Diagnostic Report (1.9.0011.0):
-----------------------------------------
WGA Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-XY9X3-JDXYP-6CJ97
Windows Product Key Hash: xFQJU8srKsovk6p1Lk1yW93in4E=
Windows Product ID: 89578-OEM-7332157-00211
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.0.6001.2.00010300.1.0.003
ID: {B81D88C0-1EB9-4F6A-A128-29AA11F85B8A}(1)
Is Admin: Yes
TestCab: 0x0
WGA Version: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows Vista (TM) Home Premium
Architecture: 0x00000000
Build lab: 6001.vistasp1_gdr.090805-0102
TTS Error:
Validation Diagnostic:
Resolution Status: N/A
WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
WGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 100 Genuine
Microsoft Office Home and Student 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{B81D88C0-1EB9-4F6A-A128-29AA11F85B8A}</UGUID><Version>1.9.0011.0</Version><OS>6.0.6001.2.00010300.1.0.003</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-6CJ97</PKey><PID>89578-OEM-7332157-00211</PID><PIDType>2</PIDType><SID>S-1-5-21-887134994-1243305392-2542070696</SID><SYSTEM><Manufacturer>Acer</Manufacturer><Model>Aspire X3200</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>R01-B3</Version><SMBIOSVersion major="2" minor="5"/><Date>20090401000000.000000+000</Date></BIOS><HWID>C7333507018400F2</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>ACRSYS</OEMID><OEMTableID>ACRPRDCT</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><Val>7B346FE747BB70E</Val><Hash>PxJQkgQsrWdg+R2ep+lnGj0uQSQ=</Hash><Pid>81602-903-6966942-68734</Pid><PidType>1</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>
Spsys.log Content: 0x80070002
Licensing Data-->
Software licensing service version: 6.0.6001.18000
Name: Windows(TM) Vista, HomePremium edition
Description: Windows Operating System - Vista, OEM_SLP channel
Activation ID: bffdc375-bbd5-499d-8ef1-4f37b61c895f
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 89578-00146-321-500211-02-1033-6001.0000-2762009
Installation ID: 258364052235584650673735192781181785029685568030734233
Processor Certificate URL:
http://go.microsoft.com/fwlink/?LinkID=43473Machine Certificate URL:
http://go.microsoft.com/fwlink/?LinkID=43474Use License URL:
http://go.microsoft.com/fwlink/?LinkID=43476Product Key Certificate URL:
http://go.microsoft.com/fwlink/?LinkID=43475Partial Product Key: 6CJ97
License Status: Licensed
HWID Data-->
N/A, hr = 0x8007000d
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20000
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC ACRSYS ACRPRDCT
FACP ACRSYS ACRPRDCT
HPET ACRSYS ACRPRDCT
MCFG ACRSYS ACRPRDCT
SSDT PTLTD POWERNOW
SLIC ACRSYS ACRPRDCT
OTL logfile created on: 28/11/2009 10:40:33 - Run 1
OTL by OldTimer - Version 3.1.11.1 Folder = C:\Users\adam\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 80.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.15 Gb Total Space | 90.41 Gb Free Space | 64.98% Space Free | Partition Type: NTFS
Drive D: | 74.50 Gb Total Space | 47.70 Gb Free Space | 64.03% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 142.94 Gb Total Space | 142.84 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ADAM
Current User Name: adam
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2009/11/28 10:39:25 | 00,535,040 | ---- | M] (OldTimer Tools) -- C:\Users\Adam\Downloads\OTL.exe
PRC - [2009/11/27 13:49:14 | 00,478,208 | ---- | M] () -- C:\Windows\System32\qtplugin.exe
PRC - [2009/11/19 19:30:32 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/11/19 19:30:31 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2009/11/19 19:30:31 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/19 19:30:31 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/19 19:30:31 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009/11/19 19:30:31 | 00,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/11/19 19:30:17 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2009/11/19 19:30:17 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009/11/19 18:53:17 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/29 06:54:44 | 01,218,008 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/10/06 13:41:56 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/09/21 15:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/09/21 15:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/09/02 14:27:36 | 25,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/09/02 14:27:36 | 00,077,360 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
PRC - [2009/08/28 18:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/03 19:05:02 | 00,238,888 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
PRC - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/07/08 13:48:48 | 00,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/03/11 19:11:14 | 00,210,216 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/02/06 16:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/12/08 17:57:00 | 00,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2008/10/29 06:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/01 19:44:00 | 00,319,488 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
PRC - [2008/10/01 19:43:56 | 00,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008/09/23 22:11:34 | 00,144,632 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2008/07/30 01:53:00 | 00,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/07/30 01:52:50 | 00,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008/06/13 04:17:38 | 00,241,734 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2008/05/21 01:50:50 | 00,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008/03/26 05:21:30 | 05,369,856 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/29 20:25:10 | 00,598,016 | ---- | M] () -- C:\Program Files\bin32\nSvcAppFlt.exe
PRC - [2008/01/29 20:24:46 | 00,163,840 | ---- | M] () -- C:\Program Files\bin32\nSvcIp.exe
PRC - [2008/01/21 02:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/01/21 02:24:59 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008/01/21 02:24:54 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2008/01/21 02:23:32 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2005/01/29 01:09:42 | 00,876,649 | ---- | M] (BT Voyager Corporation) -- C:\Windows\System32\bcmwltry.exe
PRC - [2005/01/29 01:09:42 | 00,696,422 | ---- | M] (BT Voyager Corporation) -- C:\Windows\System32\wltray.exe
PRC - [2005/01/19 10:01:22 | 00,065,536 | ---- | M] () -- C:\Windows\System32\wltrysvc.exe
========== Modules (SafeList) ========== MOD - [2009/11/28 10:39:25 | 00,535,040 | ---- | M] (OldTimer Tools) -- C:\Users\Adam\Downloads\OTL.exe
MOD - [2009/11/19 19:30:38 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2009/03/11 19:11:16 | 00,014,032 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2008/01/21 02:23:44 | 01,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
========== Win32 Services (SafeList) ========== SRV - [2009/11/19 19:30:17 | 00,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2009/11/19 19:30:17 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/09/21 15:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/08/28 18:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/07/08 13:48:48 | 00,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/03/11 19:11:14 | 00,210,216 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/12/08 17:57:00 | 00,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2008/10/01 19:43:56 | 00,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/09/23 22:11:34 | 00,144,632 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008/09/23 22:11:32 | 00,050,424 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008/07/30 01:53:00 | 00,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/07/03 05:51:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2008/06/13 04:17:38 | 00,241,734 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2008/05/21 01:50:50 | 00,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008/01/29 20:25:10 | 00,598,016 | ---- | M] () -- C:\Program Files\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008/01/29 20:24:46 | 00,163,840 | ---- | M] () -- C:\Program Files\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2008/01/21 02:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/24 11:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 22:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/01/19 10:01:22 | 00,065,536 | ---- | M] () -- C:\Windows\System32\wltrysvc.exe -- (wltrysvc)
SRV - [2002/12/17 16:26:22 | 07,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 16:23:30 | 00,311,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
========== Driver Services (SafeList) ========== DRV - [2009/11/19 19:30:38 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009/11/19 19:30:34 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/11/19 19:30:34 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/10/21 17:37:49 | 00,047,360 | ---- | M] (VSO Software) -- C:\Windows\System32\drivers\pcouffin.sys -- (pcouffin)
DRV - [2009/10/03 17:26:12 | 00,017,801 | ---- | M] (Meetinghouse Data Communications) -- C:\Windows\System32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2009/09/16 09:22:48 | 00,214,664 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 09:22:48 | 00,079,816 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 09:22:48 | 00,040,552 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 09:22:48 | 00,035,272 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 09:22:14 | 00,034,248 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/07/16 11:32:26 | 00,130,424 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/04/30 22:03:08 | 06,754,712 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam E3500(UVC)
DRV - [2009/04/06 12:19:46 | 00,023,064 | ---- | M] (Screaming Bee LLC) -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2008/12/10 15:56:26 | 00,017,792 | ---- | M] (Avnex) -- C:\Windows\System32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV - [2008/12/08 17:57:00 | 07,391,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/10/01 18:04:16 | 00,012,832 | ---- | M] (Acer, Inc.) -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/07/30 01:53:12 | 00,060,464 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\drivers\PSDVdisk.sys -- (psdvdisk)
DRV - [2008/07/30 01:53:10 | 00,018,992 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2008/07/30 01:53:10 | 00,016,944 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2008/03/26 10:35:54 | 02,103,512 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/03/22 15:18:44 | 00,043,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/01/30 09:52:06 | 00,014,848 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008/01/30 09:51:50 | 00,013,824 | ---- | M] (NewTech Infosystems Corporation) -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2008/01/29 05:55:00 | 01,042,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/25 12:02:02 | 00,140,832 | ---- | M] () -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008/01/21 02:24:12 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/01/21 02:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 02:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 02:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 02:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 02:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 02:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 02:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 02:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 02:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 02:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 02:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 02:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 02:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 02:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 02:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 02:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 02:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 02:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 02:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 02:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 02:23:21 | 00,073,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/21 02:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 02:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 02:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 02:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 02:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/12 08:53:10 | 00,013,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/09/25 14:59:46 | 00,015,152 | ---- | M] () -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2006/11/02 09:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 09:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 09:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 09:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 09:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 09:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 09:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 09:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 09:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 09:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 09:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 08:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 08:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 08:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 08:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 08:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 08:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 07:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 06:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.acer.com/rdr.aspx?b=ACA ... pire_x3200IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://homepage.acer.com/rdr.aspx?b=ACA ... pire_x3200 IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-887134994-1243305392-2542070696-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.acer.com/rdr.aspx?b=ACA ... pire_x3200IE - HKU\S-1-5-21-887134994-1243305392-2542070696-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://global.acer.com [binary data]
IE - HKU\S-1-5-21-887134994-1243305392-2542070696-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-887134994-1243305392-2542070696-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-887134994-1243305392-2542070696-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://global.acer.com [binary data]
IE - HKU\S-1-5-21-887134994-1243305392-2542070696-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://homepage.acer.com/rdr.aspx?b=ACA ... pire_x3200IE - HKU\S-1-5-21-887134994-1243305392-2542070696-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-887134994-1243305392-2542070696-1000\S-1-5-21-887134994-1243305392-2542070696-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-887134994-1243305392-2542070696-1000\S-1-5-21-887134994-1243305392-2542070696-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://facebook.com"
FF - prefs.js..extensions.enabledItems:
toolbar@ask.com:3.5.1.110
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.701
FF - prefs.js..extensions.enabledItems: {fffe0eac-3819-4561-8aa9-178a68450d4f}:1.9
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.9
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2009/10/05 17:29:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/11/19 19:30:17 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/19 18:53:27 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/26 09:54:10 | 00,000,000 | ---D | M]
[2009/10/17 15:50:04 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Mozilla\Extensions
[2009/10/17 15:50:04 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Mozilla\Extensions\contact@callgraph.in
[2009/11/27 13:50:26 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\nfqifbzn.default\extensions
[2009/11/02 19:03:08 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\nfqifbzn.default\extensions\{fffe0eac-3819-4561-8aa9-178a68450d4f}
[2009/11/21 10:53:51 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\nfqifbzn.default\extensions\toolbar@ask.com
[2009/11/14 16:37:40 | 00,002,653 | ---- | M] () -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\nfqifbzn.default\searchplugins\kickasstorrents.xml
[2009/11/28 10:33:25 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/03/09 23:16:44 | 00,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[2009/11/19 18:53:20 | 00,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2009/11/19 18:53:20 | 00,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/11/19 18:53:21 | 00,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/11/19 18:53:21 | 00,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-887134994-1243305392-2542070696-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RegistryMonitor1] C:\Windows\System32\qtplugin.exe ()
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [wltray.exe] C:\Windows\System32\wltray.exe (BT Voyager Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-887134994-1243305392-2542070696-1000..\Run: [irnnf] C:\Users\adam\Downloads\dhifele.exe File not found
O4 - HKU\S-1-5-21-887134994-1243305392-2542070696-1000..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-21-887134994-1243305392-2542070696-1000..\Run: [syvts] C:\Users\adam\Downloads\audntpv.exe File not found
O4 - HKU\S-1-5-21-887134994-1243305392-2542070696-1000..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (nvrtm) - File not found
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 30 Days ========== [2009/11/28 10:38:13 | 00,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2009/11/28 10:37:20 | 00,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2009/11/26 09:59:24 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/11/26 09:58:29 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/11/25 11:27:14 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2009/11/24 12:09:13 | 00,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\Temporary Projects
[2009/11/24 11:49:33 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Resource Kits
[2009/11/23 21:47:12 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2009/11/23 21:46:07 | 00,000,000 | ---D | C] -- C:\Users\adam\Documents\Visual Studio 2008
[2009/11/23 21:45:55 | 00,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\Microsoft Help
[2009/11/23 21:43:36 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2009/11/23 21:43:15 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2009/11/21 10:46:42 | 00,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\ImgBurn
[2009/11/21 10:36:44 | 00,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2009/11/21 10:18:51 | 00,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2009/11/19 19:30:40 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/11/19 19:30:38 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2009/11/19 19:30:38 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2009/11/19 19:30:34 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/11/19 19:30:34 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/11/19 19:30:33 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2009/11/19 19:30:17 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/11/19 19:30:16 | 00,000,000 | ---D | C] -- C:\ProgramData\avg9
[2009/11/19 18:40:39 | 00,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2009/11/19 17:58:35 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/11/19 16:36:44 | 02,035,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2009/11/19 16:35:38 | 00,195,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2009/11/18 21:06:21 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/11/18 21:06:21 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/11/18 20:45:38 | 00,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Malwarebytes
[2009/11/18 20:45:31 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/18 20:45:31 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/11/15 20:29:43 | 00,000,000 | ---D | C] -- C:\Program Files\Quantum
[2009/11/13 13:33:31 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2009/11/11 13:53:14 | 00,000,000 | ---D | C] -- C:\Users\Adam\AppData\Local\LogiShrd
[2009/11/11 13:52:41 | 00,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Leadertech
[2009/11/11 13:49:36 | 00,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2009/11/11 13:49:35 | 00,000,000 | ---D | C] -- C:\Program Files\Logitech
[2009/11/11 13:41:25 | 00,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Blitware
[2009/11/11 13:41:22 | 00,000,000 | ---D | C] -- C:\Program Files\Driver Robot
[2009/11/11 11:28:09 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2009/11/11 11:28:09 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi(543).dll
[2009/11/09 22:03:10 | 00,000,000 | ---D | C] -- C:\Program Files\Web Site Change Monitor
[2009/11/06 20:26:40 | 00,000,000 | ---D | C] -- C:\Games
[2009/11/02 16:28:54 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/11/01 16:28:02 | 00,000,000 | ---D | C] -- C:\.jagex_cache_32
[2009/10/21 17:37:49 | 00,047,360 | ---- | C] (VSO Software) -- C:\Users\Adam\AppData\Roaming\pcouffin.sys
[2009/01/09 16:51:34 | 00,049,152 | R--- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
========== Files - Modified Within 30 Days ========== [2009/11/28 10:41:47 | 00,012,800 | ---- | M] () -- C:\Windows\System32\tdlclk.dll
[2009/11/28 10:39:54 | 02,097,152 | -HS- | M] () -- C:\Users\adam\NTUSER.DAT
[2009/11/28 10:37:37 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/28 10:37:37 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/28 10:37:34 | 45,855,703 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/11/28 10:37:15 | 00,105,805 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/11/28 10:36:47 | 00,024,064 | ---- | M] () -- C:\Windows\System32\tdlcmd.dll
[2009/11/28 10:36:37 | 00,717,234 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/11/28 10:36:37 | 00,617,772 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/11/28 10:36:37 | 00,113,132 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/11/28 10:32:54 | 00,021,107 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2009/11/28 10:32:02 | 00,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2009/11/28 10:31:55 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/11/28 10:31:45 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/11/28 10:31:08 | 29,511,72096 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/28 10:31:01 | 00,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2009/11/27 23:16:10 | 00,524,288 | -HS- | M] () -- C:\Users\adam\NTUSER.DAT{7e1dcd69-d522-11de-9516-0016e3b4ac37}.TMContainer00000000000000000001.regtrans-ms
[2009/11/27 23:16:10 | 00,065,536 | -HS- | M] () -- C:\Users\adam\NTUSER.DAT{7e1dcd69-d522-11de-9516-0016e3b4ac37}.TM.blf
[2009/11/27 23:15:50 | 03,422,575 | -H-- | M] () -- C:\Users\adam\AppData\Local\IconCache.db
[2009/11/27 23:12:23 | 00,000,038 | ---- | M] () -- C:\Users\adam\jagex_runescape_preferences.dat
[2009/11/27 23:11:05 | 00,000,063 | ---- | M] () -- C:\Users\adam\jagex_runescape_preferences2.dat
[2009/11/27 13:49:14 | 00,478,208 | ---- | M] () -- C:\Windows\System32\qtplugin.exe
[2009/11/25 16:49:05 | 00,001,558 | ---- | M] () -- C:\Users\Public\Desktop\Pool Sharks.lnk
[2009/11/21 10:36:48 | 00,001,654 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2009/11/21 09:41:51 | 00,297,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/11/20 21:18:06 | 00,034,816 | ---- | M] () -- C:\Users\adam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/20 14:20:30 | 00,000,049 | ---- | M] () -- C:\Windows\wininit.ini
[2009/11/19 19:30:38 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2009/11/19 19:30:38 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2009/11/19 19:30:38 | 00,001,651 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2009/11/19 19:30:34 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/11/19 19:30:34 | 00,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2009/11/19 19:30:34 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/11/19 19:30:33 | 06,061,540 | ---- | M] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2009/11/19 19:30:33 | 00,492,629 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2009/11/19 17:58:35 | 00,001,878 | ---- | M] () -- C:\Users\adam\Desktop\HijackThis.lnk
[2009/11/19 16:17:46 | 00,065,024 | ---- | M] () -- C:\Windows\System32\g98iu.ge
[2009/11/19 16:17:46 | 00,032,768 | ---- | M] () -- C:\Windows\System32\4fh5u.bbv
[2009/11/19 16:17:04 | 00,070,104 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2009/11/19 16:16:50 | 00,008,224 | ---- | M] () -- C:\Users\adam\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/11/19 16:13:49 | 00,524,288 | -HS- | M] () -- C:\Users\adam\NTUSER.DAT{7e1dcd69-d522-11de-9516-0016e3b4ac37}.TMContainer00000000000000000002.regtrans-ms
[2009/11/19 16:12:38 | 05,505,024 | -HS- | M] () -- C:\Users\adam\ntuser.dat_previous
[2009/11/19 16:12:37 | 00,524,288 | -HS- | M] () -- C:\Users\adam\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009/11/19 16:12:37 | 00,065,536 | -HS- | M] () -- C:\Users\adam\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2009/11/11 14:04:58 | 00,134,158 | ---- | M] () -- C:\Users\adam\Documents\Driver Analysis for ADAM.html
[2009/11/08 20:50:59 | 00,035,840 | ---- | M] () -- C:\Users\adam\Desktop\Types of Business.doc
[2009/11/07 11:56:21 | 00,000,671 | ---- | M] () -- C:\Users\adam\AppData\Roaming\vso_ts_preview.xml
[2009/11/02 20:42:06 | 00,195,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2009/11/02 16:35:56 | 00,042,098 | ---- | M] () -- C:\Users\adam\Documents\cc_20091102_163455.reg
[2009/10/29 20:01:10 | 00,112,737 | ---- | M] () -- C:\Users\adam\Documents\Untitled.wma
[2009/10/29 19:35:57 | 00,144,056 | ---- | M] () -- C:\Users\adam\Documents\~emo_penguin~_29_10_2009@19_35_00.wav
[2009/10/29 19:32:10 | 00,227,256 | ---- | M] () -- C:\Users\adam\Documents\~emo_penguin~_29_10_2009@19_31_19.wav
========== Files Created - No Company Name ========== [2009/11/27 13:49:17 | 00,478,208 | ---- | C] () -- C:\Windows\System32\qtplugin.exe
[2009/11/25 16:49:05 | 00,001,558 | ---- | C] () -- C:\Users\Public\Desktop\Pool Sharks.lnk
[2009/11/21 16:51:05 | 00,024,064 | ---- | C] () -- C:\Windows\System32\tdlcmd.dll
[2009/11/21 16:51:05 | 00,012,800 | ---- | C] () -- C:\Windows\System32\tdlclk.dll
[2009/11/21 11:42:52 | 00,000,063 | ---- | C] () -- C:\Users\adam\jagex_runescape_preferences2.dat
[2009/11/21 11:42:48 | 00,000,038 | ---- | C] () -- C:\Users\adam\jagex_runescape_preferences.dat
[2009/11/21 10:36:48 | 00,001,654 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2009/11/20 14:20:30 | 00,000,049 | ---- | C] () -- C:\Windows\wininit.ini
[2009/11/19 19:30:38 | 00,001,651 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2009/11/19 19:30:34 | 00,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2009/11/19 19:30:33 | 45,855,703 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/11/19 19:30:33 | 06,061,540 | ---- | C] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2009/11/19 19:30:33 | 00,492,629 | ---- | C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2009/11/19 19:30:33 | 00,105,805 | ---- | C] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/11/19 17:58:35 | 00,001,878 | ---- | C] () -- C:\Users\adam\Desktop\HijackThis.lnk
[2009/11/19 16:27:42 | 29,511,72096 | -HS- | C] () -- C:\hiberfil.sys
[2009/11/19 16:17:46 | 00,065,024 | ---- | C] () -- C:\Windows\System32\g98iu.ge
[2009/11/19 16:17:46 | 00,032,768 | ---- | C] () -- C:\Windows\System32\4fh5u.bbv
[2009/11/19 16:13:49 | 00,524,288 | -HS- | C] () -- C:\Users\adam\NTUSER.DAT{7e1dcd69-d522-11de-9516-0016e3b4ac37}.TMContainer00000000000000000002.regtrans-ms
[2009/11/19 16:13:49 | 00,524,288 | -HS- | C] () -- C:\Users\adam\NTUSER.DAT{7e1dcd69-d522-11de-9516-0016e3b4ac37}.TMContainer00000000000000000001.regtrans-ms
[2009/11/19 16:13:49 | 00,065,536 | -HS- | C] () -- C:\Users\adam\NTUSER.DAT{7e1dcd69-d522-11de-9516-0016e3b4ac37}.TM.blf
[2009/11/11 14:04:57 | 00,134,158 | ---- | C] () -- C:\Users\adam\Documents\Driver Analysis for ADAM.html
[2009/11/08 20:50:58 | 00,035,840 | ---- | C] () -- C:\Users\adam\Desktop\Types of Business.doc
[2009/11/02 16:35:04 | 00,042,098 | ---- | C] () -- C:\Users\adam\Documents\cc_20091102_163455.reg
[2009/10/29 20:01:10 | 00,112,737 | ---- | C] () -- C:\Users\adam\Documents\Untitled.wma
[2009/10/29 19:35:57 | 00,144,056 | ---- | C] () -- C:\Users\adam\Documents\~emo_penguin~_29_10_2009@19_35_00.wav
[2009/10/29 19:32:10 | 00,227,256 | ---- | C] () -- C:\Users\adam\Documents\~emo_penguin~_29_10_2009@19_31_19.wav
[2009/10/21 17:39:41 | 00,000,671 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\vso_ts_preview.xml
[2009/10/21 17:38:57 | 00,000,034 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\pcouffin.log
[2009/10/21 17:37:49 | 00,087,608 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\inst.exe
[2009/10/21 17:37:49 | 00,007,887 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\pcouffin.cat
[2009/10/21 17:37:49 | 00,001,144 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\pcouffin.inf
[2009/10/20 17:21:59 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009/10/03 18:55:05 | 00,034,816 | ---- | C] () -- C:\Users\Adam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/03 17:20:37 | 00,003,126 | ---- | C] () -- C:\Windows\System32\bcmwlhom.ini
[2009/04/30 21:39:36 | 00,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/01/09 18:29:31 | 00,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009/01/09 18:19:34 | 00,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2009/01/09 16:50:50 | 00,140,832 | ---- | C] () -- C:\Windows\System32\drivers\nvstor32.sys
[2006/11/02 12:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 07:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/10/11 08:23:13 | 00,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2006/10/11 08:23:13 | 00,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
========== LOP Check ========== [2009/10/14 21:07:10 | 00,000,000 | -HSD | M] -- C:\Users\Adam\AppData\Roaming\.#
[2009/01/09 19:00:58 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Acer GameZone Console
[2009/11/11 13:41:25 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Blitware
[2009/10/20 17:14:13 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Broad Intelligence
[2009/10/17 15:55:47 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Call Graph
[2009/11/21 10:58:15 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\ImgBurn
[2009/11/11 13:52:41 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Leadertech
[2009/11/17 16:13:58 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Pamela
[2009/10/08 15:00:34 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Publish Providers
[2009/10/11 21:20:40 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Screaming Bee
[2009/10/17 15:50:02 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Sedna Wireless
[2009/10/08 15:00:17 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Sony
[2009/11/25 11:27:52 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\uTorrent
[2009/11/07 11:56:22 | 00,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Vso
[2009/01/09 19:00:58 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2009/01/09 19:00:58 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2009/01/09 18:45:09 | 00,000,340 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2009/01/09 18:45:09 | 00,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2009/11/27 23:16:03 | 00,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:8927A071
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:F3176E45
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:AB689DEA
< End of report >
OTL Extras logfile created on: 28/11/2009 10:40:33 - Run 1
OTL by OldTimer - Version 3.1.11.1 Folder = C:\Users\adam\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 80.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.15 Gb Total Space | 90.41 Gb Free Space | 64.98% Space Free | Partition Type: NTFS
Drive D: | 74.50 Gb Total Space | 47.70 Gb Free Space | 64.03% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
Drive F: | 142.94 Gb Total Space | 142.84 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ADAM
Current User Name: adam
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-887134994-1243305392-2542070696-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Call Graph\CallGraph.exe" = C:\Program Files\Call Graph\CallGraph.exe:*:Enabled:Call Graph -- (Sedna Wireless Pvt. Ltd.)
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{B3BD8997-9D18-47E1-B6E2-068FE3EC5FC4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E62DAF2C-8598-46FD-B8B3-0E83DAC84894}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B0C78D2-7ADC-4984-A9D1-D6D05618A9CB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0ECF67CA-E2E5-4227-98AD-7E5041870380}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{260D36EC-BFF1-417F-9F69-1E6233A337DC}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{3D1738B4-81E6-4FB4-8C9D-9740D05FA8D0}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe |
"{48DFC21C-4822-455F-97A8-03312C781709}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{494F9213-68CC-4502-8D77-185E9101379D}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4C2D7F88-7D92-4C74-8B1E-A37C69711D24}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{51E241A9-08C5-4929-9D72-43998DB0451D}" = dir=in | app=c:\program files\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe |
"{688EAAA3-7F09-4B07-9977-1E2E354D1512}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{6E1904C6-84DD-417F-961C-7A94BA1C5F39}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{6F22ED40-E2E5-4CAF-B284-875028F9F1DE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{70B33D1B-9842-4640-B548-950033B3FD13}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe |
"{7158EF49-5F3C-41A3-87D4-63E4C4F5A8BF}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{7A20E3DB-4149-4A97-BD3C-2CFE96486C21}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{8D7C629B-7083-411A-AAEF-726FA9F2C512}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{923651EF-EE7F-4C09-9D8C-D9C046AD4612}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9BFA568F-2824-4031-8F3C-D3E945B57705}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe |
"{A4BD36C2-436E-474B-8E87-8A1F363023DF}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{B250137B-2D02-4FCF-8266-0E5F1FC90925}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{C6486727-4A0B-4C6E-8EB0-05C866EF9711}" = dir=in | app=c:\program files\avg\avg9\avgemc.exe |
"{D148ABC9-1C87-4671-BD22-3F58D9C9FE9B}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{D3A3ED19-0A51-4A92-97CA-1BE615F009B7}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{D87F7A91-FEE4-47C9-B303-19FB93F39F1F}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{D9CD915F-5525-4EF1-A01E-BC0B526620D6}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{DB018657-922E-4F1B-92EC-07C71CDDD84A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{DED6288D-8A0A-4C72-A187-D2E2C5C8B043}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0FD0FF9D-C87C-47C4-AEC5-98C760E783E7}" = BT Voyager Wireless Utility
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{19451766-07CE-4A79-9A6A-61FC0395C319}" = FINAL FANTASY XI: Wings of the Goddess
"{1EB8607F-C1F8-476E-9D54-AFD8CDA09B6B}" = FINAL FANTASY XI: Treasures of Aht Urhgan
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{251C3815-7A55-4607-A82D-C3B98F0FBAB8}" = Sony Vegas 7.0a
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{45105F2B-0294-4354-A92A-5D1F575E24A5}" = FINAL FANTASY XI
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{47004155-7376-403E-89E9-4C9F44AAF0D0}" = PlayOnline Viewer & Tetra Master
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{71A41426-C7A4-4DCF-A9ED-C5B4B105ED1D}" = Sony Media Manager 2.2
"{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.3.4.106e
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360}" = Alien Shooter
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111940693}" = Bookworm Adventures
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4 1.3
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A4CC41E4-2AED-448D-9D1C-61EB028C2C6D}" = FINAL FANTASY XI: Rise of the Zilart
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A82B049B-14E7-4E0E-946D-024AC4050EF8}" = PlayOnline Viewer & Tetra Master
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A9110D4F-86DC-46DC-A1E6-097692C2D2FF}" = FINAL FANTASY XI: Chains of Promathia
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F429ED71-4A8B-457A-85E4-F6398CE73E58}" = AV Input Selection
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acez Mp3 Wav Converter v3.0_is1" = Acez Mp3 Wav Converter v3.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG9Uninstall" = AVG Free 9.0
"Call Graph" = Call Graph
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ffdshow_is1" = ffdshow [rev 3097] [2009-10-08]
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ImgBurn" = ImgBurn
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{19451766-07CE-4A79-9A6A-61FC0395C319}" = FINAL FANTASY XI: Wings of the Goddess
"InstallShield_{1EB8607F-C1F8-476E-9D54-AFD8CDA09B6B}" = FINAL FANTASY XI: Treasures of Aht Urhgan
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{45105F2B-0294-4354-A92A-5D1F575E24A5}" = FINAL FANTASY XI
"InstallShield_{47004155-7376-403E-89E9-4C9F44AAF0D0}" = PlayOnline Viewer & Tetra Master
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{A4CC41E4-2AED-448D-9D1C-61EB028C2C6D}" = FINAL FANTASY XI: Rise of the Zilart
"InstallShield_{A82B049B-14E7-4E0E-946D-024AC4050EF8}" = PlayOnline Viewer & Tetra Master
"InstallShield_{A9110D4F-86DC-46DC-A1E6-097692C2D2FF}" = FINAL FANTASY XI: Chains of Promathia
"LastFM_is1" = Last.fm 1.5.4.24567
"MediaCoder" = MediaCoder 0.7.2.4526
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"mIRC" = mIRC
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"MSC" = McAfee SecurityCenter
"NVIDIA Drivers" = NVIDIA Drivers
"Pamela" = Pamela Standard 4.6
"Pool Sharks" = Pool Sharks 2.1
"VLC media player" = VLC media player 1.0.2
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-887134994-1243305392-2542070696-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SwiftKit" = SwiftKit
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 11/11/2009 13:17:09 | Computer Name = Adam | Source = Application Error | ID = 1000
Description = Faulting application Starter.exe, version 1.0.0.1, time stamp 0x4aedaeb3,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000096, fault offset 0x09512a3b, process id 0x35c, application start time 0x01ca62f2b7ddec81.
Error - 11/11/2009 18:42:10 | Computer Name = Adam | Source = WinMgmt | ID = 10
Description =
Error - 12/11/2009 06:20:23 | Computer Name = Adam | Source = WinMgmt | ID = 10
Description =
Error - 12/11/2009 10:47:25 | Computer Name = Adam | Source = WinMgmt | ID = 10
Description =
Error - 12/11/2009 15:00:18 | Computer Name = Adam | Source = ESENT | ID = 474
Description = wlcomm (3508) C:\Users\adam\AppData\Local\Microsoft\Windows Live Contacts\{4c2e8e39-20fc-43ca-82b4-2f01ed407eb9}\:
The database page read from the file "C:\Users\adam\AppData\Local\Microsoft\Windows
Live Contacts\{4c2e8e39-20fc-43ca-82b4-2f01ed407eb9}\DBStore\contacts.edb" at offset
4268032 (0x0000000000412000) (database page 520 (0x208)) for 8192 (0x00002000)
bytes failed verification due to a page checksum mismatch. The expected checksum
was 203784775063799070 (0x02d3fd2c584f851e) and the actual checksum was 1063147212346548596
(0x0ec10ec1bfdce174). The read operation will fail with error -1018 (0xfffffc06).
If this condition persists then please restore the database from a previous backup.
This problem is likely due to faulty hardware. Please contact your hardware vendor
for further assistance diagnosing the problem.
Error - 12/11/2009 15:18:26 | Computer Name = Adam | Source = Application Hang | ID = 1002
Description = The program msnmsgr.exe version 14.0.8089.726 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: c34 Start Time: 01ca63a70671858b Termination Time: 210
Error - 12/11/2009 15:21:01 | Computer Name = Adam | Source = Application Hang | ID = 1002
Description = The program msnmsgr.exe version 14.0.8089.726 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 28c Start Time: 01ca63cced3bdbdb Termination Time: 729
Error - 12/11/2009 17:12:28 | Computer Name = Adam | Source = Application Error | ID = 1000
Description = Faulting application Starter.exe, version 1.0.0.1, time stamp 0x4aedaeb3,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000096, fault offset 0x14402a3b, process id 0x418, application start time 0x01ca63dcc09da30b.
Error - 13/11/2009 09:30:04 | Computer Name = Adam | Source = WinMgmt | ID = 10
Description =
Error - 13/11/2009 10:10:19 | Computer Name = Adam | Source = Application Hang | ID = 1002
Description = The program pol.exe version 1.18.12.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 12ec Start Time: 01ca646af891e140 Termination Time: 389
[ Media Center Events ]
Error - 01/11/2009 07:03:17 | Computer Name = Adam | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (5564.1128)
Error - 01/11/2009 07:03:17 | Computer Name = Adam | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (5564.1129)
Error - 19/11/2009 04:59:38 | Computer Name = Adam | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (4796.1128)
Error - 19/11/2009 04:59:38 | Computer Name = Adam | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (4796.1129)
Error - 19/11/2009 04:59:44 | Computer Name = Adam | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (4796.1128)
Error - 19/11/2009 04:59:44 | Computer Name = Adam | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (4796.1129)
Error - 19/11/2009 05:59:57 | Computer Name = Adam | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (5408.1128)
Error - 19/11/2009 05:59:57 | Computer Name = Adam | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (5408.1129)
Error - 19/11/2009 06:00:03 | Computer Name = Adam | Source = MCUpdate | ID = 0
Description = Error connecting to the internet. (5408.1128)
Error - 19/11/2009 06:00:03 | Computer Name = Adam | Source = MCUpdate | ID = 0
Description = Unable to contact server.. (5408.1129)
[ System Events ]
Error - 22/10/2009 05:49:18 | Computer Name = Adam | Source = HTTP | ID = 15016
Description =
Error - 22/10/2009 05:51:31 | Computer Name = Adam | Source = DCOM | ID = 10010
Description =
Error - 23/10/2009 04:54:42 | Computer Name = Adam | Source = HTTP | ID = 15016
Description =
Error - 23/10/2009 04:56:56 | Computer Name = Adam | Source = DCOM | ID = 10010
Description =
Error - 23/10/2009 17:25:54 | Computer Name = Adam | Source = HTTP | ID = 15016
Description =
Error - 23/10/2009 17:28:17 | Computer Name = Adam | Source = DCOM | ID = 10010
Description =
Error - 24/10/2009 05:44:39 | Computer Name = Adam | Source = HTTP | ID = 15016
Description =
Error - 24/10/2009 05:46:55 | Computer Name = Adam | Source = DCOM | ID = 10010
Description =
Error - 25/10/2009 05:35:28 | Computer Name = Adam | Source = HTTP | ID = 15016
Description =
Error - 25/10/2009 05:37:46 | Computer Name = Adam | Source = DCOM | ID = 10010
Description =
< End of report >