 12:17:15 AM | Computer Name = storm-art | Source = Windows Search Service | ID = 3013
Description =
Error - 5/2/2012 12:18:34 AM | Computer Name = storm-art | Source = VSS | ID = 8194
Description =
Error - 5/2/2012 3:03:06 PM | Computer Name = storm-art | Source = Application Error | ID = 1000
Description = Faulting application InDesign.exe, version 5.0.4.682, time stamp 0x48ca2a28,
faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception
code 0xc0000005, fault offset 0x00039377, process id 0xe54, application start time
0x01cd2895983319e1.
Error - 5/3/2012 10:35:04 AM | Computer Name = storm-art | Source = MsiInstaller | ID = 11310
Description =
Error - 5/3/2012 11:05:36 AM | Computer Name = storm-art | Source = Windows Search Service | ID = 3013
Description =
[ Media Center Events ]
Error - 3/30/2010 3:32:04 PM | Computer Name = storm-art | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 4/7/2010 3:31:09 PM | Computer Name = storm-art | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ OSession Events ]
Error - 2/10/2010 12:14:13 PM | Computer Name = storm-art | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4242
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2/10/2010 12:14:28 PM | Computer Name = storm-art | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2/10/2010 4:03:53 PM | Computer Name = storm-art | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5254
seconds with 60 seconds of active time. This session ended with a crash.
Error - 2/10/2010 4:05:45 PM | Computer Name = storm-art | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 101
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2/11/2010 12:33:56 PM | Computer Name = storm-art | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 374
seconds with 300 seconds of active time. This session ended with a crash.
Error - 2/11/2010 12:34:07 PM | Computer Name = storm-art | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 4/27/2010 11:27:50 PM | Computer Name = storm-art | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 32651
seconds with 180 seconds of active time. This session ended with a crash.
Error - 5/13/2010 5:11:28 PM | Computer Name = storm-art | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17186
seconds with 420 seconds of active time. This session ended with a crash.
Error - 5/21/2010 3:40:07 PM | Computer Name = storm-art | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 9/14/2010 1:50:48 PM | Computer Name = storm-art | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 5/2/2012 5:21:25 PM | Computer Name = storm-art | Source = Service Control Manager | ID = 7000
Description =
Error - 5/2/2012 5:21:25 PM | Computer Name = storm-art | Source = Service Control Manager | ID = 7026
Description =
Error - 5/2/2012 5:31:02 PM | Computer Name = storm-art | Source = Service Control Manager | ID = 7000
Description =
Error - 5/2/2012 5:31:02 PM | Computer Name = storm-art | Source = Service Control Manager | ID = 7026
Description =
Error - 5/3/2012 10:42:49 AM | Computer Name = storm-art | Source = Service Control Manager | ID = 7000
Description =
Error - 5/3/2012 10:43:04 AM | Computer Name = storm-art | Source = Service Control Manager | ID = 7026
Description =
Error - 5/3/2012 10:52:34 AM | Computer Name = storm-art | Source = Service Control Manager | ID = 7000
Description =
Error - 5/3/2012 10:52:34 AM | Computer Name = storm-art | Source = Service Control Manager | ID = 7026
Description =
Error - 5/3/2012 11:11:59 AM | Computer Name = storm-art | Source = Service Control Manager | ID = 7000
Description =
Error - 5/3/2012 11:11:59 AM | Computer Name = storm-art | Source = Service Control Manager | ID = 7026
Description =
< End of report >