OTL Extras logfile created on: 4/1/2008 12:45:25 PM - Run 1 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\joey\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19222) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.75 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 47.98% Memory free 7.71 Gb Paging File | 5.61 Gb Available in Paging File | 72.77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 137.11 Gb Total Space | 3.79 Gb Free Space | 2.77% Space Free | Partition Type: NTFS Drive D: | 140.98 Gb Total Space | 136.66 Gb Free Space | 96.94% Space Free | Partition Type: NTFS Drive F: | 702.31 Mb Total Space | 612.42 Mb Free Space | 87.20% Space Free | Partition Type: UDF Computer Name: RENT1ST-PC | User Name: joey | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 1 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] "VistaSp2" = CD 50 AB D6 7C DD CA 01 [binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01917B9D-1A63-44CA-ABD7-62D3AA8BD1DD}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe | "{0A461956-F194-48E3-B0F9-9A062108D64A}" = rport=445 | protocol=6 | dir=out | app=system | "{10F9B3BA-C4CB-49AE-8156-51F597456780}" = lport=138 | protocol=17 | dir=in | app=system | "{14A6CC35-2A11-4471-9FB8-F928695FB435}" = lport=445 | protocol=6 | dir=in | app=system | "{1510088E-E5D4-4DEE-BF96-F3151095C594}" = lport=10244 | protocol=6 | dir=in | app=system | "{166307C1-F021-4D3A-BB35-894FE7C03B7A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | "{2912A1CE-8637-4D03-B5A3-E8DBF022C88C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{32E43D2E-2F37-47DD-A40C-EDC47BE46FD3}" = rport=139 | protocol=6 | dir=out | app=system | "{363DBF5A-1F9B-42B5-8F3F-2F75AFFAB9EF}" = rport=138 | protocol=17 | dir=out | app=system | "{402730D8-8F89-4B9F-862D-FE7EF3352FC7}" = rport=137 | protocol=17 | dir=out | app=system | "{5E4108AD-2B35-4016-8A3C-A7A91EA40EB5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | "{7795BE0D-0B93-4249-A63B-C0D037D0CE10}" = lport=3390 | protocol=6 | dir=in | app=system | "{7C0041C4-36DA-4A8E-B464-9ACBE58330E5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe | "{86FC560D-C94C-4C46-9120-65006C0DDEC9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=file and printer sharing (spooler service - rpc-epmap) | "{8FA9BFF8-F73B-448E-BFB7-70637976C616}" = lport=137 | protocol=17 | dir=in | app=system | "{BA746F3E-92B7-4E7B-AE39-96350894D12E}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe | "{C7470233-52F1-4EDF-B829-5A522AC4B51D}" = lport=139 | protocol=6 | dir=in | app=system | "{C7DFD438-A7D4-4429-93B6-9A3CF2452B1C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | "{CB78FC72-DAB4-4EAF-B4CE-2D87C268F017}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe | "{E1B413F7-A217-410D-BF15-AB36A7587E57}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe | "{EB5F634D-8626-42EE-A226-89A74B3BA651}" = rport=10244 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{037B94C3-1097-43AB-94C9-5A7C68AD5489}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | "{046866F7-EB81-473E-9F94-2ACEE8F3E28F}" = dir=in | app=c:\program files (x86)\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe | "{061C5781-609C-47BA-8F89-A9F29A85F9F8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | "{12BB0C0B-3F2E-4305-9534-27C1A19155CC}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\acer homemedia connect.exe | "{176AC69F-2851-4607-BAB3-8D6205EFF5FF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | "{1A90DCA4-E0C6-44B0-9577-DBA129117EDD}" = protocol=58 | dir=in | name=file and printer sharing (echo request - icmpv6-in) | "{1D071656-8197-4B11-85A6-C96685C7FC52}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe | "{1D89DF92-108C-4D58-B0B5-91E55AD1FF56}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{224DE520-4CE2-45D0-8900-830E5D3892DD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | "{2CD50C91-DAE9-4733-A55C-38FC54F30D13}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe | "{2E31E59E-7492-4FB4-A643-5A37AC232D9E}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia\acer homemedia.exe | "{32B6836D-83F6-4F52-9DAC-EC30C06886EE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{3B6E420A-3150-431F-9008-52A04ADE1EEA}" = protocol=1 | dir=in | name=file and printer sharing (echo request - icmpv4-in) | "{3C826717-EC66-49E3-B62B-27AC09B39821}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe | "{3D1D76BF-C298-4C76-9292-DA9BAD840894}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | "{4C10FF7B-902E-4EF4-B1FB-F1FA11260F1A}" = protocol=17 | dir=out | app=c:\program files (x86)\windows media player\wmplayer.exe | "{5051D42C-46F1-4406-94A5-DCDDC7C8BAF2}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{5A997954-E892-44E1-BDBB-B0499FDE8B54}" = dir=in | app=c:\program files (x86)\acer arcade live\acer videomagician\acer videomagician.exe | "{62EC3080-C386-40BA-99B2-59FA127A6EA0}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe | "{690AD3FE-B87D-4FD9-85B8-C46F6B3B893F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | "{6FC8A0E8-0461-4943-9560-86F962ED6B1A}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "{7084DD52-6FFB-4207-9F78-CC502212AE41}" = protocol=1 | dir=out | name=file and printer sharing (echo request - icmpv4-out) | "{73550BAC-ED5B-494A-B4FF-15C7FE34E990}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\zoo tycoon 2\zt.exe | "{73B4B1F9-C477-479A-ABF2-023A34DF2D1D}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe | "{7423D6EC-248E-4D7D-94FC-D5355245A200}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | "{75BB26FA-74BB-419D-809D-1E379E3DD338}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "{895020A2-5892-4A96-9706-A3159073EAA2}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe | "{895DBF8D-E5E5-4188-9D6A-AA554C74A15E}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe | "{9442E0F2-0665-4104-8220-8CBEC5BB2BEE}" = protocol=58 | dir=out | name=file and printer sharing (echo request - icmpv6-out) | "{9938AEB8-1700-4BC6-B846-BE129F0D20E2}" = dir=in | app=c:\program files (x86)\acer arcade live\acer arcade live main page\acer arcade live.exe | "{9B16FC6D-5C24-4A18-A45D-CFA8C7709C29}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | "{A1285E6F-054A-48C5-94B3-0B68629C4BE6}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe | "{A428E3EA-4008-405C-A312-8FB03A4D49AD}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{A6CDCC87-9564-4141-A4FA-B463ABCC8EA0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{ACDFCA87-F17C-4942-A1A9-494AE532F8A1}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "{B1A2B451-2832-4AB1-844A-484F8849C191}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "{B54E1C69-6455-4A91-811D-29E81523F544}" = protocol=6 | dir=out | app=c:\program files (x86)\windows media player\wmplayer.exe | "{B8AEE524-BA7E-4B1D-BB39-C1B0B11123FD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{BEC72D2F-603D-44A8-99D5-C1E53269742A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\zoo tycoon 2\zt.exe | "{C45534A1-625A-432E-8B33-C98AA6D40024}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | "{C535F8F8-3DE0-46D8-B363-6246B81037E9}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dvdivine\acer dvdivine.exe | "{C68F1739-05F8-4E61-B30C-93290DA82BC7}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dv magician\acer dv magician.exe | "{C9902335-B079-42B5-9B7F-316BA51D8F5E}" = protocol=17 | dir=in | app=c:\program files (x86)\windows media player\wmplayer.exe | "{CC113411-B5D8-4B19-B6EE-48A47D2EECF1}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe | "{DC3EA044-B1C6-442F-A932-3F79CA792142}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe | "{DCED237E-8A39-4673-9F68-D9616DF0C430}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe | "{E16AB940-EF0C-4978-976A-DC76D5FA9B16}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | "{E269304E-D417-4225-A499-2ADC8FF2B048}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | "{F77E39A8-5E7B-4B8D-940F-CCDDBBD87624}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | "TCP Query User{211CAD67-6715-4620-A48C-53C69182DC24}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "TCP Query User{3DFFD96D-26B4-4F1E-A249-6C8DBEA48F06}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe | "TCP Query User{432E900B-895A-4861-8D77-E69CF4D100CE}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "TCP Query User{51C48B9D-3CD9-4D93-B6F6-A94D1A5F6BB1}C:\program files (x86)\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "TCP Query User{5E3A7A3B-A64B-4C94-BF4F-C6E5BFBF59AD}C:\programdata\10a8c90\ms10a8_302.exe" = protocol=6 | dir=in | app=c:\programdata\10a8c90\ms10a8_302.exe | "TCP Query User{99A2ECC9-31FF-4075-A239-D7E24D78EB22}C:\program files (x86)\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ares\ares.exe | "UDP Query User{2B595C7C-C785-4389-9AB2-B108425015D5}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "UDP Query User{335F490D-E6D3-40DE-8F6B-B730D150440A}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe | "UDP Query User{7C170051-729F-4600-BB15-A48F3F69A223}C:\program files (x86)\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "UDP Query User{A32E2216-B74F-4C48-BE93-B96C7430BFD9}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "UDP Query User{C64783DB-3D99-4F10-8BC2-29C96C9A4F05}C:\program files (x86)\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ares\ares.exe | "UDP Query User{EF7EAEE4-F0D6-4EBD-87BB-967E99CA89FF}C:\programdata\10a8c90\ms10a8_302.exe" = protocol=17 | dir=in | app=c:\programdata\10a8c90\ms10a8_302.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series" = Canon MG5200 series MP Drivers "{393ADA10-CEC5-47E7-AE6D-A9591C125EEF}" = Microsoft LifeCam "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "Agere Systems Soft Modem" = Agere Systems PCI-SV92EX Soft Modem "LSI Soft Modem" = LSI PCI-SV92EX Soft Modem "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1" = SiteRanker "{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard "{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{40C4903E-EDFB-4CAE-A611-41FEBA585921}" = VTech Download Agent Library "{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{8175D48A-72BB-45C9-BEC8-1560178B60CD}" = Mahjongg Artifacts 2 "{822944D4-BC5D-44AE-9315-16C174D318B0}" = Photo Explosion "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101 "{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1 "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8 "{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine "{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation "{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{C1C441C4-57FA-4950-BDBA-BABFBAA2AA39}" = ParetoLogic FileCure "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F429ED71-4A8B-457A-85E4-F6398CE73E58}" = AV Input Selection "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician "{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician "{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform "{FDC8065B-80DE-4466-B90B-2581F6D77DFF}" = Image Plugin "Acer Assist" = Acer Assist "Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1 "Acer Registration" = Acer Registration "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "ActiveScan 2.0" = Panda ActiveScan 2.0 "Aleks 3.15" = Aleks 3.15 "Ares" = Ares 2.1.1 "Artist Colony_is1" = Artist Colony "avast" = avast! Free Antivirus "BFGC" = Big Fish Games: Game Manager "BFG-Mahjong Escape Ancient China" = Mahjong Escape Ancient China "BFG-Mythic Mahjong" = Mythic Mahjong "Canon MG5200 series User Registration" = Canon MG5200 series User Registration "Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility "Canon_IJ_Network_UTILITY" = Canon IJ Network Tool "CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program "CanonMyPrinter" = Canon My Printer "CanonSolutionMenuEX" = Canon Solution Menu EX "conduitEngine" = Conduit Engine "CoreAAC" = CoreAAC "Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows "Do Not Track Plus Add-on_is1" = Do Not Track Plus Add-on 2.1.0.322 "Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX "Easy-WebPrint EX" = Canon Easy-WebPrint EX "GamesBar" = GamesBar 2.0.1.55 "Gardenscapes™" = Gardenscapes™ "GOM Picker" = GOM PICKER "GOM Player" = GOM Player "GOM Video Converter" = GOM Video Converter "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5 "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2157961D-0507-44A8-BCF2-1EE2D439E8DF}" = Civilization III "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8 "InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300 "McAfee Security Scan" = McAfee Security Scan Plus "MostFun.com Games - Mahjongg Artifacts 2" = MostFun.com Games - Mahjongg Artifacts 2 (remove only) "MP Navigator EX 4.0" = Canon MP Navigator EX 4.0 "MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad) "Network MagicUninstall" = Network Magic "PageRage Toolbar" = PageRage Toolbar "Paparazzi" = Paparazzi "Pure Hidden" = Pure Hidden "RegZooka" = RegZooka v2.0 "SearchElf_1.1 Toolbar" = SearchElf 1.1 Toolbar "VTechDownloadManager" = Learning Lodge Navigator "Winamp" = Winamp "WinLiveSuite_Wave3" = Windows Live Essentials "Yahoo! Search Defender" = Yahoo! Search Protection "Yahoo! Software Update" = Yahoo! Software Update [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "KalydoPlayer" = Kalydo Player 3.08.01 "UnityWebPlayer" = Unity Web Player "Winamp Detect" = Winamp Detector Plug-in [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 5/29/2011 6:12:13 PM | Computer Name = RENT1st-PC | Source = WinMgmt | ID = 10 Description = Error - 5/31/2011 11:06:26 AM | Computer Name = RENT1st-PC | Source = WinMgmt | ID = 10 Description = Error - 6/1/2011 1:04:27 AM | Computer Name = RENT1st-PC | Source = WinMgmt | ID = 10 Description = Error - 6/1/2011 1:05:11 AM | Computer Name = RENT1st-PC | Source = Windows Search Service | ID = 3013 Description = Error - 6/2/2011 5:33:11 PM | Computer Name = RENT1st-PC | Source = WinMgmt | ID = 10 Description = Error - 6/2/2011 6:01:46 PM | Computer Name = RENT1st-PC | Source = WinMgmt | ID = 10 Description = Error - 6/2/2011 6:03:58 PM | Computer Name = RENT1st-PC | Source = Application Hang | ID = 1002 Description = The program iexplore.exe version 8.0.6001.19048 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 244 Start Time: 01cc2170c7e713d2 Termination Time: 8 Error - 6/2/2011 6:09:23 PM | Computer Name = RENT1st-PC | Source = WinMgmt | ID = 10 Description = Error - 6/3/2011 4:55:13 PM | Computer Name = RENT1st-PC | Source = Application Error | ID = 1000 Description = Faulting application AcroRd32.exe, version 8.1.0.137, time stamp 0x46444e37, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000, process id 0x384, application start time 0x01cc22307d5f2445. Error - 6/4/2011 3:37:10 PM | Computer Name = RENT1st-PC | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 10/7/2009 5:34:26 PM | Computer Name = RENT1st-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. Error - 10/7/2009 6:58:23 PM | Computer Name = RENT1st-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. Error - 12/23/2009 2:32:03 PM | Computer Name = RENT1st-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. [ System Events ] Error - 3/26/2008 2:42:23 AM | Computer Name = RENT1st-PC | Source = Service Control Manager | ID = 7026 Description = Error - 3/26/2008 2:43:35 AM | Computer Name = RENT1st-PC | Source = Service Control Manager | ID = 7009 Description = Error - 3/26/2008 2:43:35 AM | Computer Name = RENT1st-PC | Source = Service Control Manager | ID = 7000 Description = Error - 3/26/2008 2:43:55 AM | Computer Name = RENT1st-PC | Source = DCOM | ID = 10005 Description = Error - 3/26/2008 2:43:55 AM | Computer Name = RENT1st-PC | Source = Service Control Manager | ID = 7009 Description = Error - 3/26/2008 2:43:55 AM | Computer Name = RENT1st-PC | Source = Service Control Manager | ID = 7000 Description = Error - 3/29/2008 3:06:00 AM | Computer Name = RENT1st-PC | Source = Dhcp | ID = 1002 Description = The IP address lease 192.168.1.104 for the Network Card with network address 001D72B855D5 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). Error - 3/31/2008 4:35:37 AM | Computer Name = RENT1st-PC | Source = Service Control Manager | ID = 7026 Description = Error - 3/31/2008 4:49:29 AM | Computer Name = RENT1st-PC | Source = W32Time | ID = 39452706 Description = The time service has detected that the system time needs to be changed by +136989469 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.22:123) is working properly. Error - 4/1/2008 1:16:20 PM | Computer Name = RENT1st-PC | Source = Dhcp | ID = 1002 Description = The IP address lease 192.168.1.100 for the Network Card with network address 001D72B855D5 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). < End of report >