Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

System Protection Turned Off


  • Please log in to reply

#1
Totally Frustrated

Totally Frustrated

    Member

  • Member
  • PipPip
  • 44 posts
http://www.geekstogo...ff-t264553.html

I have followed the self-help tools and still have some issues. The requested logs follows. NOTE: The GMER log is huge and locks up my browser when I try to paste it here. Any suggestions?

MBAM
Malwarebytes' Anti-Malware 1.26
Database version: 1116
Windows 6.0.6002 Service Pack 2

1/9/2010 8:33:33 PM
mbam-log-2010-01-09 (20-33-33).txt

Scan type: Quick Scan
Objects scanned: 47162
Time elapsed: 3 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\cpbrkpie.coupon6ctrl.1 (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9522b3fb-7a2b-4646-8af6-36e7f593073c} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a85a5e6a-de2c-4f4e-99dc-f469df5a0eec} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e780f0b-bcd6-40cb-b2db-7af47ab4d4a4} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a138be8b-f051-4802-9a3f-a750a6d862d4} (Adware.Coupons) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Windows\CouponPrinter.ocx (Adware.Coupons) -> Quarantined and deleted successfully.


OTL
OTL logfile created on: 1/11/2010 7:33:48 PM - Run 1
OTL by OldTimer - Version 3.1.24.0 Folder = C:\Users\Kevin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 454.76 Gb Total Space | 324.86 Gb Free Space | 71.44% Space Free | Partition Type: NTFS
Drive D: | 11.00 Gb Total Space | 4.14 Gb Free Space | 37.61% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 462.58 Gb Free Space | 99.32% Space Free | Partition Type: NTFS
Drive F: | 392.97 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-SIDEKICK
Current User Name: Kevin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/11 19:28:52 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
PRC - [2009/12/28 18:21:52 | 01,758,536 | ---- | M] (Bootstrap Software Development) -- C:\Program Files\Common Files\BSD\AppUpdater\BSDChecker.exe
PRC - [2009/11/04 07:03:33 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009/10/28 20:21:26 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/11 01:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/12/01 13:38:52 | 01,549,728 | R--- | M] (BUFFALO INC.) -- C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe
PRC - [2008/10/25 07:18:50 | 00,098,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008/07/04 02:35:34 | 00,692,224 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2008/06/30 17:24:17 | 00,091,440 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2008/05/27 08:36:34 | 00,251,184 | R--- | M] (BUFFALO INC.) -- C:\Program Files\BUFFALO\NASNAVI\nassvc.exe
PRC - [2008/05/27 08:36:20 | 00,206,128 | R--- | M] (BUFFALO INC.) -- C:\Program Files\BUFFALO\NASNAVI\nassche.exe
PRC - [2008/05/17 23:37:43 | 01,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2008/05/02 01:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008/05/02 01:42:18 | 00,059,920 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\LBTWiz.exe
PRC - [2008/05/02 01:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
PRC - [2008/05/02 01:40:56 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/01/19 02:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 02:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008/01/19 02:33:37 | 00,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe
PRC - [2008/01/19 02:33:15 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2007/10/30 23:35:58 | 04,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/10/09 16:48:02 | 00,307,200 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files\Gateway\EzTune\dthtml.exe
PRC - [2007/10/09 16:46:04 | 00,065,536 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2007/10/09 16:45:20 | 00,110,592 | ---- | M] (Portrait Displays Inc.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
PRC - [2007/09/13 19:22:04 | 05,252,936 | ---- | M] (SpareBackup, Inc.) -- C:\Program Files\Spare Backup\SpareBackup.exe
PRC - [2007/08/31 10:49:50 | 00,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/07/17 10:13:56 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2007/07/17 10:13:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2007/05/31 09:21:28 | 00,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe
PRC - [2007/05/11 00:55:50 | 00,053,248 | ---- | M] () -- C:\Program Files\IOI\ButtonMonitor.exe
PRC - [2007/05/03 02:53:38 | 00,103,344 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 5200 Series\ezprint.exe
PRC - [2007/05/03 02:50:24 | 00,230,320 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 5200 Series\lxbtmon.exe
PRC - [2007/05/03 02:48:52 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxbtcoms.exe
PRC - [2007/04/02 09:07:38 | 00,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2007/03/15 00:01:30 | 00,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PRC - [2007/02/09 11:17:30 | 00,694,008 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Software\Floater.exe
PRC - [2007/02/09 11:17:26 | 00,694,008 | ---- | M] () -- C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe
PRC - [2006/09/06 15:12:46 | 00,323,216 | ---- | M] (Napster) -- C:\Program Files\Napster\napster.exe
PRC - [2006/08/04 05:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2005/07/22 02:47:22 | 00,151,552 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe


========== Modules (SafeList) ==========

MOD - [2010/01/11 19:28:52 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
MOD - [2009/04/11 01:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/04 07:03:33 | 00,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-093009-130223)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/24 20:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/05 22:48:42 | 00,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/09 11:22:18 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/19 10:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/04/30 20:02:53 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 00,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/07/04 02:35:34 | 00,692,224 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2008/05/27 08:36:34 | 00,251,184 | R--- | M] (BUFFALO INC.) [Auto | Running] -- C:\Program Files\BUFFALO\NASNAVI\nassvc.exe -- (NasPmService)
SRV - [2008/05/17 23:37:43 | 01,251,720 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/05/02 01:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/01/19 02:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/09 16:46:04 | 00,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2007/08/31 10:49:50 | 00,243,064 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/29 16:58:47 | 00,181,800 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/08/22 23:35:22 | 03,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/21 10:21:30 | 00,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/05/31 09:21:24 | 00,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 00,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/03 02:48:52 | 00,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbtcoms.exe -- (lxbt_device)
SRV - [2007/04/02 09:07:38 | 00,272,024 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2006/11/02 07:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 17:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/08/04 05:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...h...TP&M=GM5664
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...h...TP&M=GM5664
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...h...TP&M=GM5664

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 B1 85 03 74 90 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0



O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Windows\System32\BAE.dll (Gateway Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [auditadmin] C:\Windows\OPTIONS\auditadmin.cmd ()
O4 - HKLM..\Run: [Bluetooth Connection Assistant] File not found
O4 - HKLM..\Run: [BSDAppUpdater] C:\Program Files\Common Files\BSD\AppUpdater\BSDChecker.exe (Bootstrap Software Development)
O4 - HKLM..\Run: [ButtonMonitor] C:\Program Files\IOI\ButtonMonitor.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DT GWY] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 5200 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [F5D8001] C:\Program Files\Belkin\F5D8001v1\Belkinwcui.exe File not found
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LXBTCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXBTtime.DLL ()
O4 - HKLM..\Run: [lxbtmon.exe] C:\Program Files\Lexmark 5200 Series\lxbtmon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe (Napster)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Spare Backup] C:\Program Files\Spare Backup\SpareBackup.exe (SpareBackup, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator.lnk = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)
O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk = C:\Program Files\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
O4 - Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} http://h20264.www2.h...osticsVista.cab (HPDDClientExec Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\GTW2_Wide.bmp
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\GTW2_Wide.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 04:01:00 | 00,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008/07/09 20:02:58 | 00,000,041 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{4fe04bdb-9c11-11dc-b62d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4fe04bdb-9c11-11dc-b62d-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Lang.exe -- [2008/07/24 08:31:38 | 00,251,184 | R--- | M] (BUFFALO INC.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/05/21 11:25:48 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 14 Days ==========

[2010/01/11 19:28:44 | 00,544,256 | ---- | C] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
[2010/01/09 20:21:37 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/01/09 20:20:51 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Kevin\Desktop\erunt_setup.exe
[2010/01/09 19:14:44 | 00,410,624 | ---- | C] (OldTimer Tools) -- C:\Users\Kevin\Desktop\TFC.exe
[2010/01/08 23:00:48 | 00,000,000 | ---D | C] -- C:\Users\Kevin\Documents\NasNavi
[2010/01/08 22:44:05 | 00,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\NASNaviator2
[2010/01/08 22:43:57 | 00,000,000 | ---D | C] -- C:\Program Files\BUFFALO
[2010/01/02 15:23:30 | 00,000,000 | ---D | C] -- C:\ProgramData\BSD
[2010/01/02 15:23:30 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\BSD
[2008/05/18 03:33:39 | 01,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbtserv.dll
[2008/05/18 03:33:39 | 00,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxbtusb1.dll
[2008/05/18 03:33:39 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbtpmui.dll
[2008/05/18 03:33:39 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbtlmpm.dll
[2008/05/18 03:33:39 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbtinpa.dll
[2008/05/18 03:33:39 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbtiesc.dll
[2008/05/18 03:33:39 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxbthcp.dll
[2008/05/18 03:33:39 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbtprox.dll
[2008/05/18 03:33:39 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbtpplc.dll
[2008/05/18 03:33:38 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbthbn3.dll
[2008/05/18 03:33:38 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbtcomc.dll
[2008/05/18 03:33:38 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbtcomm.dll

========== Files - Modified Within 14 Days ==========

[2010/01/11 19:35:00 | 00,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{855985CC-FDA4-4FBF-A1E6-B0C5D5FEFD78}.job
[2010/01/11 19:34:22 | 02,621,440 | -HS- | M] () -- C:\Users\Kevin\NTUSER.DAT
[2010/01/11 19:28:52 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
[2010/01/11 19:01:38 | 00,284,915 | ---- | M] () -- C:\Users\Kevin\Desktop\gmer.zip
[2010/01/11 18:38:02 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/01/11 18:38:02 | 00,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/01/11 18:38:02 | 00,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/01/11 18:35:46 | 00,244,736 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mbb
[2010/01/11 18:35:46 | 00,207,872 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mb
[2010/01/11 18:31:34 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/11 18:31:34 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/11 18:31:30 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/11 18:31:28 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/11 18:31:25 | 32,196,44416 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/11 18:30:12 | 00,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/01/11 18:30:07 | 00,524,288 | -HS- | M] () -- C:\Users\Kevin\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/01/11 18:30:07 | 00,065,536 | -HS- | M] () -- C:\Users\Kevin\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/01/11 13:31:53 | 01,427,178 | -H-- | M] () -- C:\Users\Kevin\AppData\Local\IconCache.db
[2010/01/10 22:48:58 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E3C6FD00-1378-444C-9F6D-1CA4EB3D91DB}.job
[2010/01/09 20:22:12 | 00,000,913 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/01/09 20:21:38 | 00,000,733 | ---- | M] () -- C:\Users\Kevin\Desktop\NTREGOPT.lnk
[2010/01/09 20:21:38 | 00,000,714 | ---- | M] () -- C:\Users\Kevin\Desktop\ERUNT.lnk
[2010/01/09 20:20:54 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Kevin\Desktop\erunt_setup.exe
[2010/01/09 19:14:47 | 00,410,624 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\TFC.exe
[2010/01/08 23:17:54 | 00,001,822 | ---- | M] () -- C:\Users\Kevin\Desktop\LS-XHL050.lnk
[2010/01/08 23:17:38 | 00,000,960 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator.lnk
[2010/01/08 23:17:38 | 00,000,942 | ---- | M] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk
[2010/01/08 23:17:38 | 00,000,906 | ---- | M] () -- C:\Users\Kevin\Desktop\BUFFALO NAS Navigator.lnk
[2010/01/07 19:59:57 | 00,000,546 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Kevin.job
[2010/01/02 15:23:43 | 00,000,355 | ---- | M] () -- C:\Windows\win.ini
[2010/01/02 15:23:30 | 00,000,787 | ---- | M] () -- C:\Users\Kevin\Desktop\MediaWidget.lnk

========== Files Created - No Company Name ==========

[2010/01/11 19:01:32 | 00,284,915 | ---- | C] () -- C:\Users\Kevin\Desktop\gmer.zip
[2010/01/09 20:22:12 | 00,000,913 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/01/09 20:21:38 | 00,000,733 | ---- | C] () -- C:\Users\Kevin\Desktop\NTREGOPT.lnk
[2010/01/09 20:21:38 | 00,000,714 | ---- | C] () -- C:\Users\Kevin\Desktop\ERUNT.lnk
[2010/01/08 23:17:54 | 00,001,822 | ---- | C] () -- C:\Users\Kevin\Desktop\LS-XHL050.lnk
[2010/01/08 23:00:48 | 00,000,960 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator.lnk
[2010/01/08 23:00:48 | 00,000,942 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk
[2010/01/08 23:00:48 | 00,000,906 | ---- | C] () -- C:\Users\Kevin\Desktop\BUFFALO NAS Navigator.lnk
[2010/01/02 15:23:30 | 00,000,787 | ---- | C] () -- C:\Users\Kevin\Desktop\MediaWidget.lnk
[2009/09/10 19:36:41 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 14:07:42 | 00,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/07/28 11:06:48 | 00,014,344 | ---- | C] () -- C:\Windows\UN060501.INI
[2008/05/30 17:38:34 | 00,000,523 | ---- | C] () -- C:\Windows\System32\ucuiinfo.ini
[2008/05/28 20:49:50 | 00,000,059 | ---- | C] () -- C:\Windows\Form Workshop 500.ini
[2008/05/27 22:02:27 | 00,002,304 | ---- | C] () -- C:\Windows\System32\Machnm32.sys
[2008/05/18 03:33:39 | 00,274,432 | ---- | C] () -- C:\Windows\System32\lxbtinst.dll
[2008/05/17 00:41:42 | 00,040,960 | ---- | C] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/31 04:18:34 | 00,005,404 | ---- | C] () -- C:\Windows\UN070209.INI
[2007/11/26 07:04:42 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/02/22 17:32:00 | 00,344,064 | ---- | C] () -- C:\Windows\System32\lxbtcoin.dll
[2006/11/02 07:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/08/18 05:26:46 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxbtvs.dll
[2005/05/25 08:07:26 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxbtcnv4.dll
[2000/09/08 16:53:50 | 00,073,839 | ---- | C] () -- C:\Windows\System32\KodakOneTouch.dll

========== LOP Check ==========

[2009/01/23 18:29:02 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Astraware
[2010/01/02 15:23:43 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\BSD
[2008/05/27 22:04:48 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\DisplayTune
[2008/08/21 12:15:25 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\ICAClient
[2010/01/08 22:44:05 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\NASNaviator2
[2008/05/17 01:00:57 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\SampleView
[2010/01/11 18:34:10 | 00,000,000 | ---D | M] -- C:\Users\Kevin\AppData\Roaming\Spare Backup
[2010/01/11 18:30:13 | 00,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/01/11 19:35:00 | 00,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{855985CC-FDA4-4FBF-A1E6-B0C5D5FEFD78}.job
[2010/01/10 22:48:58 | 00,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E3C6FD00-1378-444C-9F6D-1CA4EB3D91DB}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 04:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 04:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: AHCIX86S.SYS >
[2008/01/16 19:27:56 | 00,174,600 | ---- | M] (AMD Technologies Inc.) MD5=8DC09F3B54DDCAEB52E0DCFA1D55B26A -- C:\ATI\SUPPORT\8-5_vista32_dd_ccc_wdm_enu_63036\Packages\Drivers\SBDrv\SB7xx\RAID\LH\ahcix86s.sys
[2007/04/16 17:16:34 | 00,119,296 | ---- | M] (ATI Technologies Inc.) MD5=A5AC7B705166BF7CD07BB054BEEA8D03 -- C:\ATI\SUPPORT\8-5_vista32_dd_ccc_wdm_enu_63036\Packages\Drivers\SBDrv\SB6xx\RAID\LH64A\ahcix86s.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 01:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 01:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 01:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 02:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 02:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/05/18 02:07:01 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/05/18 02:07:01 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/05/18 02:07:00 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 04:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008/01/19 02:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 02:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 04:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 01:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 01:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 02:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 04:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 02:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 02:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: NVSTOR32.SYS >
[2007/07/02 04:37:08 | 00,110,112 | ---- | M] (NVIDIA Corporation) MD5=A1CE1A6FD74C046F029448FCFA5E386D -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_efe24208\nvstor32.sys
[2007/08/09 17:12:30 | 00,110,624 | ---- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Windows\System32\drivers\nvstor32.sys
[2007/08/09 17:12:30 | 00,110,624 | ---- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_99d8b088\nvstor32.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 02:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 04:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/11 01:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 01:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/07/04 02:37:48 | 00,421,888 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009/03/08 06:31:42 | 00,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 06:31:37 | 00,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009/04/11 01:27:47 | 00,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 01:28:23 | 00,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >
< End of report >


EXTRAS
OTL Extras logfile created on: 1/11/2010 7:33:48 PM - Run 1
OTL by OldTimer - Version 3.1.24.0 Folder = C:\Users\Kevin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 454.76 Gb Total Space | 324.86 Gb Free Space | 71.44% Space Free | Partition Type: NTFS
Drive D: | 11.00 Gb Total Space | 4.14 Gb Free Space | 37.61% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 462.58 Gb Free Space | 99.32% Space Free | Partition Type: NTFS
Drive F: | 392.97 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-SIDEKICK
Current User Name: Kevin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" %*
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022A2452-ADA5-4F8D-940C-1437EF7C154C}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{03BBC814-EA11-4C24-91D6-E1E66348882F}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{03E97173-DE86-4DC3-8CA6-7A563113FF73}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{10DF0D66-993C-45BB-8E77-4E54E2B00A3B}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{2564B3A4-4FF2-47A4-AED8-A61F1C5F57EB}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{2EDB5056-D7D0-4628-A51E-1DB9A43FB086}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3435E3E2-8229-4455-8E71-5812B4A55009}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{34901C8B-7007-4981-A298-E775F89BC887}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3E2008BF-88D5-40E6-8F64-9CB3D3819F7A}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{48832037-7FFC-48AA-865E-AE4A1D854F23}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{488976CF-885F-40CB-8456-B8949E5EC584}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{613309E7-48A1-4F81-890B-335902D0140A}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{68E3C6EF-BCAB-4281-9BE0-EDCB52EA0C8A}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{714B27A6-CFA9-4314-A515-69F98F049EF9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{73B169A5-48EC-437E-9D71-DE5CCAC06C42}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{75BC8DDA-080D-4B7B-921A-0E5994B0EC3A}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{7F78F841-74E7-4442-8D8A-C775891B5E1B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{812DC479-1318-447B-8DAA-7D1FFBCDFF53}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{847C2605-B112-4F0A-86AF-1F861F7B95F1}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{8E1F9D5F-09AB-4104-9FA2-A8034DD29D8D}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9B5794A3-A824-42B2-8D15-9D127F0DD306}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A06B7811-EA2F-41CB-ABB2-22D29481005B}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{A3B542B8-A863-46B8-9B6C-5A403A95B71C}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AE1A20C4-490F-4984-B36D-7122F6194520}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{AEABB7FD-ED7F-4D1B-B9D8-2CC250CF8095}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B0D765EB-4FE9-4E8F-A422-3ABDD18547BE}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{BD02351F-8499-4EC1-90EB-B62AE1DC778D}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CB90624F-2ADD-48A8-9E83-DCEA4BBEF247}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{DC55C20A-2AB4-4079-9CA3-2AD2DFCECD84}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E20BF77F-9304-4243-83A5-95A5F13D240D}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E3787DCB-100D-4305-A265-1865C3BEFD5A}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EBBB08E6-42FF-468B-9A4A-DE42D07A3253}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{EEAC9FE2-AA21-4120-8BEC-ADD7274AFAB1}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{F081BBC4-6E98-49EE-9A54-DD9E0125C0FF}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F67D27F3-6AD8-4779-82F9-42C967C6C619}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{F788CD22-2DF7-4CC7-83F4-9DED4D5180FE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{FF1B8E58-6C4A-4C56-AE2A-6F2966AEC634}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FFBF91CF-96AC-4124-B46F-AF61EC69EAA2}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FFFF91D1-F9CA-4D88-8864-AF1654CB62D8}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E24E32-92E5-48DC-95D5-95B07E33F103}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{029651CC-7699-45B0-A0FC-BBBC94FA9525}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{06470889-F5D4-42B1-A799-B4A1522114B6}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{07060BC2-416E-4582-BB14-E80709C2BBA6}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0998DE3E-871A-462E-BFAB-85AA02834860}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0F289C0C-2922-4143-8EEF-6AF5B236D1C5}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{104B34A5-1937-456C-B052-3686530993F7}" = protocol=17 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |
"{1AADC9E5-ED59-445C-A3AE-87AAA773619E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1EA247EF-D2A8-4183-97D3-8DE3F4D23B4C}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbtpswx.exe |
"{20C05FEF-1B20-43A7-856F-18CDDF4E352F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{22C2A48C-D1D3-43FA-B8BD-06C43B5B5E2D}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{31397547-CF02-44B6-806C-E0BFBDCCF0AD}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{318908CE-8C6F-4B7B-96B6-64117821B1A3}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{35F36C9B-0216-45F0-90A0-622D9BE9D625}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3E5D0026-1AF0-49DB-BA48-DDD7ADCF9FB9}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3E9684E0-8FBE-4199-B2B0-4E39032A9F4D}" = protocol=17 | dir=in | app=c:\windows\system32\lxbtcoms.exe |
"{41F4F0E0-BC32-4EE0-AD20-F24304B5CF97}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{452CFA43-E175-4774-A273-4B4037A57ACD}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{4537A91D-B022-4F6B-8225-A2B8D808C292}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{45898146-27CC-4EFF-9A6B-E49D1DD28C1E}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4F3CD4F5-A286-4712-A5ED-2B057E754A54}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{514F1885-5729-4179-8A6D-483D25C2E2AB}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{591CE676-6AEB-49D4-8736-B3AEDD65D46B}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{63185438-5307-435C-88F5-9E7172E6A154}" = protocol=6 | dir=in | app=c:\windows\system32\lxbtcoms.exe |
"{6439D282-3C30-4008-B80D-0A5C571800B1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{692E5378-6BDA-4DB5-9469-B8E4BE33F5FE}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{7ECD43F2-7AEE-4B57-A310-62E32ADBEFFE}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{7EFCD924-7D94-451E-9F06-8A6ADFB60DE8}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{90622BAB-7EE3-48EB-937C-DF018F061A9E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{924C7F66-DFB2-42C3-A1FB-DFCE10F0F25C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{932D74DF-D405-4AAC-B638-210211AF1909}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{93D35127-B275-4548-98D7-28B4DD4B30C7}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{96A02364-EE8C-4852-9845-C82746B0BFC0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9893915C-887E-4801-9C5F-5BC147A6D237}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{99F4753C-1EBB-4453-B343-94DA9E2015DC}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9C36A21E-BD9B-41C5-8BD8-88CB35A8A02A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9DA16FF1-2848-4CEB-9C31-B7F06DDFAF4B}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{9DC306C7-9EDC-40EF-A074-B51A6493626B}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{9F1C9815-C3BA-4A50-B3F9-93055C576910}" = protocol=17 | dir=in | app=c:\program files\buffalo\nasnavi\nasnavi.exe |
"{A0C69007-09F3-4650-AB1F-525189A0AC3E}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A67E32B5-3384-45E1-85F3-8CA1D6DBC6A5}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B9184E8D-4BD0-4CF6-AFFB-250E74065A50}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{BE6132DF-9CB4-4D60-9580-59EADCFF333D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C0C6113E-6401-438B-86B9-BEF0E32A5E34}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbtpswx.exe |
"{C7CFD8C5-4A01-4526-BD66-4F0D937215C4}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CFF19F7A-ABE8-4FEF-83E2-E38F80038FAF}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D18F5D6D-8A92-4A39-8D3F-968046F7DD0A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DB65352D-112B-49A0-9098-837381DD7536}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DE9A3AA0-A669-4A0D-8A82-ACC24184B3C9}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E6F812A8-313A-4213-8143-1F99C069D5D6}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EB1A4A4E-C2D3-4196-80B0-F9861AFBEDBE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{ED9B4391-728B-46E4-B494-2C6049F7082F}" = protocol=6 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |
"{FCECEF6B-5CA1-42DE-9A60-EF7EEA75A0E2}" = protocol=6 | dir=in | app=c:\program files\buffalo\nasnavi\nasnavi.exe |
"{FE78BBC8-AB31-4701-8A45-4D49C86661B0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15EEFF80-97EC-43C4-BDD4-50E4A8E3117D}" = Belkin N1 Wireless Desktop Card
"{17068829-10EE-4581-BDC8-C53C483694A3}" = Smart Copy
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Hi-Def Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23CA0F98-A245-A5CE-7340-1AB9FA295972}" = Catalyst Control Center Graphics Previews Common
"{243E9065-1DA0-4786-B3BD-B8030277F214}" = Logitech Harmony Remote Software 7
"{27EF9181-B4B4-5264-26C0-99AEAC32237B}" = Catalyst Control Center Core Implementation
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{32458328-19F8-4F80-A3EB-3DAABAB79F17}" = Symantec Real Time Storage Protection Component
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security
"{38441BE7-79B0-42B8-8297-833704F949FE}" = HLPIndex
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{45DB6A42-FA57-36BE-ED10-D957A2C40157}" = Catalyst Control Center Graphics Full New
"{48096E29-EE6A-0C47-4399-474A153CA0D8}" = Skins
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4F677FC7-7AA8-412B-A957-F13CBE1C7331}" = ESSSONIC
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5EC736EC-01D3-EED7-FF72-11CA7694D6F4}" = ccc-utility
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{6087F45E-358C-4173-8CB1-DE0AE26FFAE1}" = Catalyst Control Center - Branding
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E7DFE64-2331-995F-3C90-C475299FF714}" = CCC Help English
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{7F7CD46F-E36E-4FCB-AE62-614CD7F011B9}" = Bowflex i-Trainer
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{827C8DC6-5A16-11D7-AD8E-0050DA87D0EB}" = Form Workshop 500
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}" = ESSCT
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8DD94CA3-BCD2-49C0-B537-F3B5D95FF0C8}" = HLPSFO
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_OUTLOOKR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OUTLOOKR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OUTLOOKR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_OUTLOOKR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_OUTLOOKR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_OUTLOOKR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{91120000-001A-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2007
"{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A57C6094-FC5A-4DEC-B1E0-1B2F48EEE8F4}" = Spare Backup
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AE715EB4-5AC3-F208-C1ED-2EA12E462B04}" = Catalyst Control Center HydraVision Full
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B668451D-B58A-4042-9500-BAF424598BF4}" = SymNet
"{B68ED296-D899-4573-AFFC-D3F6904785D4}" = HP Driver Diagnostics
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security
"{C394977C-F372-648C-ACB0-DF7086F4ABC9}" = Catalyst Control Center Graphics Previews Vista
"{CA60320D-6A16-49C8-A34F-84EEF4799567}" = ESSTUTOR
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB38AAE-AB46-D865-877F-E47E23E656FD}" = Catalyst Control Center Graphics Light
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D4B5BEA4-4E70-2505-5E03-A3D620475E60}" = Catalyst Control Center Graphics Full Existing
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{DA628D3D-1946-ABA1-FF67-FD3B980AFC15}" = ccc-core-static
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{E9459BCF-0982-498B-ABA7-26C34323493F}" = Citrix Presentation Server Client - Web Only
"{EE5EEDAF-F932-462B-A2CB-EEBDF819D5F5}" = Gateway Connect
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0F0802E-94B6-C513-0594-F4F96917A031}" = ATI Catalyst Install Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime
"{F4955758-B754-471D-9091-7CE2C3D9E9AA}" = EzTune
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FEDE2483-87B7-44C1-A5BB-D75AEB8B6340}" = ESSEMAIL
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F40&SUBSYS_200014F1" = Soft Data Fax Modem with SmartCP
"ComcastHSI" = Comcast High-Speed Internet Install Wizard
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Data Access Objects (DAO) 3.5" = Data Access Objects (DAO) 3.5
"ERUNT_is1" = ERUNT 1.1j
"F91DE9EF5AFAFC25B8064CF689EDC53549D19E2E" = Windows Driver Package - ViXS Systems Inc. ViXS PureTV-U (05/29/2007 6.2.100.7)
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Lexmark 5200 Series" = Lexmark 5200 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaWidget - Easy iPod Transfer_is1" = MediaWidget 6.0
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"Money2007b" = Microsoft Money Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"OUTLOOKR" = Microsoft Office Outlook 2007 Trial
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"UN060501" = BUFFALO NAS Navigator
"UN070209" = Uninstall of File Security Tool
"WildTangent gateway Master Uninstall" = Gateway Games
"Windows Mobile Device Handbook" = HTC Touch Pro™ User Guide
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Astraware Astraware Boardgames for Windows Mobile" = Astraware Boardgames for Windows Mobile
"Astraware Astraware Casino for Windows Mobile" = Astraware Casino for Windows Mobile
"Astraware Astraware Sudoku for Windows Mobile" = Astraware Sudoku for Windows Mobile
"Astraware Bejeweled 2 for Windows Mobile" = Bejeweled 2 for Windows Mobile

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/7/2009 12:10:41 AM | Computer Name = Home-Sidekick | Source = System Restore | ID = 8193
Description =

Error - 4/7/2009 8:53:21 AM | Computer Name = Home-Sidekick | Source = EventSystem | ID = 4621
Description =

Error - 4/7/2009 9:54:52 AM | Computer Name = Home-Sidekick | Source = EventSystem | ID = 4621
Description =

Error - 4/7/2009 12:03:51 PM | Computer Name = Home-Sidekick | Source = System Restore | ID = 8193
Description =

Error - 4/7/2009 3:41:52 PM | Computer Name = Home-Sidekick | Source = EventSystem | ID = 4621
Description =

Error - 4/7/2009 4:31:51 PM | Computer Name = Home-Sidekick | Source = System Restore | ID = 8193
Description =

Error - 4/8/2009 7:29:26 PM | Computer Name = Home-Sidekick | Source = System Restore | ID = 8193
Description =

Error - 4/10/2009 1:56:42 PM | Computer Name = Home-Sidekick | Source = System Restore | ID = 8193
Description =

Error - 4/11/2009 12:04:55 AM | Computer Name = Home-Sidekick | Source = System Restore | ID = 8193
Description =

Error - 4/12/2009 12:00:01 AM | Computer Name = Home-Sidekick | Source = System Restore | ID = 8193
Description =

[ Media Center Events ]
Error - 12/4/2008 12:56:18 AM | Computer Name = Home-Sidekick | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 1/27/2009 6:43:17 AM | Computer Name = Home-Sidekick | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 1/9/2010 9:11:24 PM | Computer Name = Home-Sidekick | Source = Service Control Manager | ID = 7026
Description =

Error - 1/9/2010 9:14:01 PM | Computer Name = Home-Sidekick | Source = Service Control Manager | ID = 7034
Description =

Error - 1/9/2010 9:16:39 PM | Computer Name = Home-Sidekick | Source = Service Control Manager | ID = 7026
Description =

Error - 1/9/2010 11:01:45 PM | Computer Name = Home-Sidekick | Source = Service Control Manager | ID = 7026
Description =

Error - 1/10/2010 5:34:00 PM | Computer Name = Home-Sidekick | Source = DCOM | ID = 10010
Description =

Error - 1/11/2010 2:35:51 PM | Computer Name = Home-Sidekick | Source = Service Control Manager | ID = 7026
Description =

Error - 1/11/2010 3:41:54 PM | Computer Name = Home-Sidekick | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:08:14 PM on 1/11/2010 was unexpected.

Error - 1/11/2010 3:43:19 PM | Computer Name = Home-Sidekick | Source = Service Control Manager | ID = 7026
Description =

Error - 1/11/2010 7:22:39 PM | Computer Name = Home-Sidekick | Source = Service Control Manager | ID = 7034
Description =

Error - 1/11/2010 7:32:52 PM | Computer Name = Home-Sidekick | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP