Hi. Here are the OTL files.
Ron
OTL logfile created on: 30/10/2010 12:46:35 - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Vista User\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 49.00% Memory free
9.00 Gb Paging File | 7.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): c:\pagefile.sys 3113 4219d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51.99 Gb Total Space | 10.34 Gb Free Space | 19.90% Space Free | Partition Type: NTFS
Drive D: | 51.98 Gb Total Space | 37.41 Gb Free Space | 71.97% Space Free | Partition Type: NTFS
Computer Name: VISTAUSER-PC | User Name: Vista User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Users\Vista User\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Norton PC Checkup\Engine\2.0.2.547\SymcPCCULaunchSvc.exe (Symantec Corporation)
PRC - C:\Users\Vista User\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe (Google)
PRC - C:\Users\Vista User\AppData\Local\Yahoo!\BrowserPlus\2.9.8\BrowserPlusCore.exe (Yahoo! Inc.)
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\ShadowExplorer\sesvc.exe (
www.shadowexplorer.com)
PRC - C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
PRC - C:\Program Files\Norton PC Checkup\Engine\2.0.2.547\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc.)
PRC - C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
PRC - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
PRC - C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
PRC - C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\PSIService.exe ()
========== Modules (SafeList) ========== MOD - C:\Users\Vista User\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\asoehook.dll (Symantec Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\microsoft.vc90.crt\msvcr90.dll (Microsoft Corporation)
MOD - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\microsoft.vc90.crt\msvcp90.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (XAudioService) -- File not found
SRV - (nosGetPlusHelper) -- C:\Program Files\NOS\bin\getPlus_Helper_3001.dll File not found
SRV - (NMIndexingService) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe File not found
SRV - (Norton PC Checkup Application Launcher) -- C:\Program Files\Norton PC Checkup\Engine\2.0.2.547\SymcPCCULaunchSvc.exe (Symantec Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe (Symantec Corporation)
SRV - (sesvc) -- C:\Program Files\ShadowExplorer\sesvc.exe (
www.shadowexplorer.com)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (PCCUJobMgr) -- C:\Program Files\Norton PC Checkup\Engine\2.0.2.547\ccSvcHst.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
========== Driver Services (SafeList) ========== DRV - (ZTEusbser6k) -- C:\Windows\System32\DRIVERS\ZTEusbser6k.sys File not found
DRV - (ZTEusbnmea) -- C:\Windows\System32\DRIVERS\ZTEusbnmea.sys File not found
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys File not found
DRV - (XAudio) -- C:\Windows\System32\DRIVERS\xaudio.sys File not found
DRV - (upperdev) -- C:\Windows\System32\DRIVERS\usbser_lowerflt.sys File not found
DRV - (UIUSys) -- C:\Windows\System32\DRIVERS\UIUSYS.SYS File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (mdmxsdk) -- C:\Windows\System32\DRIVERS\mdmxsdk.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (hwusbfake) -- C:\Windows\System32\DRIVERS\ewusbfake.sys File not found
DRV - (hwdatacard) -- C:\Windows\System32\DRIVERS\ewusbmdm.sys File not found
DRV - (HSXHWAZL) -- C:\Windows\System32\DRIVERS\HSXHWAZL.sys File not found
DRV - (EraserUtilDrvI7) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI7.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20101028.001\IDSvix86.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20101029.048\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\VirusDefs\20101029.048\NAVENG.SYS (Symantec Corporation)
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20101001.001\BHDrvx86.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\NIS\1108000.005\SYMTDIV.SYS (Symantec Corporation)
DRV - (SymIM) -- C:\Windows\System32\drivers\SymIMV.sys (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1108000.005\Ironx86.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1108000.005\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1108000.005\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1108000.005\SRTSPX.SYS (Symantec Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (ccHP) -- C:\Windows\system32\drivers\NIS\1108000.005\ccHPx86.sys (Symantec Corporation)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1108000.005\SYMDS.SYS (Symantec Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (mcdbus) -- C:\Windows\System32\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (PSDNServ) -- C:\Windows\system32\drivers\PSDNServ.sys (HiTRUST)
DRV - (psdvdisk) -- C:\Windows\system32\drivers\psdvdisk.sys (HiTRUST)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (HiTRUST)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (ialm) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys ()
DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (Cam5607) -- C:\Windows\System32\drivers\BisonC07.sys (Bison Electronics. Inc. )
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://en.uk.acer.yahoo.com IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://global.acer.com [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://global.acer.com [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://uk.mg40.mail.yahoo.com/dc/launch ... 5b30d493ofIE - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://uk.search.yahoo.com/search?ei=UTF-8&fr=ytff-tyc&p="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-tyc"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-tyc"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://uk.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.4
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 44
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100119091315
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?ei=UTF-8&fr=ytff-tyc&p="
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn\ [2010/05/26 20:46:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn\ [2010/02/12 17:54:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/29 10:41:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/29 10:41:18 | 000,000,000 | ---D | M]
[2008/11/25 15:20:50 | 000,000,000 | ---D | M] -- C:\Users\Vista User\AppData\Roaming\mozilla\Extensions
[2008/11/25 15:20:50 | 000,000,000 | ---D | M] -- C:\Users\Vista User\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2010/10/30 11:09:16 | 000,000,000 | ---D | M] -- C:\Users\Vista User\AppData\Roaming\mozilla\Firefox\Profiles\9nao40ic.default\extensions
[2010/04/29 17:55:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vista User\AppData\Roaming\mozilla\Firefox\Profiles\9nao40ic.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/06/28 17:07:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Vista User\AppData\Roaming\mozilla\Firefox\Profiles\9nao40ic.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/13 14:21:11 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Vista User\AppData\Roaming\mozilla\Firefox\Profiles\9nao40ic.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/10/19 18:46:42 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Vista User\AppData\Roaming\mozilla\Firefox\Profiles\9nao40ic.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/09/15 11:29:12 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Vista User\AppData\Roaming\mozilla\Firefox\Profiles\9nao40ic.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2008/12/17 16:39:37 | 000,000,000 | ---D | M] -- C:\Users\Vista User\AppData\Roaming\mozilla\Firefox\Profiles\9nao40ic.default\extensions\toolbar_extras@uk.yahoo.com
[2009/08/31 16:58:34 | 000,002,149 | ---- | M] () -- C:\Users\Vista User\AppData\Roaming\Mozilla\FireFox\Profiles\9nao40ic.default\searchplugins\MyStart Search.xml
[2010/10/22 12:30:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/29 17:54:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/02 11:08:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/22 12:30:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2008/09/04 01:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/11 21:56:27 | 000,031,920 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_IEGetPlugin.dll
O1 HOSTS File: ([2010/10/30 11:36:04 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94}
http://pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2}
http://bq.kp.2020.net/planner/Core/Play ... _Win32.cab (20-20 3D Viewer)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8}
http://host.cycore.net/plugins/windows/ ... .0.228.cab (Cult3D ActiveX Player)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
http://dlm.tools.akamai.com/dlmanager/v ... .2.4.1.cab (DLM Control)
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400}
http://www.myheritage.com/Genoogle/Comp ... eQuery.dll (CSEQueryObject Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F7A05BAC-9778-410A-9CDE-BFBD4D5D2B7F}
http://216.249.24.62/code/iPIX-ImageWell-ipix.cab (iPIX Media Send Class)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7}
http://utilities.pcpitstop.com/da2/PCPitStop2.cab (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Vista User\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Vista User\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/12/07 13:05:10 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000\...com [@ = ComFile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-1347133558-1696348400-1136593757-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
========== Files/Folders - Created Within 30 Days ========== [2010/10/30 12:43:32 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Vista User\Desktop\OTL.exe
[2010/10/30 11:48:07 | 000,000,000 | ---D | C] -- C:\Users\Vista User\Documents\combofix
[2010/10/30 11:41:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/10/30 11:40:55 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/10/30 11:24:31 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/10/30 11:24:30 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/10/30 11:24:30 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/10/30 11:24:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/10/30 11:23:12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/30 11:22:46 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/10/30 11:22:40 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/10/26 19:45:24 | 000,000,000 | ---D | C] -- C:\Users\Vista User\Desktop\hijack this
[2010/10/26 19:43:52 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/10/26 19:43:51 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/10/26 19:43:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/10/26 15:07:54 | 000,000,000 | ---D | C] -- C:\Users\Vista User\Documents\Hosts
[2010/10/26 13:02:22 | 000,000,000 | ---D | C] -- C:\ProgramData\PCPitstop
[2010/10/26 13:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\PCPitstop
[2010/10/25 18:30:55 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/10/25 18:27:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/10/25 17:42:10 | 000,000,000 | ---D | C] -- C:\Users\Vista User\Documents\Map Overlays
[2010/10/22 16:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2010/10/22 16:18:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2010/10/22 12:30:21 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/10/22 12:30:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/10/22 12:30:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/10/21 12:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Easy Transfer 7
[2010/10/20 18:25:02 | 000,000,000 | ---D | C] -- C:\Users\Vista User\AppData\Local\www.shadowexplorer.com
[2010/10/20 18:07:10 | 000,000,000 | ---D | C] -- C:\Program Files\ShadowExplorer
[2010/10/20 16:32:03 | 000,000,000 | ---D | C] -- C:\Users\Vista User\AppData\Roaming\Malwarebytes
[2010/10/20 16:31:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/10/20 16:31:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/10/20 16:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/20 16:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/19 15:01:42 | 000,000,000 | ---D | C] -- C:\Users\Vista User\AppData\Local\NPE
[2010/10/18 17:59:47 | 000,000,000 | ---D | C] -- C:\Users\Vista User\AppData\Roaming\vlc
[2010/10/16 14:48:19 | 000,000,000 | ---D | C] -- C:\Users\Vista User\AppData\Roaming\SUPERAntiSpyware.com
[2010/10/16 14:48:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/10/16 14:48:11 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/10/15 10:37:06 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/10/15 10:36:42 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/10/15 10:36:26 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/10/15 10:36:23 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/10/15 10:36:19 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010/10/15 10:36:19 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010/10/15 10:36:14 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/10/15 10:36:14 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/10/15 10:36:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/10/15 10:36:13 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/10/15 10:36:13 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/10/15 10:36:08 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/10/15 10:36:08 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/10/15 10:36:07 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/10/15 10:36:07 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/10/15 10:36:07 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/10/15 10:36:07 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/10/15 10:36:07 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/10/15 10:36:07 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/10/15 10:36:07 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/10/15 10:36:07 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/10/15 10:36:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/10/15 10:36:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/10/15 10:36:04 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/10/15 10:36:02 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/10/14 19:54:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\syncdb
[2010/10/13 12:11:02 | 000,108,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mswinsck.OCX
[2010/10/13 12:11:01 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSINET.OCX
[2010/10/11 13:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2010/10/11 13:24:51 | 000,000,000 | ---D | C] -- C:\Users\Vista User\Documents\Adobe
[2010/10/08 21:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\vso
[2010/10/06 19:19:47 | 000,000,000 | ---D | C] -- C:\Users\Vista User\Documents\Video to DVD Burner
[2010/10/05 20:52:30 | 000,000,000 | ---D | C] -- C:\Users\Vista User\Documents\tv license
[2010/09/30 17:08:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2008/12/13 16:25:16 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Vista User\AppData\Roaming\pcouffin.sys
[2006/12/07 13:18:24 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/10/30 12:43:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Vista User\Desktop\OTL.exe
[2010/10/30 12:19:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1347133558-1696348400-1136593757-1000UA.job
[2010/10/30 11:59:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/30 11:44:10 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/10/30 11:36:04 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/10/30 11:05:05 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/10/30 11:05:05 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/10/30 10:53:55 | 000,013,260 | ---- | M] () -- C:\Users\Vista User\AppData\Roaming\nvModes.dat
[2010/10/30 10:53:55 | 000,013,260 | ---- | M] () -- C:\Users\Vista User\AppData\Roaming\nvModes.001
[2010/10/30 10:53:49 | 000,000,436 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010/10/30 10:53:45 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/30 10:53:43 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/30 10:52:53 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/30 10:52:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/30 10:51:52 | 2951,397,376 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/29 18:33:24 | 003,894,257 | R--- | M] () -- C:\Users\Vista User\Desktop\ComboFix.exe
[2010/10/29 18:19:00 | 000,000,874 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1347133558-1696348400-1136593757-1000Core.job
[2010/10/29 10:45:16 | 000,133,632 | ---- | M] () -- C:\Users\Vista User\Desktop\RKUnhookerLE.EXE
[2010/10/28 18:21:27 | 000,084,992 | ---- | M] () -- C:\Windows\MBR.exe
[2010/10/25 18:27:46 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/10/22 16:19:27 | 000,016,968 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/10/20 12:15:53 | 000,001,356 | ---- | M] () -- C:\Users\Vista User\AppData\Local\d3d9caps.dat
[2010/10/19 21:51:33 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/10/19 17:51:30 | 000,001,659 | ---- | M] () -- C:\Users\Vista User\Desktop\Command Prompt.lnk
[2010/10/19 17:15:40 | 001,641,025 | ---- | M] () -- C:\Users\Vista User\Documents\http___us.norton.com_support_premium_services_malware_removal_guide.pdf
[2010/10/18 17:59:37 | 000,000,695 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/10/16 10:25:39 | 000,306,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/10/16 09:59:06 | 000,000,118 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2010/10/14 16:14:54 | 000,007,048 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2010/10/11 17:37:13 | 000,116,736 | RHS- | M] () -- C:\Windows\System32\mfc703.dll
[2010/10/09 10:14:19 | 000,002,437 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2010/10/08 20:34:54 | 000,001,691 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/10/30 11:24:31 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/10/30 11:24:31 | 000,084,992 | ---- | C] () -- C:\Windows\MBR.exe
[2010/10/30 11:24:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/10/30 11:24:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/10/30 11:24:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/10/29 18:33:09 | 003,894,257 | R--- | C] () -- C:\Users\Vista User\Desktop\ComboFix.exe
[2010/10/29 10:45:14 | 000,133,632 | ---- | C] () -- C:\Users\Vista User\Desktop\RKUnhookerLE.EXE
[2010/10/25 18:27:46 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/10/22 16:19:27 | 000,016,968 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/10/20 12:29:45 | 2951,397,376 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/19 17:51:30 | 000,001,659 | ---- | C] () -- C:\Users\Vista User\Desktop\Command Prompt.lnk
[2010/10/19 17:15:39 | 001,641,025 | ---- | C] () -- C:\Users\Vista User\Documents\http___us.norton.com_support_premium_services_malware_removal_guide.pdf
[2010/10/18 17:59:36 | 000,000,695 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/10/16 09:59:06 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010/10/11 17:37:13 | 000,116,736 | RHS- | C] () -- C:\Windows\System32\mfc703.dll
[2010/10/08 20:34:52 | 000,001,691 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/05/20 11:36:17 | 000,003,689 | ---- | C] () -- C:\Windows\jhvr_b24.ini
[2010/02/24 18:02:06 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2009/09/12 10:18:54 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/08/19 10:16:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/23 18:40:10 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009/02/10 22:14:42 | 000,024,206 | ---- | C] () -- C:\Users\Vista User\AppData\Roaming\UserTile.png
[2009/01/10 19:06:40 | 000,000,003 | ---- | C] () -- C:\Windows\System32\msrctp.ini
[2008/12/20 19:12:04 | 000,001,356 | ---- | C] () -- C:\Users\Vista User\AppData\Local\d3d9caps.dat
[2008/12/13 16:25:56 | 000,000,034 | ---- | C] () -- C:\Users\Vista User\AppData\Roaming\pcouffin.log
[2008/12/13 16:25:16 | 000,007,887 | ---- | C] () -- C:\Users\Vista User\AppData\Roaming\pcouffin.cat
[2008/12/13 16:25:16 | 000,001,144 | ---- | C] () -- C:\Users\Vista User\AppData\Roaming\pcouffin.inf
[2008/11/26 15:37:19 | 000,011,270 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2008/11/26 15:37:19 | 000,000,168 | RHS- | C] () -- C:\ProgramData\EBFCAC4176.sys
[2008/11/26 12:23:28 | 000,007,048 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008/11/26 12:23:28 | 000,000,168 | RHS- | C] () -- C:\Windows\System32\9DC5C30FED.sys
[2008/11/25 22:59:21 | 000,010,752 | ---- | C] () -- C:\Users\Vista User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/25 21:26:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/11/25 16:54:56 | 000,004,488 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/11/18 17:52:11 | 000,015,190 | ---- | C] () -- C:\Windows\M2000T07.ini
[2008/11/18 12:21:55 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2008/11/18 12:21:55 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008/11/18 12:20:08 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2008/11/18 12:05:49 | 000,000,037 | ---- | C] () -- C:\Windows\Acer.ini
[2008/11/18 12:05:09 | 000,013,260 | ---- | C] () -- C:\Users\Vista User\AppData\Roaming\nvModes.001
[2008/11/18 12:05:02 | 000,013,260 | ---- | C] () -- C:\Users\Vista User\AppData\Roaming\nvModes.dat
[2007/01/02 19:54:14 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007/01/02 19:53:54 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007/01/02 19:53:20 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007/01/02 19:52:40 | 000,037,376 | ---- | C] () -- C:\Windows\System32\MsnChatHook_org.dll
[2007/01/02 19:52:28 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007/01/02 19:52:26 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007/01/02 19:52:18 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/12/25 16:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/12/07 14:44:32 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2006/12/07 13:18:26 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2006/12/07 13:05:27 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\UBHelper.sys
[2006/12/07 13:04:14 | 000,198,144 | ---- | C] () -- C:\Windows\System32\_psisdecd.dll
[2006/12/02 08:24:39 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2006/12/02 08:24:39 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2006/12/02 08:24:39 | 000,204,800 | ---- | C] () -- C:\Windows\Capsule.dll
[2006/12/02 08:24:39 | 000,000,042 | ---- | C] () -- C:\Windows\PreLaunch.ini
[2006/12/02 08:24:38 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/27 00:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 07:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/31 00:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 06:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== Alternate Data Streams ========== @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:242231A9
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:0B9D8E22
< End of report >
OTL Extras logfile created on: 30/10/2010 12:46:35 - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Vista User\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 49.00% Memory free
9.00 Gb Paging File | 7.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): c:\pagefile.sys 3113 4219d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51.99 Gb Total Space | 10.34 Gb Free Space | 19.90% Space Free | Partition Type: NTFS
Drive D: | 51.98 Gb Total Space | 37.41 Gb Free Space | 71.97% Space Free | Partition Type: NTFS
Computer Name: VISTAUSER-PC | User Name: Vista User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-1347133558-1696348400-1136593757-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = ComFile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.js [@ = jsfile] -- Reg Error: Key error. File not found
.pif [@ = piffile] -- Reg Error: Key error. File not found
.txt [@ = txt_auto_file] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DisabledInterfaces" = {1B0FC5DE-E817-4556-AF9B-A879981DECB8},{67D5B339-A61F-41D1-ABC4-8A72BB01CD0C}
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{30B54185-3028-4F45-995D-D320FEBDA8DB}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{519F4B40-188D-4E10-8220-0D705F46F68B}" = lport=1900 | protocol=17 | dir=in | name=udp 1900 |
"{66119A97-E30B-4CC6-B296-AFC9F2AB8817}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=c:\windows\system32\svchost.exe |
"{71DBEE56-1E91-4154-86A4-2A909BE07B55}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=c:\windows\system32\svchost.exe |
"{7CD06B0D-F173-4FB5-92A1-7C33415539C1}" = lport=2869 | protocol=6 | dir=in | name=tcp 2869 |
"{86603039-3C0F-4281-A9C9-C812F172938D}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=c:\windows\system32\svchost.exe |
"{A917F24F-33D4-4CE6-A1E0-8C22910A88BD}" = rport=2869 | protocol=6 | dir=out | app=system |
"{AE8BB805-9672-42D4-B29F-2ACC6045CA7C}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=c:\windows\system32\svchost.exe |
"{CA686F79-E49C-4A6D-B24A-7D74145A22A3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D292691C-017A-41D9-8542-DAB4940F9F24}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{D80D679C-440A-4D58-9453-876804EC4DA5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{E9291034-D08D-46DE-B523-2532E9DC316F}" = lport=49159 | protocol=6 | dir=in | name=akamai netsession interface |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0883EFEB-8A75-4575-A3EB-FA8AECF7475B}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{132CCF05-A9B4-4A76-899F-3D5F383B5745}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{199F91E1-415F-4E45-8FF3-BB4D489822A4}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{458CF7C5-2C60-4323-B4D2-534B28FC7B2A}" = protocol=17 | dir=in | app=c:\users\vista user\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{5D066C6C-F1DD-43B0-AD6F-F9E9EB9A5025}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{6418DFE6-1BCA-45C4-960F-5A203B9B64D3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{66342D41-8DEB-4D04-9270-36938D3BA2AA}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{72BADA08-984F-4069-A5AC-53E21AD87631}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7B492361-4B35-48BC-8311-B0D48EB1295E}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{876A966C-EE93-49C3-B1EC-1DE5F84D07CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{958CC127-30B5-43B7-B0E6-4F3D343F6BDF}" = protocol=17 | dir=in | app=c:\users\vista user\appdata\local\google\google talk plugin\googletalkplugin.dll |
"{A0E7CC27-D826-4520-AE6D-249955D7F0F9}" = dir=out | svc=sharedaccess | app=c:\windows\system32\svchost.exe |
"{A53F2ED5-0DF9-4DDD-B26C-D0F623B40C61}" = protocol=6 | dir=in | app=d:\program files\ea games\battlefield 2\bf2.exe |
"{B4CFF8DC-8AB2-4E5B-AB1F-503E94466906}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BCB09164-CCB1-4CA2-ADB5-07DD2FA57724}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe |
"{C27EA940-9427-44F1-9D4D-000823DCE74E}" = protocol=6 | dir=in | app=c:\users\vista user\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{F30CD73B-7FFF-4825-8DB6-CE54EB6BCC0B}" = protocol=6 | dir=in | app=c:\users\vista user\appdata\local\google\google talk plugin\googletalkplugin.dll |
"{F6668DA4-B315-40DB-82CA-E88BBC1976BA}" = protocol=17 | dir=in | app=d:\program files\ea games\battlefield 2\bf2.exe |
"{FFD549C9-1AC3-4189-9202-4BD4EB05C3C3}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411" = CanoScan LiDE 70
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 22
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Acer OrbiCam
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{58F58158-8DFE-31DA-AC1F-7E5D89A0F74F}" = Google Talk Plugin
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{6009F2FC-EC56-4e28-B91C-0BA5104D6419}" = SF_CDA_Software
"{601F42A9-8B4F-4650-A472-4CA8325E3E87}" = D6100
"{628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0}" = Acrobat.com
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{714B6179-84C4-4FBE-B934-B6CF75ED37A5}" = D6100_D7100_D7300_Help
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DB27D3-FE05-4227-AF5A-11CD101ECF09}" = Corel Graphics - Windows Shell Extension
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78225D0F-D12C-09E4-5D6D-A64D763E8982}" = BBC iPlayer Desktop
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9718521B-A345-4ad9-A52B-74D1435FB708}" = SF_CDA_ProductContext
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{981DE354-9301-440f-AAFC-025AA2354A93}" = HP Deskjet & Photosmart Printer Driver Software 8.0.A
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = 3Connect
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEEAE013-92F1-4515-B278-139F1A692A35}" = Acer eDataSecurity Management
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B3FB6B55-C271-44FC-BA03-BBD8B2EA6EEF}" = Memory-Map OS Edition Version 5
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B2}" = WinZip 11.2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer OrbiCam
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}" = CorelDRAW Graphics Suite X5 - EN
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"Adobe Acrobat 7.0 Professional" = Adobe Acrobat 7.1.0 Professional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"FastStone Image Viewer" = FastStone Image Viewer 3.6
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"HitmanPro35" = Hitman Pro 3.5
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"Huawei Modems" = Huawei modem
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"LManager" = Launch Manager
"Magic DVD Copier_is1" = Magic DVD Copier Version 4.9.1
"Magic DVD Ripper_is1" = Magic DVD Ripper V5.3 build 7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"NIS" = Norton Internet Security
"NortonPCCheckup" = Norton PC Checkup
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"ShadowExplorer_is1" = ShadowExplorer 0.7
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.4
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Search Defender" = Yahoo! Search Protection
"YInstHelper" = Yahoo! Install Manager
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1347133558-1696348400-1136593757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 19/11/2009 09:04:24 | Computer Name = VistaUser-PC | Source = Application Hang | ID = 1002
Description = The program TomTomHOMERuntime.exe version 1.9.1.3443 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1328 Start Time: 01ca6918a182138b Termination Time: 289
Error - 20/11/2009 10:47:17 | Computer Name = VistaUser-PC | Source = Google Update | ID = 20
Description =
Error - 20/11/2009 13:43:28 | Computer Name = VistaUser-PC | Source = Application Hang | ID = 1002
Description = The program MagicDVDCopier.exe version 4.9.0.0 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1300 Start Time: 01ca69fccd495250 Termination Time: 279
Error - 20/11/2009 13:56:23 | Computer Name = VistaUser-PC | Source = Application Hang | ID = 1002
Description = The program Cdmkr32.exe version 7.7.0.9 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 1dc8 Start Time: 01ca6a0aa0ddd430 Termination Time: 28
Error - 20/11/2009 13:58:03 | Computer Name = VistaUser-PC | Source = Application Hang | ID = 1002
Description = The program Cdmkr32.exe version 7.7.0.9 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 1924 Start Time: 01ca6a0ad9eb1580 Termination Time: 29
Error - 20/11/2009 14:45:48 | Computer Name = VistaUser-PC | Source = Application Hang | ID = 1002
Description = The program MagicDVDCopier.exe version 4.9.0.0 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 934 Start Time: 01ca6a0b17cbfef0 Termination Time: 2335
Error - 20/11/2009 16:23:00 | Computer Name = VistaUser-PC | Source = Application Error | ID = 1000
Description = Faulting application MagicDVDCopier.exe, version 4.9.0.0, time stamp
0x494606f1, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x00000000, process id 0x1624, application start time
0x01ca6a193598e660.
Error - 23/11/2009 13:26:32 | Computer Name = VistaUser-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18828, time stamp
0x4a9600c9, faulting module yt.dll, version 2008.7.28.1, time stamp 0x488da12a,
exception code 0xc0000005, fault offset 0x00056d54, process id 0x11a0, application
start time 0x01ca6c60fa660c37.
Error - 23/11/2009 19:03:20 | Computer Name = VistaUser-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18828 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 17bc Start Time: 01ca6c1e4bb24927 Termination Time: 0
Error - 27/11/2009 05:00:09 | Computer Name = VistaUser-PC | Source = Google Update | ID = 20
Description =
[ System Events ]
Error - 29/10/2010 12:20:47 | Computer Name = VistaUser-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 17:16:39 on 29/10/2010 was unexpected.
Error - 29/10/2010 12:21:49 | Computer Name = VistaUser-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 29/10/2010 12:21:49 | Computer Name = VistaUser-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 29/10/2010 12:22:02 | Computer Name = VistaUser-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 30/10/2010 05:53:38 | Computer Name = VistaUser-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 30/10/2010 05:53:38 | Computer Name = VistaUser-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 30/10/2010 05:53:45 | Computer Name = VistaUser-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 30/10/2010 06:26:34 | Computer Name = VistaUser-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 30/10/2010 06:26:36 | Computer Name = VistaUser-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 30/10/2010 06:36:09 | Computer Name = VistaUser-PC | Source = Service Control Manager | ID = 7030
Description =
< End of report >