Hi
The problem started when my one month mcafee subscription ran out and I installed the Windows Live One Care that came with the laptop. This dramatically slowed the computer down, so I uninstalled and installed a free avast anti virus, however the slow system has remained. Opening 1 internet page now has 100% CPU usage.
Malwarebytes' Anti-Malware 1.36
Database version: 2064
Windows 6.0.6001 Service Pack 1
01/05/2009 21:26:50
mbam-log-2009-05-01 (21-26-50).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 191205
Time elapsed: 3 hour(s), 24 minute(s), 7 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
OTListIt logfile created on: 01/05/2009 21:48:10 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.2 Folder = C:\Users\Gareth\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 88.56% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.04 Gb Total Space | 82.97 Gb Free Space | 57.60% Space Free | Partition Type: NTFS
Drive D: | 140.50 Gb Total Space | 140.41 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: GARETH-PC
Current User Name: Gareth
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ========== PRC - [2008/07/22 15:11:02 | 00,700,416 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\Ati2evxx.exe
PRC - [2008/07/22 15:11:02 | 00,700,416 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\Ati2evxx.exe
PRC - [2008/03/25 23:25:06 | 00,050,952 | ---- | M] (UPEK Inc.) -- C:\Program Files\Common Files\SPBA\upeksvr.exe
PRC - [2008/10/13 02:31:12 | 03,438,592 | ---- | M] (Arachnoid Biometrics Identification Group Corp.) -- C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
PRC - [2009/02/05 21:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/02/05 21:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008/04/17 15:14:48 | 00,102,712 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/03/18 05:27:12 | 00,013,312 | ---- | M] (Agere Systems) -- C:\Windows\system32\agrsmsvc.exe
PRC - [2009/03/06 01:04:30 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/03/03 21:11:14 | 00,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2008/01/17 02:35:02 | 00,081,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008/07/30 01:53:00 | 00,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/06/02 17:25:40 | 00,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008/10/13 02:31:01 | 03,521,024 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
PRC - [2008/10/29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2007/01/17 19:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007/12/07 00:15:28 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2008/04/26 05:36:20 | 00,045,056 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2009/02/05 21:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/04/02 16:11:02 | 00,342,312 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/01/31 19:52:26 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/12/02 23:41:54 | 03,882,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2008/04/26 05:36:02 | 00,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2007/01/09 03:25:30 | 00,272,024 | ---- | M] () -- C:\Program Files\Cyberlink\Shared files\RichVideo.exe
PRC - [2009/01/07 13:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/01/21 14:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2008/12/04 17:03:00 | 00,226,640 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/12/08 14:33:48 | 01,173,384 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/04/09 16:09:05 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/02/05 21:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 21:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/01/21 03:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/01/21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2009/04/06 15:32:44 | 01,277,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2009/05/01 21:32:20 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Users\Gareth\Downloads\OTListIt2.exe
========== Win32 Services (SafeList) ========== SRV - [2008/04/17 15:14:48 | 00,102,712 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon [Auto | Running])
SRV - [2008/03/18 05:27:12 | 00,013,312 | ---- | M] (Agere Systems) -- C:\Windows\system32\agrsmsvc.exe -- (AgereModemAudio [Auto | Running])
SRV - [2009/03/06 01:04:30 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/02/05 21:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2008/07/22 15:11:02 | 00,700,416 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\Ati2evxx.exe -- (Ati External Event Utility [Auto | Running])
SRV - [2009/02/05 21:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009/02/05 21:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009/02/05 21:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Disabled | Stopped])
SRV - [2008/03/03 21:11:14 | 00,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc [Auto | Running])
SRV - [2008/01/17 02:35:02 | 00,081,504 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService [Auto | Running])
SRV - [2008/07/27 19:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/30 01:53:00 | 00,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service [Auto | Running])
SRV - [2008/01/21 03:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2008/06/02 17:25:40 | 00,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService [Auto | Running])
SRV - [2008/06/20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/01/31 19:52:21 | 00,024,064 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-080708-050100 [On_Demand | Stopped])
SRV - [2009/02/20 04:09:19 | 00,137,200 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/06/20 02:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/10/13 02:31:01 | 03,521,024 | ---- | M] () -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC [Auto | Running])
SRV - [2009/04/02 16:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2007/01/17 19:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2007/12/07 00:15:28 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService [Auto | Running])
SRV - [2008/06/20 02:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/04/26 05:36:20 | 00,045,056 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc [Auto | Running])
SRV - [2008/04/26 05:36:02 | 00,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 22:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/01/09 03:25:30 | 00,272,024 | ---- | M] () -- C:\Program Files\Cyberlink\Shared files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2009/01/07 13:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])
SRV - [2009/01/21 14:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [Auto | Running])
SRV - [2008/12/04 17:03:00 | 00,226,640 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2008/01/21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped])
SRV - [2008/01/21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
========== Driver Services (SafeList) ========== DRV - [2008/01/21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008/01/21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2005/02/23 15:58:56 | 00,011,776 | ---- | M] (Arcsoft, Inc.) -- C:\Windows\system32\drivers\Afc.sys -- (Afc [On_Demand | Running])
DRV - [2008/03/21 05:13:00 | 01,203,776 | ---- | M] (Agere Systems) -- C:\Windows\system32\DRIVERS\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
DRV - [2008/05/28 07:47:08 | 00,171,016 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s [Boot | Running])
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2008/10/13 02:30:57 | 00,043,184 | ---- | M] (Alfa Corporation) -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF [Boot | Running])
DRV - [2008/01/21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008/01/21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2009/02/05 21:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\Windows\system32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2009/02/05 21:06:59 | 00,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\system32\DRIVERS\aswMonFlt.sys -- (aswMonFlt [Auto | Running])
DRV - [2009/02/05 21:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr [System | Running])
DRV - [2009/02/05 21:07:23 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2009/02/05 21:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2008/07/28 08:53:48 | 00,919,552 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\system32\DRIVERS\athr.sys -- (athr [On_Demand | Running])
DRV - [2008/07/22 15:58:00 | 03,885,568 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\DRIVERS\atikmdag.sys -- (atikmdag [On_Demand | Running])
DRV - [2008/04/28 02:26:42 | 00,014,352 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie [Boot | Running])
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2008/01/21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/11/02 14:29:38 | 00,021,264 | ---- | M] (Dritek System Inc.) -- C:\Windows\system32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2008/01/21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008/01/21 03:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2009/03/19 16:32:48 | 00,023,400 | ---- | M] (GEAR Software Inc.) -- C:\Windows\system32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/01/21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2007/01/26 07:32:18 | 00,069,632 | ---- | M] () -- C:\Windows\system32\drivers\int15.sys -- (int15 [Auto | Running])
DRV - [2008/08/19 11:03:28 | 02,161,760 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/07/22 12:58:00 | 00,047,616 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\system32\DRIVERS\L1E60x86.sys -- (L1E [On_Demand | Running])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2008/01/30 10:52:06 | 00,014,848 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\system32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2008/01/17 02:35:08 | 00,122,368 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel [Auto | Running])
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2008/01/21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2009/04/25 11:39:07 | 00,130,936 | ---- | M] (PC Tools) -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore [Boot | Running])
DRV - [2008/07/30 01:53:10 | 00,018,992 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter [Boot | Running])
DRV - [2008/07/30 01:53:10 | 00,016,944 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\PSDNServ.sys -- (PSDNServ [Auto | Running])
DRV - [2008/07/30 01:53:12 | 00,060,464 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\PSDVdisk.sys -- (psdvdisk [Auto | Running])
DRV - [2008/01/21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2008/07/18 02:09:00 | 00,148,192 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService [On_Demand | Running])
DRV - [2008/06/06 03:01:50 | 00,062,464 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\drivers\RTSTOR.SYS -- (RTSTOR [On_Demand | Running])
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2008/01/21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2008/04/25 03:08:42 | 00,199,472 | ---- | M] (Synaptics, Inc.) -- C:\Windows\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2008/01/30 11:45:38 | 00,050,576 | ---- | M] (UPEK Inc.) -- C:\Windows\System32\Drivers\tcusb.sys -- (TcUsb [On_Demand | Running])
DRV - [2008/01/30 10:51:50 | 00,013,824 | ---- | M] (NewTech Infosystems Corporation) -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper [Boot | Running])
DRV - [2008/01/21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/11/07 15:23:30 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
DRV - [2008/05/29 01:54:20 | 00,022,072 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\system32\DRIVERS\usbfilter.sys -- (usbfilter [On_Demand | Running])
DRV - [2008/01/21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2007/03/28 15:51:40 | 00,043,008 | ---- | M] (Winbond Electronics Corporation) -- C:\Windows\system32\DRIVERS\winbondcir.sys -- (winbondcir [On_Demand | Running])
DRV - [2008/07/19 00:05:10 | 00,061,424 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796} [Auto | Running])
DRV - [2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy [On_Demand | Running])
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://en.us.acer.yahoo.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://homepage.acer.com/rdr.aspx?b=ACA ... pire_6530g IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.acer.com/rdr.aspx?b=ACA ... pire_6530gIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/igIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.9
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/03/21 19:21:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/04/25 12:10:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.9\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/04/27 18:19:10 | 00,000,000 | ---D | M]
[2009/04/25 12:11:03 | 00,000,000 | ---D | M] -- C:\Users\Gareth\AppData\Roaming\mozilla\Extensions
[2009/04/25 12:11:03 | 00,000,000 | ---D | M] -- C:\Users\Gareth\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/25 12:11:03 | 00,000,000 | ---D | M] -- C:\Users\Gareth\AppData\Roaming\mozilla\Firefox\Profiles\v930r8wp.default\extensions
[2009/04/25 12:10:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/04/25 12:10:17 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/09 16:09:07 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/04/09 16:09:07 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2008/01/04 16:36:50 | 00,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2006/07/05 19:47:38 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/01/04 16:36:50 | 00,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2008/03/08 10:35:22 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/09/22 20:14:04 | 00,000,759 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2008/04/16 05:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/03/28 19:11:14 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/01/04 16:36:50 | 00,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Key error. File not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" (PC Tools)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O20 - Winlogon\Notify\spba: DllName - C:\Program Files\Common Files\SPBA\homefus2.dll - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\system32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ========== [2009/05/01 17:27:53 | 00,000,000 | ---D | C] -- C:\Users\Gareth\AppData\Roaming\Malwarebytes
[2009/05/01 17:27:37 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/05/01 17:27:37 | 00,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/01 17:27:31 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/05/01 17:27:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/05/01 17:27:26 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/04/30 19:28:38 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2009/04/30 19:28:37 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2009/04/30 19:28:36 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/04/30 19:28:36 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2009/04/30 19:28:36 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2009/04/30 19:28:35 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/04/30 19:28:34 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2009/04/30 19:28:33 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2009/04/30 19:28:32 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2009/04/30 19:28:32 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2009/04/30 19:28:32 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/04/30 19:28:31 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2009/04/30 19:28:31 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2009/04/30 19:28:30 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2009/04/30 19:28:29 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/04/30 19:28:29 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/04/30 19:28:28 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2009/04/30 19:28:28 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/04/30 19:28:28 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2009/04/30 19:28:27 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2009/04/30 19:28:27 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/04/30 19:28:26 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[2009/04/30 19:28:26 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2009/04/30 19:28:25 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/04/30 19:28:24 | 00,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2009/04/30 19:28:24 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2009/04/30 19:28:24 | 00,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2009/04/30 19:28:24 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/04/30 19:28:23 | 00,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/04/30 19:28:22 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/04/30 19:28:21 | 00,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll
[2009/04/30 19:28:21 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2009/04/30 19:28:19 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2009/04/30 19:28:19 | 00,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2009/04/30 19:28:18 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009/04/30 19:28:18 | 00,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2009/04/30 19:28:17 | 00,391,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/04/30 19:28:17 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2009/04/30 19:28:13 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2009/04/30 19:28:12 | 03,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2009/04/30 19:28:12 | 00,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2009/04/30 19:28:12 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2009/04/30 19:28:11 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/04/30 19:28:11 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2009/04/30 19:28:11 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/04/30 19:28:11 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2009/04/30 19:28:11 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2009/04/30 19:28:11 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2009/04/30 19:28:09 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/04/30 19:28:08 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/04/30 19:28:06 | 00,914,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/04/30 19:28:05 | 01,206,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/04/30 19:28:03 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/04/30 19:27:59 | 11,063,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/04/30 19:27:56 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/04/28 19:05:04 | 00,286,208 | ---- | C] () -- C:\Users\Gareth\Desktop\gmer.exe
[2009/04/25 17:10:16 | 00,001,891 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2009/04/25 17:09:32 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/04/25 12:11:04 | 00,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/04/25 12:10:55 | 00,000,000 | ---D | C] -- C:\Users\Gareth\AppData\Roaming\Mozilla
[2009/04/25 12:10:29 | 00,001,728 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/04/25 12:10:07 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/04/25 11:24:21 | 00,001,878 | ---- | C] () -- C:\Users\Gareth\Desktop\HijackThis.lnk
[2009/04/25 11:24:20 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/04/19 22:28:36 | 00,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll
[2009/04/19 22:28:35 | 03,599,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/04/19 22:28:34 | 03,547,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/04/19 22:28:30 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/04/19 22:28:29 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2009/04/19 22:28:29 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2009/04/19 22:28:29 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2009/04/19 22:28:29 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2009/04/19 22:28:29 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/04/19 22:28:28 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2009/04/19 22:28:18 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2009/04/19 22:28:18 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2009/04/19 22:28:13 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
[2009/04/19 22:27:15 | 01,255,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/04/19 22:27:14 | 00,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
[2009/04/19 22:27:13 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/04/19 22:27:12 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2009/04/19 22:27:12 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2009/04/19 22:03:20 | 00,000,844 | ---- | C] () -- C:\Users\Gareth\Desktop\Free Window Registry Repair.lnk
[2009/04/19 22:03:18 | 00,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
[2009/04/19 21:26:06 | 00,002,918 | ---- | C] () -- C:\Users\Gareth\Documents\cc_20090419_212602.reg
[2009/04/11 18:45:35 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/04/11 18:44:37 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/04/11 18:44:26 | 00,000,000 | ---D | C] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/04/11 18:44:25 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/04/05 21:56:16 | 00,001,596 | ---- | C] () -- C:\Users\Gareth\Documents\cc_20090405_215612.reg
[2009/04/05 21:06:06 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2009/04/05 21:06:06 | 00,001,853 | ---- | C] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/04/05 21:06:05 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2009/04/05 21:06:01 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2009/04/05 21:05:58 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2009/04/05 21:05:58 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2009/04/05 21:04:55 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2009/04/05 21:04:55 | 00,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2009/04/05 21:04:55 | 00,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009/04/05 21:04:50 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/02/02 19:07:30 | 00,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008/10/13 02:54:32 | 00,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/10/13 02:31:25 | 00,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2008/10/13 02:18:13 | 00,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008/10/13 02:18:13 | 00,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2008/07/11 14:29:59 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/07/11 14:29:59 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/07/11 14:05:17 | 00,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2008/07/11 14:04:53 | 00,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/07/11 14:04:13 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/07/11 14:03:56 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/01/26 07:32:18 | 00,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 11:23:31 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/27 00:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 07:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/31 00:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 06:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== Files - Modified Within 30 Days ========== [2009/05/01 21:26:41 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/05/01 21:20:16 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/05/01 21:20:16 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/05/01 17:28:00 | 00,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/05/01 17:27:59 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/05/01 17:27:59 | 00,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/05/01 17:27:37 | 00,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/01 17:24:07 | 00,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2009/05/01 17:20:31 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/04/30 21:20:09 | 00,286,208 | ---- | M] () -- C:\Users\Gareth\Desktop\gmer.exe
[2009/04/30 19:45:18 | 00,299,560 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/04/25 17:10:16 | 00,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2009/04/25 12:11:04 | 00,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2009/04/25 12:10:29 | 00,001,728 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/04/25 11:39:07 | 00,130,936 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2009/04/25 11:24:21 | 00,001,878 | ---- | M] () -- C:\Users\Gareth\Desktop\HijackThis.lnk
[2009/04/19 22:03:20 | 00,000,844 | ---- | M] () -- C:\Users\Gareth\Desktop\Free Window Registry Repair.lnk
[2009/04/19 21:26:11 | 00,002,918 | ---- | M] () -- C:\Users\Gareth\Documents\cc_20090419_212602.reg
[2009/04/11 18:45:35 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/04/06 15:57:24 | 24,921,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mrt.exe
[2009/04/06 15:32:54 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/04/06 15:32:46 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/04/05 21:56:20 | 00,001,596 | ---- | M] () -- C:\Users\Gareth\Documents\cc_20090405_215612.reg
[2009/04/05 21:06:06 | 00,001,853 | ---- | M] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/04/05 21:05:56 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
========== Alternate Data Streams ========== @Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >
OTListIt Extras logfile created on: 01/05/2009 21:48:10 - Run 1
OTListIt2 by OldTimer - Version 2.0.15.2 Folder = C:\Users\Gareth\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.77 Gb Available Physical Memory | 88.56% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.04 Gb Total Space | 82.97 Gb Free Space | 57.60% Space Free | Partition Type: NTFS
Drive D: | 140.50 Gb Total Space | 140.41 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: GARETH-PC
Current User Name: Gareth
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
File not found -- Reg Error: Unknown registry data type
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile
"EnableFirewall" = 1
"DisableNotifications" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts\List
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== {681C0628-4480-4CCB-9763-ED67925E5BC1} = LPORT=63331 | PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE ONECARE |
{8B18F7F5-9B71-416E-8F1E-C69F62DC2E76} = LPORT=1900 | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (SSDP-IN) | APP=SVCHOST.EXE | SVC=SSDPSRV |
{9D1360E6-7949-482D-A23A-9628468509B5} = LPORT=2869 | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (UPNP-IN) | APP=SYSTEM |
========== Vista Active Application Exception List ========== {15080BF7-59A0-492D-B49D-8328551EF62B} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ITUNES | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{1C482208-A832-4835-9E3A-C470876ADA70} = DIR=IN | ACTION=ALLOW | NAME=ACER HOMEMEDIA | APP=C:\PROGRAM FILES\ACER ARCADE DELUXE\HOMEMEDIA\HOMEMEDIA.EXE |
{2074DDDA-6A76-4DD9-8B90-4D1EB7B805D2} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BACKUPSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\BACKUPSVC.EXE |
{33A3ED55-312C-4A28-9218-4A47F3A8C119} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=MICROSOFT OFFICE ONENOTE | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\ONENOTE.EXE |
{3AD0952B-9179-4784-BAE8-1819F07BC562} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=AGENTSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\CLIENT\AGENTSVC.EXE |
{5289D055-5DB6-4D5E-AAA4-6ACD53F92436} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=MICROSOFT OFFICE ONENOTE | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\ONENOTE.EXE |
{52E7D180-4E04-407C-A401-D2492377E5C0} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ITUNES | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{640401B4-6D5F-4789-92E2-0F0A37BCB359} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ITUNES | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{719BE244-1A09-4752-9049-C9E4DC2C48CB} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ITUNES | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{7F891A5B-61A2-4324-99EA-778792019E43} = DIR=IN | ACTION=ALLOW | NAME=ACER ARCADE DELUXE | APP=C:\PROGRAM FILES\ACER ARCADE DELUXE\ACER ARCADE DELUXE\ACER ARCADE DELUXE.EXE |
{83828E73-E67E-431E-B642-23D8522B6A89} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=SCHEDULERSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\SCHEDULERSVC.EXE |
{8E99E582-8885-4A50-84C7-A131DEFEB50E} = DIR=IN | ACTION=ALLOW | NAME=CYBERLINK POWERDIRECTOR | APP=C:\PROGRAM FILES\CYBERLINK\POWERDIRECTOR\PDR.EXE |
{A231B6F0-AEA8-4A84-AA63-F48FC382DFEC} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=AGENTSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\CLIENT\AGENTSVC.EXE |
{AFFC1EFE-D7AF-44C2-A153-0C56D1C69C2F} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BONJOUR | APP=C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE |
{B44BC2FD-0552-4440-9D6B-BDC7FCF32DED} = DIR=IN | ACTION=ALLOW | NAME=ACER PLAY MOVIE | APP=C:\PROGRAM FILES\ACER ARCADE DELUXE\PLAYMOVIE\PLAYMOVIE.EXE |
{B511639B-577C-43E4-A5EE-AFC4FE0CA430} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=BACKUPSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\BACKUPSVC.EXE |
{B6E5E3EC-4364-4BBC-886C-18FA38F825FF} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE |
{E237ABC8-09B4-44BE-A51C-394B4A329E99} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=SCHEDULERSVC.EXE | APP=C:\PROGRAM FILES\NEWTECH INFOSYSTEMS\NTI BACKUP NOW 5\SCHEDULERSVC.EXE |
{E8B93811-6BD7-4514-A2FE-0DD407480E0A} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE CALL | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\WLCSDK.EXE |
{E9700AF9-72C1-4E75-B35C-4D594BF66D9F} = DIR=IN | ACTION=ALLOW | NAME=ACER PLAY MOVIE RESIDENT PROGRAM | APP=C:\PROGRAM FILES\ACER ARCADE DELUXE\PLAYMOVIE\PMVSERVICE.EXE |
{EBF1639C-EDE5-46D3-BC1B-7814E4AD749C} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=BONJOUR | APP=C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE |
TCP Query User{44DEB1E2-FF0B-4903-8341-0C3581B6B695}C:\program files\mozilla firefox\firefox.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=FIREFOX | APP=C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE |
TCP Query User{6C099F3E-3AB7-40FE-BAF7-1E53CD2FAD02}C:\program files\spotify\spotify.exe = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=SPOTIFY | APP=C:\PROGRAM FILES\SPOTIFY\SPOTIFY.EXE |
UDP Query User{26D24CA6-2D93-43F9-ADDC-0AF5DE821785}C:\program files\spotify\spotify.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=SPOTIFY | APP=C:\PROGRAM FILES\SPOTIFY\SPOTIFY.EXE |
UDP Query User{BAFB329F-8174-4A71-A52F-F3D050F28CE8}C:\program files\mozilla firefox\firefox.exe = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=FIREFOX | APP=C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002097BB-4AFC-F885-A061-D674E5A7D586}" = Catalyst Control Center Localization Czech
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{02755AE5-6643-FF3B-E1B9-C35D88D1B519}" = Catalyst Control Center Core Implementation
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0D0E5A72-16E4-2976-1BB6-9B1588FD1688}" = CCC Help Danish
"{0D7B6373-8A37-A1FD-8AB0-43AAD69A4173}" = CCC Help Portuguese
"{0DED2BE4-B8D3-6422-613D-79619C997D03}" = CCC Help Czech
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{12F0F9AE-14C1-D9B2-3627-4E7B2E3FCC62}" = Catalyst Control Center Localization Swedish
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{13EAEF04-7E24-F813-9F5E-588ABAB48DDF}" = Catalyst Control Center Localization Spanish
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1F9DFBC7-D9C5-2F90-EB8C-1BFAA992A264}" = CCC Help Spanish
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{223E1972-08A7-6232-B8BF-AEFB0D55F131}" = Catalyst Control Center Graphics Full New
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{28043791-BCD6-349E-1358-74E91F0CC056}" = CCC Help Japanese
"{28C0E907-7C72-7E55-C9D1-822635050011}" = Catalyst Control Center Localization Russian
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{29CF0734-CBA0-E24C-6CE4-CF8CCF65E9F1}" = Catalyst Control Center Localization French
"{29E9D72B-AFAB-5EDF-DF53-FE41147CDF44}" = CCC Help Greek
"{2E4AB89A-C177-40D5-B018-B0152D3F2305}" = Catalyst Control Center - Branding
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{31DC5AB6-0E15-97EF-F8C5-507D9A4254A2}" = Catalyst Control Center Localization Portuguese
"{3C4DF11D-CDB9-9FC4-68B2-0639C35D12B3}" = CCC Help Turkish
"{44353286-A029-E150-E0AC-D5A9A7354EDC}" = CCC Help French
"{497A1721-088F-41EF-8876-B43C9DA5528B}" = ArcSoft Software Suite
"{4D5FE96A-7708-CD37-FF52-C7E00D9E4E4C}" = Catalyst Control Center Localization Hungarian
"{505DF7A3-88D5-4DD6-9AD5-C98C2ED0CEC4}" = Windows Live Sign-in Assistant
"{5095E8BE-8C1F-EDDA-8E46-8EDA4ECCDC62}" = Catalyst Control Center Localization Dutch
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5BD279D5-67E0-9088-1A3D-12F51671021D}" = Catalyst Control Center Localization Norwegian
"{5C77247B-F8B6-FAF4-1681-B5DAE7E62312}" = CCC Help Hungarian
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{6090F363-5D4F-E7D7-5ED7-031A753C3384}" = ccc-utility
"{6252C234-C8D0-5B4F-A142-AC50DBF48718}" = Catalyst Control Center Localization Korean
"{641BC1FD-F2A2-1A40-DAF7-F5A96A96D4CB}" = Catalyst Control Center Localization Polish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C55D7E5-F296-4352-CB18-D53443D26B45}" = Catalyst Control Center Localization Italian
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7157B290-394E-30E1-3B1B-D46CB6913BC8}" = Catalyst Control Center Localization Thai
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7A1D1C2B-0F70-1914-CE8D-6A1E6C928AE8}" = CCC Help Chinese Standard
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}" = Flip Words 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D36BA0E-75EC-51FB-A7B0-EB7BA6BE0A05}" = CCC Help Korean
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92894D89-0A51-C4B4-39B4-C5460544F788}" = CCC Help Russian
"{9346230F-C4A8-17D3-D096-7E8367676DD1}" = ATI Catalyst Install Manager
"{9451B7F2-1745-99D0-DEBB-D589EAD4E96C}" = CCC Help Polish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO -viewer-
"{9E569D4E-7DB4-2EF9-4E14-786507F4415D}" = CCC Help Norwegian
"{9FB10BC7-66AF-74D8-730C-937D717D7179}" = CCC Help English
"{A15FA2C2-261B-EAB2-B966-8747ACC663BB}" = ccc-core-static
"{A2FAA089-E483-8F22-1EC4-DF063D35BC07}" = CCC Help German
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A73A8DFE-C038-771D-7E02-E10489D5FDE2}" = Catalyst Control Center InstallProxy
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8.3
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B12707C5-AC65-1931-DDB4-01BDF3E8199E}" = Catalyst Control Center Localization Chinese Standard
"{B7246337-1876-A73D-4BA1-F82580ECBEFB}" = Catalyst Control Center Localization German
"{BA4022C7-73DC-0475-66D5-42F848C8689C}" = Catalyst Control Center Localization Danish
"{C3998FFF-D1A7-6EDA-A875-1E682FF97C8B}" = CCC Help Dutch
"{C7EEC93A-2A61-4B1E-B696-A264680A889D}" = MobileMe Control Panel
"{C910E5DF-2963-E060-5788-60652960B779}" = CCC Help Chinese Traditional
"{C9AEF005-E9D0-5696-609B-223A1F5895F2}" = CCC Help Thai
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC9A7C19-5B95-738F-8874-CCBD3C953265}" = Catalyst Control Center Localization Turkish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D2951D23-EA51-8B7F-21A2-41F70CE18420}" = Catalyst Control Center Localization Finnish
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}" = Safari
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD7CF461-F5F3-B13D-EB0F-D693E93732A8}" = Catalyst Control Center Localization Japanese
"{DDC3E8AB-3642-69AF-92FE-5AF21BC7674E}" = CCC Help Swedish
"{E7FDC74E-1212-26E7-F3D3-017B7EAF465D}" = Catalyst Control Center Graphics Light
"{E962C12D-980F-3FD1-4668-EFE380BAAD66}" = CCC Help Italian
"{EB1DFFCD-0910-800A-B11A-15AD9386E524}" = Catalyst Control Center Localization Greek
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FD52F0AA-76EB-D838-EF16-BB157EE9351C}" = Catalyst Control Center Graphics Full Existing
"{FDBA1DEC-67ED-BC53-F667-C679FAC0B692}" = CCC Help Finnish
"{FE6C4A72-BB28-6E2D-3EE9-F0E37ECC7EFF}" = Catalyst Control Center Localization Chinese Traditional
"Acer Acer Bio Protection 6.0.00.16" = Acer Bio Protection
AAU 6.0.00.16
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"avast!" = avast! Antivirus
"Free Window Registry Repair" = Free Window Registry Repair
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.9)" = Mozilla Firefox (3.0.9)
"Spotify" = Spotify
"Spyware Doctor" = Spyware Doctor 6.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 27/03/2009 09:18:56 | Computer Name = Gareth-PC | Source = Application Hang | ID = 1002
Description = The program SpybotSD.exe version 1.4.0.3 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 940 Start Time: 01c9aeddbd2f7289 Termination Time: 39
Error - 27/03/2009 09:20:39 | Computer Name = Gareth-PC | Source = Application Hang | ID = 1002
Description = The program SpybotSD.exe version 1.4.0.3 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: f0 Start Time: 01c9aede9a6c6139 Termination Time: 43
Error - 27/03/2009 09:25:00 | Computer Name = Gareth-PC | Source = Application Hang | ID = 1002
Description = The program SpybotSD.exe version 1.4.0.3 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 174c Start Time: 01c9aeded7e8b4a9 Termination Time: 81
Error - 27/03/2009 09:28:44 | Computer Name = Gareth-PC | Source = EventSystem | ID = 4621
Description =
Error - 29/03/2009 11:55:19 | Computer Name = Gareth-PC | Source = Application Hang | ID = 1002
Description = The program mshta.exe version 7.0.6001.18000 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: b40 Start Time: 01c9b086aa15c7fa Termination Time: 95
Error - 29/03/2009 11:55:25 | Computer Name = Gareth-PC | Source = WinMgmt | ID = 10
Description =
Error - 29/03/2009 12:06:05 | Computer Name = Gareth-PC | Source = Application Hang | ID = 1002
Description = The program SpybotSD.exe version 1.4.0.3 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 17dc Start Time: 01c9b0875ec4ff20 Termination Time: 40
Error - 29/03/2009 12:26:34 | Computer Name = Gareth-PC | Source = Application Hang | ID = 1002
Description = The program SpybotSD.exe version 1.4.0.3 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 544 Start Time: 01c9b08adcaf9640 Termination Time: 40
Error - 29/03/2009 12:29:54 | Computer Name = Gareth-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6001.18164 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 778 Start Time: 01c9b0869af3643a Termination Time: 0
Error - 29/03/2009 12:38:29 | Computer Name = Gareth-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 16/03/2009 23:02:43 | Computer Name = Gareth-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 17/03/2009 14:27:16 | Computer Name = Gareth-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 17/03/2009 14:29:11 | Computer Name = Gareth-PC | Source = HTTP | ID = 15016
Description =
Error - 17/03/2009 17:52:39 | Computer Name = Gareth-PC | Source = HTTP | ID = 15016
Description =
Error - 17/03/2009 23:02:10 | Computer Name = Gareth-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 18/03/2009 23:00:40 | Computer Name = Gareth-PC | Source = DCOM | ID = 10010
Description =
Error - 18/03/2009 23:03:29 | Computer Name = Gareth-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 19/03/2009 18:19:36 | Computer Name = Gareth-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 21/03/2009 05:53:26 | Computer Name = Gareth-PC | Source = HTTP | ID = 15016
Description =
Error - 21/03/2009 05:59:07 | Computer Name = Gareth-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
< End of report >