Hi compcav,
Please find below everything u instructed me to do :
1) aswMBR.txt
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-09-23 12:13:14
-----------------------------
12:13:14.649 OS Version: Windows 6.0.6002 Service Pack 2
12:13:14.649 Number of processors: 2 586 0xF0D
12:13:14.659 ComputerName: ALLEN-PC UserName: Allen
12:14:07.909 Initialize success
12:14:08.269 VM: initialized successfully
12:14:08.299 VM: Intel CPU virtualization not supported
12:16:09.183 AVAST engine defs: 14092300
12:16:17.264 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
12:16:17.264 Disk 0 Vendor: Hitachi_HTS542525K9SA00 BBFOC31P Size: 238475MB BusType: 3
12:16:17.483 Disk 0 MBR read successfully
12:16:17.483 Disk 0 MBR scan
12:16:17.498 Disk 0 Windows VISTA default MBR code
12:16:17.514 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238473 MB offset 2048
12:16:17.529 Disk 0 scanning sectors +488394752
12:16:17.607 Disk 0 scanning C:\Windows\system32\drivers
12:16:44.399 Service scanning
12:16:58.873 Service cm_km_w C:\Windows\system32\DRIVERS\cm_km_w.sys **LOCKED** 5
12:17:08.502 Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5
12:17:08.572 Service kldisk C:\Windows\system32\DRIVERS\kldisk.sys **LOCKED** 5
12:17:08.748 Service klflt C:\Windows\system32\DRIVERS\klflt.sys **LOCKED** 5
12:17:08.841 Service klhk C:\Windows\system32\DRIVERS\klhk.sys **LOCKED** 5
12:17:09.100 Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5
12:17:09.130 Service klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys **LOCKED** 5
12:17:09.170 Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
12:17:09.210 Service klpd C:\Windows\system32\DRIVERS\klpd.sys **LOCKED** 5
12:17:09.250 Service kltdf C:\Windows\system32\DRIVERS\kltdf.sys **LOCKED** 5
12:17:09.400 Service kltdi C:\Windows\system32\DRIVERS\kltdi.sys **LOCKED** 5
12:17:09.460 Service kneps C:\Windows\system32\DRIVERS\kneps.sys **LOCKED** 5
12:17:38.390 Modules scanning
12:18:38.729 Disk 0 trace - called modules:
12:18:38.745 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
12:18:38.745 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8cc4d620]
12:18:38.760 3 CLASSPNP.SYS[91ba48b3] -> nt!IofCallDriver -> [0x8c5c2870]
12:18:38.760 5 acpi.sys[9153c6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x8c58db98]
12:18:39.727 AVAST engine scan C:\Windows
12:18:54.915 AVAST engine scan C:\Windows\system32
12:25:29.168 AVAST engine scan C:\Windows\system32\drivers
12:25:50.976 AVAST engine scan C:\Users\Allen
12:34:35.224 AVAST engine scan C:\ProgramData
12:40:07.393 Scan finished successfully
12:41:30.351 Disk 0 MBR has been saved successfully to "C:\Users\Allen\Desktop\MBR.dat"
12:41:30.361 The log file has been saved successfully to "C:\Users\Allen\Desktop\aswMBR.txt"
It also created an MBR.dat file which is on my desktop
2) OTL.txt
OTL logfile created on: 23/09/2014 1:01:12 PM - Run 10
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Allen\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.99 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 48.59% Memory free
6.91 Gb Paging File | 4.73 Gb Available in Paging File | 68.43% Paging File free
Paging file location(s): c:\pagefile.sys 4096 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 154.10 Gb Free Space | 66.17% Space Free | Partition Type: NTFS
Computer Name: ALLEN-PC | User Name: Allen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/09/23 12:44:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Allen\Desktop\OTL.exe
PRC - [2014/09/09 22:08:09 | 000,854,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_152_ActiveX.exe
PRC - [2014/09/04 09:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/08/30 17:48:46 | 000,234,520 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
PRC - [2014/08/30 17:47:54 | 000,193,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
PRC - [2013/09/06 14:30:16 | 000,273,296 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
PRC - [2013/08/27 18:57:34 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012/03/22 09:11:44 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Allen\AppData\Local\temp\RtkBtMnt.exe
PRC - [2009/04/11 03:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/17 22:39:33 | 000,171,448 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
PRC - [2008/05/02 01:15:46 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2008/03/24 22:37:18 | 000,462,848 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008/01/20 23:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/11 21:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2008/01/09 22:43:28 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2008/01/07 21:25:14 | 004,853,760 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/07 20:51:46 | 000,858,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/01/03 05:55:52 | 000,506,416 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/01/03 05:55:48 | 000,521,776 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2007/12/20 15:33:14 | 000,761,856 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNMTray.exe
PRC - [2007/12/20 15:32:04 | 000,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007/12/19 22:09:22 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/11/27 22:54:36 | 000,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2007/10/03 19:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/10/03 19:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/10/01 20:42:36 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007/09/20 17:57:28 | 000,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2007/09/07 16:35:10 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2007/08/06 17:41:06 | 000,069,632 | ---- | M] (Software 2000 Limited) -- C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2007/05/09 00:48:26 | 000,053,248 | ---- | M] (Bison Inc.) -- C:\Windows\BR040286.exe
========== Modules (No Company Name) ==========
MOD - [2014/09/11 12:10:39 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\ecc6ea26e775933a1f05e79624ce82b5\System.Management.ni.dll
MOD - [2014/09/11 12:10:21 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7bd37ef6a36439ab4550386011d223fc\System.ServiceProcess.ni.dll
MOD - [2014/09/11 12:10:12 | 011,908,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\e6b56aac0bf215d7796aefcd9abda0bd\System.Web.ni.dll
MOD - [2014/09/11 12:10:00 | 000,774,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\00ae7fa4e4351893a11a36a6712965af\System.Runtime.Remoting.ni.dll
MOD - [2014/09/11 12:09:49 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\a701c4affbf06da91d3c666feed05c0e\System.Configuration.ni.dll
MOD - [2014/09/11 12:08:16 | 005,465,088 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\846057ebe7a3cb80edc3f73d35b4830a\System.Xml.ni.dll
MOD - [2014/09/11 12:07:54 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\33cd8a4969b01252189a6c1ca39ccb45\System.Windows.Forms.ni.dll
MOD - [2014/09/11 12:07:41 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e279c8265d76b7ca403c7ef9185ec04\System.Drawing.ni.dll
MOD - [2014/09/11 12:06:06 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\0ab7bdcd7b8bdf70f983be2c324ea3b8\System.ni.dll
MOD - [2014/09/11 12:05:57 | 011,496,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3444fbefcbd532181c499150ace644a4\mscorlib.ni.dll
MOD - [2008/05/02 01:15:46 | 000,015,872 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
MOD - [2008/05/02 01:15:35 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2008/01/09 22:43:12 | 000,057,344 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
MOD - [2008/01/09 22:42:54 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
MOD - [2008/01/03 06:00:48 | 000,227,888 | ---- | M] () -- C:\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2007/12/20 17:58:00 | 000,679,936 | ---- | M] () -- C:\Acer\Empowering Technology\eLock\eLockCTL.dll
MOD - [2007/12/20 15:33:26 | 000,249,856 | ---- | M] () -- C:\Acer\Empowering Technology\eNet\eNetPlugin.dll
MOD - [2007/12/19 22:09:38 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
MOD - [2007/12/19 22:08:54 | 000,155,648 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
MOD - [2007/12/19 22:08:28 | 003,420,160 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
MOD - [2007/12/19 22:08:10 | 000,032,768 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
MOD - [2007/09/20 18:01:12 | 000,208,896 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll
MOD - [2007/09/11 13:59:04 | 000,307,200 | ---- | M] () -- C:\Acer\Empowering Technology\ePresentation\ePresentationCTL.dll
MOD - [2003/06/07 18:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll
========== Services (SafeList) ==========
SRV - [2014/09/09 22:08:12 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/04 09:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/30 17:48:46 | 000,234,520 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe -- (AVP15.0.1)
SRV - [2013/09/06 14:29:38 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)
SRV - [2013/08/27 18:57:34 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2008/01/20 23:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/11 21:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2008/01/03 05:55:52 | 000,506,416 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/12/20 15:32:04 | 000,131,072 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007/12/19 22:09:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/11/27 22:54:36 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007/10/03 19:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/10/01 20:42:36 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007/09/20 17:57:28 | 000,167,936 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Allen\AppData\Local\Temp\aswVmm.sys -- (aswVmm)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Allen\AppData\Local\Temp\aswMBR.sys -- (aswMBR)
DRV - [2014/08/21 15:39:16 | 000,060,552 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdf.sys -- (kltdf)
DRV - [2014/08/20 18:04:48 | 000,673,800 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2014/08/18 14:43:14 | 000,119,816 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klflt.sys -- (klflt)
DRV - [2014/08/12 18:32:56 | 000,036,536 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klhk.sys -- (klhk)
DRV - [2014/07/31 22:31:52 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\5C245274.sys -- (MBAMSwissArmy)
DRV - [2014/07/09 16:23:54 | 000,146,240 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)
DRV - [2014/07/02 16:10:34 | 000,036,928 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\kldisk.sys -- (kldisk)
DRV - [2014/06/05 19:02:10 | 000,044,992 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)
DRV - [2014/03/31 11:47:08 | 000,143,968 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2014/03/28 17:51:02 | 000,024,672 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2014/02/25 13:09:02 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2013/08/08 17:10:58 | 000,025,696 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2013/04/12 15:34:48 | 000,014,432 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klpd.sys -- (klpd)
DRV - [2013/01/14 21:10:56 | 000,189,136 | ---- | M] (Kaspersky Lab UK Ltd) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\cm_km_w.sys -- (cm_km_w)
DRV - [2009/09/05 18:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/01/20 23:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/11/30 19:51:34 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2007/10/29 18:46:42 | 000,829,096 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BisonC07.sys -- (Cam5607)
DRV - [2007/05/02 08:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/11/28 21:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.ca.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
IE - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\..\SearchScopes\{44B67AE4-AAB5-4F8C-BE74-8B97E51F920A}: "URL" = http://search.condui...&ctid=CT3196716
IE - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://ca.search.yah...ms}&fr=chr-acer
IE - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\..\SearchScopes\{E6F8E096-4836-47C0-8883-6A99317FB847}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected] [2014/09/20 20:38:33 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected] [2014/09/20 20:38:40 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected] [2014/09/20 20:38:51 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Allen\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Allen\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Allen\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Allen\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Allen\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected] [2014/09/20 20:38:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected] [2014/09/20 20:38:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\[email protected] [2014/09/20 20:38:40 | 000,000,000 | ---D | M]
[2013/03/20 21:33:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allen\AppData\Roaming\Mozilla\Extensions
[2013/03/20 21:33:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allen\AppData\Roaming\Mozilla\Extensions\[email protected]
[2009/02/04 07:43:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Allen\AppData\Roaming\Mozilla\Extensions\[email protected]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - Extension: No name found = C:\Users\Allen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
O1 HOSTS File: ([2012/03/22 09:06:24 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Content Blocker Plugin) - {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Virtual Keyboard Plugin) - {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {E3D96E85-529D-4269-AC6A-97CF9E2221E3} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [BisonInst0402] C:\Windows\BR040286.exe (Bison Inc.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-534116950-1332898044-2559044525-1003..\Run: [CrossRiderPlugin] C:\Program Files\CrossriderWebApps\Crossrider.exe File not found
O4 - HKU\S-1-5-21-534116950-1332898044-2559044525-1003..\Run: [Facebook Update] C:\Users\Allen\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-534116950-1332898044-2559044525-1003..\Run: [Logitech Vid HD] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode File not found
O4 - HKU\S-1-5-21-534116950-1332898044-2559044525-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-534116950-1332898044-2559044525-1003..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-534116950-1332898044-2559044525-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Virtual Keyboard - {09A10376-994C-4BBF-9121-F50CF7BA237E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.222.0.94 24.222.0.95
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39C7CE13-FD2A-4C69-A839-A7F82396DA33}: DhcpNameServer = 24.222.0.94 24.222.0.95
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CFF6B887-1F9F-42C1-9C3E-0E7E44A7B879}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Autumn Leaves.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Autumn Leaves.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 18:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{93dac35c-84f4-11dd-abc0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{93dac35c-84f4-11dd-abc0-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/09/23 12:44:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Allen\Desktop\OTL.exe
[2014/09/22 11:44:07 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Local\{66A48ED0-3C54-410E-9D4F-C186BFD05173}
[2014/09/22 11:41:27 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2014/09/21 16:07:16 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Local\{C57EAA10-BC62-49B7-BACD-5F6146EFC4D4}
[2014/09/20 20:54:35 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Local\{AABD2B64-F3F0-41D2-B781-45B36B47F851}
[2014/09/20 20:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
[2014/09/20 20:35:14 | 000,673,800 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klif.sys
[2014/09/20 20:35:14 | 000,119,816 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klflt.sys
[2014/09/20 20:35:14 | 000,036,536 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\klhk.sys
[2014/09/20 19:55:06 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2014/09/18 22:52:01 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Local\{C6ED8AF9-26F0-45AF-81BF-BA1B08673CD0}
[2014/09/18 00:48:59 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Local\{8047777C-0BF4-40BE-9E52-82B4684798FC}
[2014/09/18 00:08:45 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Roaming\MyTurboPC.com
[2014/09/18 00:08:45 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Roaming\DriverCure
[2014/09/18 00:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\MyTurboPC.com
[2014/09/17 21:33:52 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Local\{8B8F0E82-55B0-4A30-A752-3D066E19EA1E}
[2014/09/16 20:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/09/16 20:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/09/16 19:58:42 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Local\{C183F274-BF3E-44F7-A270-02ACAB6BFF6F}
[2014/09/13 08:36:48 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Local\{C1855C2C-7537-45B1-A2FE-B30316852BF0}
[2014/09/11 12:21:03 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Local\{84FA9168-1E29-4A75-88C0-A60FE59BD46E}
[2014/09/11 11:48:44 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/09/11 11:48:42 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/09/11 11:48:42 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/09/11 11:48:41 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/09/11 11:48:41 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/09/11 11:48:40 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/09/11 11:48:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/09/11 11:48:39 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014/09/11 11:48:38 | 001,810,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/09/11 11:48:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/09/11 11:48:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/09/11 11:48:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/09/05 02:52:13 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Local\{40EA7764-4DBB-4A2E-A6E1-43BB40996E35}
[2014/08/28 22:01:03 | 000,000,000 | ---D | C] -- C:\Users\Allen\AppData\Local\{6A3182DE-43A8-4F6A-9F11-A590B9212899}
[2014/08/28 21:43:59 | 002,054,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
========== Files - Modified Within 30 Days ==========
[2014/09/23 12:55:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/09/23 12:44:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Allen\Desktop\OTL.exe
[2014/09/23 12:42:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA.job
[2014/09/23 12:41:30 | 000,000,512 | ---- | M] () -- C:\Users\Allen\Desktop\MBR.dat
[2014/09/23 12:38:05 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/23 12:38:05 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/23 10:44:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003UA.job
[2014/09/23 08:52:23 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core.job
[2014/09/23 08:38:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/22 18:33:08 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-534116950-1332898044-2559044525-1003Core.job
[2014/09/22 12:16:13 | 000,002,377 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014/09/21 15:53:24 | 406,334,087 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/09/21 15:13:14 | 005,478,716 | ---- | M] () -- C:\Users\Allen\Desktop\Landslide (guitar track from rough version).mp3
[2014/09/21 15:12:46 | 005,478,716 | ---- | M] () -- C:\Users\Allen\Desktop\Landslide (Allen Rob rough version final edit).mp3
[2014/09/21 12:51:23 | 000,098,567 | ---- | M] () -- C:\Users\Allen\Desktop\mel2.jpg
[2014/09/20 20:42:18 | 000,002,013 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
[2014/09/20 13:06:19 | 000,071,920 | ---- | M] () -- C:\Users\Allen\Desktop\melanie.jpg
[2014/09/16 10:04:33 | 000,005,922 | -HS- | M] () -- C:\Users\Allen\Desktop\Folder.jpg
[2014/09/16 10:04:33 | 000,001,943 | -HS- | M] () -- C:\Users\Allen\Desktop\AlbumArtSmall.jpg
[2014/09/15 18:10:42 | 005,606,104 | ---- | M] () -- C:\Users\Allen\Desktop\Landslide - Bush X.mp3
[2014/09/15 09:06:04 | 000,231,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2014/09/11 12:09:31 | 000,718,324 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/09/11 12:09:31 | 000,152,494 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/09/09 22:08:09 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/09/09 22:08:09 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/09/03 19:42:15 | 000,046,238 | ---- | M] () -- C:\Users\Allen\Desktop\seema3.jpg
[2014/09/03 19:41:40 | 000,073,078 | ---- | M] () -- C:\Users\Allen\Desktop\seema2.jpg
[2014/09/03 19:41:06 | 000,071,060 | ---- | M] () -- C:\Users\Allen\Desktop\seema1.jpg
[2014/08/28 21:54:09 | 000,391,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/08/27 00:09:18 | 000,376,350 | ---- | M] () -- C:\Users\Allen\Desktop\10317682_10154205844215641_7300979278718627901_o.jpg
========== Files Created - No Company Name ==========
[2014/09/23 12:41:30 | 000,000,512 | ---- | C] () -- C:\Users\Allen\Desktop\MBR.dat
[2014/09/21 15:53:24 | 406,334,087 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/09/21 15:13:14 | 005,478,716 | ---- | C] () -- C:\Users\Allen\Desktop\Landslide (guitar track from rough version).mp3
[2014/09/21 15:12:46 | 005,478,716 | ---- | C] () -- C:\Users\Allen\Desktop\Landslide (Allen Rob rough version final edit).mp3
[2014/09/21 12:51:23 | 000,098,567 | ---- | C] () -- C:\Users\Allen\Desktop\mel2.jpg
[2014/09/20 20:47:27 | 000,002,013 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
[2014/09/20 13:06:18 | 000,071,920 | ---- | C] () -- C:\Users\Allen\Desktop\melanie.jpg
[2014/09/16 10:04:33 | 000,005,922 | -HS- | C] () -- C:\Users\Allen\Desktop\Folder.jpg
[2014/09/16 10:04:33 | 000,001,943 | -HS- | C] () -- C:\Users\Allen\Desktop\AlbumArtSmall.jpg
[2014/09/15 18:10:42 | 005,606,104 | ---- | C] () -- C:\Users\Allen\Desktop\Landslide - Bush X.mp3
[2014/09/03 19:42:14 | 000,046,238 | ---- | C] () -- C:\Users\Allen\Desktop\seema3.jpg
[2014/09/03 19:41:39 | 000,073,078 | ---- | C] () -- C:\Users\Allen\Desktop\seema2.jpg
[2014/09/03 19:41:06 | 000,071,060 | ---- | C] () -- C:\Users\Allen\Desktop\seema1.jpg
[2014/08/27 00:09:17 | 000,376,350 | ---- | C] () -- C:\Users\Allen\Desktop\10317682_10154205844215641_7300979278718627901_o.jpg
[2014/04/10 19:11:11 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/05/26 22:24:08 | 001,136,459 | ---- | C] () -- C:\Users\Allen\12.wma
[2012/02/19 20:43:14 | 000,000,680 | ---- | C] () -- C:\Users\Allen\AppData\Local\d3d9caps.dat
[2011/04/10 15:23:30 | 000,000,052 | ---- | C] () -- C:\Users\Allen\AppData\Roaming\G1000Trainer_preferences.xml
[2011/04/10 15:23:29 | 000,006,733 | ---- | C] () -- C:\Users\Allen\AppData\Roaming\G1000Trainer_student_record.xml
[2010/07/21 02:59:37 | 000,058,368 | ---- | C] () -- C:\Users\Allen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/11 23:23:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/02/20 20:06:04 | 000,000,314 | ---- | C] () -- C:\Users\Allen\Public - Shortcut.lnk
[2008/11/13 02:28:23 | 000,024,206 | ---- | C] () -- C:\Users\Allen\AppData\Roaming\UserTile.png
[2008/10/08 04:32:48 | 000,000,301 | ---- | C] () -- C:\Users\Allen\Collision avoidance notes.rtf
========== ZeroAccess Check ==========
[2006/11/02 09:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 10:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\Windows\system32\wbem\fastprox.dll -- [2009/04/11 03:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\Windows\system32\wbem\wbemess.dll -- [2009/04/11 03:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2008/09/17 21:04:49 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\Acer
[2013/03/21 18:05:05 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\BHOK IT Consulting
[2014/09/18 00:08:45 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\DriverCure
[2008/11/02 03:02:48 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\EPSON
[2008/09/17 21:04:47 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\Leadertech
[2014/09/18 00:08:45 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\MyTurboPC.com
[2008/10/15 03:25:34 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\OpenOffice.org
[2013/03/20 21:33:18 | 000,000,000 | ---D | M] -- C:\Users\Allen\AppData\Roaming\TomTom
========== Purity Check ==========
========== Custom Scans ==========
========== Base Services ==========
SRV - [2006/11/02 06:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2014/06/02 07:30:29 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/20 23:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2009/04/11 03:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009/04/11 03:28:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/16 11:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/04/11 03:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2008/01/20 23:24:36 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2013/07/08 01:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/04/11 03:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009/04/11 03:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2011/03/02 12:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/01/20 23:25:01 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/04/11 03:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2008/01/20 23:24:09 | 000,288,256 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009/04/11 03:28:20 | 000,364,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/04/11 03:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008/01/20 23:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/20 23:24:11 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/20 23:24:23 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/20 23:23:44 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/20 23:24:47 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2009/04/11 03:28:25 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2010/08/17 11:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/16 11:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/04/11 03:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2008/01/20 23:24:19 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/04/11 03:28:24 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/04/11 03:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2008/01/20 23:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/16 11:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/04/11 03:28:26 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/09/06 13:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/10 08:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/04/11 03:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2010/11/04 15:55:12 | 000,601,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2009/04/11 03:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/10 08:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2009/04/11 03:28:23 | 000,153,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009/04/11 03:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009/04/11 03:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009/04/11 03:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/20 23:23:27 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/20 23:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/11 03:28:25 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2009/04/11 03:28:20 | 000,407,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009/04/11 03:28:25 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2009/04/11 03:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/04/11 03:28:25 | 000,162,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 19:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009/04/11 03:28:18 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/11 16:01:42 | 000,513,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/06/10 08:42:23 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
< %SYSTEMDRIVE%\*.exe >
[2008/05/08 02:03:22 | 000,303,616 | ---- | M] ( ) -- C:\SetACL.exe
[2004/06/11 20:33:28 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\subinacl.exe
< MD5 for: EXPLORER.EXE >
[2008/10/29 03:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 03:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 00:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 03:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/04/11 03:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 03:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 23:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 23:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: RPCSS.DLL >
[2009/03/03 01:39:32 | 000,551,424 | ---- | M] (Microsoft Corporation) MD5=301AE00E12408650BADDC04DBC832830 -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll
[2008/01/20 23:24:06 | 000,547,328 | ---- | M] (Microsoft Corporation) MD5=33FB1F0193EE2051067441492D56113C -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll
[2009/04/11 03:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) MD5=3B5B4D53FEC14F7476CA29A20CC31AC9 -- C:\Windows\ERDNT\cache\rpcss.dll
[2009/04/11 03:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) MD5=3B5B4D53FEC14F7476CA29A20CC31AC9 -- C:\Windows\System32\rpcss.dll
[2009/04/11 03:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) MD5=3B5B4D53FEC14F7476CA29A20CC31AC9 -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll
[2009/03/03 01:32:23 | 000,551,424 | ---- | M] (Microsoft Corporation) MD5=4DFCBDEF3CCAA98F99038DED78945253 -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll
[2009/03/03 01:19:41 | 000,549,888 | ---- | M] (Microsoft Corporation) MD5=7B981222A257D076885BFFB66F19B7CE -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll
[2009/03/03 01:17:45 | 000,550,400 | ---- | M] (Microsoft Corporation) MD5=B1BB45E24717A7F790B4411C4446EF5E -- C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll
< MD5 for: RPCSS.DLL.MUI >
[2006/11/02 09:40:53 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=04D8C6105AB52D757513B027040177BF -- C:\Windows\System32\en-US\rpcss.dll.mui
[2006/11/02 09:40:53 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=04D8C6105AB52D757513B027040177BF -- C:\Windows\winsxs\x86_microsoft-windows-c..qfe-rpcss.resources_31bf3856ad364e35_6.0.6000.16386_en-us_4639dc66263619e5\rpcss.dll.mui
< MD5 for: SERVICES >
[2006/09/18 18:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 18:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services
< MD5 for: SERVICES.CFG >
[2014/09/04 09:50:22 | 000,559,515 | ---- | M] () MD5=704FFA2F886780380DB96EF03E5FC512 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
< MD5 for: SERVICES.EXE >
[2008/01/20 23:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 03:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\ERDNT\cache\services.exe
[2009/04/11 03:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 03:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 09:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 09:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
< MD5 for: SERVICES.ICO >
[2005/12/14 22:21:08 | 000,007,318 | ---- | M] () MD5=9443DA63ACDF55D7D153D6B22E40722E -- C:\Program Files\Yahoo!\Common\icons\services.ico
< MD5 for: SERVICES.LNK >
[2008/01/20 23:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 23:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >
[2006/09/18 18:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 18:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 18:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof
< MD5 for: SERVICES.MSC >
[2006/11/02 09:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 18:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 09:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 18:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc
< MD5 for: SVCHOST.EXE >
[2008/01/20 23:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008/01/20 23:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 23:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: USERINIT.EXE >
[2008/01/20 23:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008/01/20 23:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 23:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/04/11 03:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/04/11 03:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 03:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 23:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< dir C:\ /S /A:L /C >
Volume in drive C is ACER
Volume Serial Number is 240E-99D1
Directory of C:\
02/11/2006 10:02 AM <JUNCTION> Documents and Settings [..]
0 File(s) 0 bytes
Directory of C:\ProgramData
02/11/2006 10:02 AM <JUNCTION> Application Data [..]
02/11/2006 10:02 AM <JUNCTION> Desktop [..]
02/11/2006 10:02 AM <JUNCTION> Documents [..]
02/11/2006 10:02 AM <JUNCTION> Favorites [..]
02/11/2006 10:02 AM <JUNCTION> Start Menu [..]
02/11/2006 10:02 AM <JUNCTION> Templates [..]
0 File(s) 0 bytes
Directory of C:\Users
02/11/2006 10:02 AM <SYMLINKD> All Users [C:\ProgramData]
02/11/2006 10:02 AM <JUNCTION> Default User [..]
0 File(s) 0 bytes
Directory of C:\Users\All Users
02/11/2006 10:02 AM <JUNCTION> Application Data [..]
02/11/2006 10:02 AM <JUNCTION> Desktop [..]
02/11/2006 10:02 AM <JUNCTION> Documents [..]
02/11/2006 10:02 AM <JUNCTION> Favorites [..]
02/11/2006 10:02 AM <JUNCTION> Start Menu [..]
02/11/2006 10:02 AM <JUNCTION> Templates [..]
0 File(s) 0 bytes
Directory of C:\Users\Allen
17/09/2008 09:03 PM <JUNCTION> Application Data [C:\Users\Allen\AppData\Roaming]
17/09/2008 09:03 PM <JUNCTION> Cookies [C:\Users\Allen\AppData\Roaming\Microsoft\Windows\Cookies]
17/09/2008 09:03 PM <JUNCTION> Local Settings [C:\Users\Allen\AppData\Local]
17/09/2008 09:03 PM <JUNCTION> My Documents [C:\Users\Allen\Documents]
17/09/2008 09:03 PM <JUNCTION> NetHood [C:\Users\Allen\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
17/09/2008 09:03 PM <JUNCTION> PrintHood [C:\Users\Allen\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
17/09/2008 09:03 PM <JUNCTION> Recent [C:\Users\Allen\AppData\Roaming\Microsoft\Windows\Recent]
17/09/2008 09:03 PM <JUNCTION> SendTo [C:\Users\Allen\AppData\Roaming\Microsoft\Windows\SendTo]
17/09/2008 09:03 PM <JUNCTION> Start Menu [C:\Users\Allen\AppData\Roaming\Microsoft\Windows\Start Menu]
17/09/2008 09:03 PM <JUNCTION> Templates [C:\Users\Allen\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Allen\AppData\Local
17/09/2008 09:03 PM <JUNCTION> Application Data [C:\Users\Allen\AppData\Local]
17/09/2008 09:03 PM <JUNCTION> History [C:\Users\Allen\AppData\Local\Microsoft\Windows\History]
17/09/2008 09:03 PM <JUNCTION> Temporary Internet Files [C:\Users\Allen\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Allen\AppData\LocalLow
05/06/2012 11:04 PM <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\Allen\Documents
17/09/2008 09:03 PM <JUNCTION> My Music [C:\Users\Allen\Music]
17/09/2008 09:03 PM <JUNCTION> My Pictures [C:\Users\Allen\Pictures]
17/09/2008 09:03 PM <JUNCTION> My Videos [C:\Users\Allen\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default
02/11/2006 10:02 AM <JUNCTION> Application Data [..]
02/11/2006 10:02 AM <JUNCTION> Local Settings [..]
02/11/2006 10:02 AM <JUNCTION> My Documents [..]
02/11/2006 10:02 AM <JUNCTION> NetHood [..]
02/11/2006 10:02 AM <JUNCTION> PrintHood [..]
02/11/2006 10:02 AM <JUNCTION> Recent [..]
02/11/2006 10:02 AM <JUNCTION> SendTo [..]
02/11/2006 10:02 AM <JUNCTION> Start Menu [..]
02/11/2006 10:02 AM <JUNCTION> Templates [..]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
02/11/2006 10:02 AM <JUNCTION> Application Data [..]
02/11/2006 10:02 AM <JUNCTION> History [..]
02/11/2006 10:02 AM <JUNCTION> Temporary Internet Files [..]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
02/11/2006 10:02 AM <JUNCTION> My Music [..]
02/11/2006 10:02 AM <JUNCTION> My Pictures [..]
02/11/2006 10:02 AM <JUNCTION> My Videos [..]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
02/11/2006 10:02 AM <JUNCTION> My Music [C:\Users\Public\Music]
02/11/2006 10:02 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
02/11/2006 10:02 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
16/01/2009 06:59 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
25/04/2011 01:07 AM <JUNCTION> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
16/01/2009 06:59 AM <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
16/01/2009 06:59 AM <JUNCTION> My Documents [C:\Windows\system32\config\systemprofile\Documents]
16/01/2009 06:59 AM <JUNCTION> NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
16/01/2009 06:59 AM <JUNCTION> PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
16/01/2009 06:59 AM <JUNCTION> Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
16/01/2009 06:59 AM <JUNCTION> SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
16/01/2009 06:59 AM <JUNCTION> Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
16/01/2009 06:59 AM <JUNCTION> Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
16/01/2009 06:59 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
16/01/2009 06:59 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
16/01/2009 06:59 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\Documents
16/01/2009 06:59 AM <JUNCTION> My Music [C:\Windows\system32\config\systemprofile\Music]
16/01/2009 06:59 AM <JUNCTION> My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
16/01/2009 06:59 AM <JUNCTION> My Videos [C:\Windows\system32\config\systemprofile\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
66 Dir(s) 165,381,890,048 bytes free
========== Files - Unicode (All) ==========
[2014/05/14 20:05:47 | 000,133,640 | ---- | M] ()(C:\Windows\System32\?) -- C:\Windows\System32\
[2014/05/14 20:05:47 | 000,133,640 | ---- | C] ()(C:\Windows\System32\?) -- C:\Windows\System32\
[2014/04/09 13:56:14 | 007,307,264 | ---- | M] ()(C:\Windows\System32\????????????????????????????????) -- C:\Windows\System32\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
[2014/04/06 18:06:26 | 007,307,264 | ---- | C] ()(C:\Windows\System32\????????????????????????????????) -- C:\Windows\System32\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
< End of report >
OTL.extra :
OTL Extras logfile created on: 23/09/2014 1:01:12 PM - Run 10
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Allen\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.99 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 48.59% Memory free
6.91 Gb Paging File | 4.73 Gb Available in Paging File | 68.43% Paging File free
Paging file location(s): c:\pagefile.sys 4096 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 154.10 Gb Free Space | 66.17% Space Free | Partition Type: NTFS
Computer Name: ALLEN-PC | User Name: Allen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption
"C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F03BE9-702D-47E7-8389-38DFD20C154E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0E27E1CE-38EB-4CFE-85A0-630709EECF46}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{1CD9FD8C-D3CF-4944-9398-FA6853649A8A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{396CE697-5AD3-422F-8E81-719CE1A61410}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{46CB0586-B703-4462-B535-ED32313470A8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C76D121-C306-41BD-A695-84DCCFF0828A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{55EC959B-16C6-4FC7-936C-7AE311B6DD58}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6CAF2A1E-AAB4-449E-8F3B-D964C1250063}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{76CF4495-535F-4E95-8C6B-879A88323B8E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7EAD6615-E48A-4932-A565-9D5BA1CD660D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8F04E194-ED65-4FA1-9EDC-E55A40D944F4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BD673127-28AE-4D20-A67C-D13822D08483}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D8CBD705-F234-4D00-B5D0-71E4557D7766}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{390E7292-8F7E-443E-8784-B7F50965A7B1}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1006mc.exe |
"{3947B629-6FBA-4962-8A79-545551BA0E0E}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{47620D60-F3FA-4BF0-A495-1D203C176DA8}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{48617D48-7F68-434D-8342-547FE235771E}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{58DCA8E1-C0CF-45B1-9030-C7D2468851DF}" = dir=in | app=c:\users\allen\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{642AC82C-7074-4757-9E5B-0381983DA5D0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6BDC7595-0823-450D-B246-90610F59F8B5}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{74D7467A-EEFF-44B9-A907-702E9A129F00}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{7D48202A-539A-4356-A2FE-88E5F9372552}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{A43D41CC-946D-4BF5-9DEE-9B49A12FF698}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{A619DE9B-E9A6-4B30-BFF3-E5BC3B852692}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{A8123CDB-6339-4EDC-B3BE-4B0AB039EA18}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1006mc.exe |
"{C9E71106-7B3B-4CFD-8DA6-D011E8B77B56}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{C9EF5EDA-50C2-4BE3-97E4-588F170D901D}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{E01BE071-B00A-491D-BB6A-556CA52ABD35}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{EF7CD1E1-272B-4F16-BBBD-B26D7FE38820}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F2DDA02E-CD32-4E79-9071-6112EE455060}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{FB6B0841-AEE2-4FC5-AF28-34DA925E84AC}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"TCP Query User{5C24DAE7-542C-4D56-B1A4-78BB24E21C26}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{ABA9C176-A253-44C7-8ED1-33F62868C50B}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{C17E2344-6137-465B-AAD7-44082193412C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{F10592A5-F603-4E2C-820C-146E3AF4244A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{1D334044-58D8-40A6-8171-FA7A85505F92}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{725C063C-259C-4DC9-B60C-A56B6230D1FF}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{AA4C98B2-CBED-4F05-BD2A-9B1555A857B1}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{BE179C4E-9D59-4E72-AC3B-3B90A91F09D7}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02C85EC5-E864-4847-AF55-42730861004C}" = MrvlUsgTracking
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.20
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Acer Crystal Eye
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}" = Kaspersky Internet Security
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{99072AB4-D795-44D5-9D65-E3C9F8322C97}" = TomTom HOME
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.12)
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer Crystal Eye Webcam
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FC57FC53-104C-415C-98D7-B05E659461A9}" = Broadcom Gigabit Integrated Controller
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"EPSON NX100 Series" = EPSON NX100 Series Printer Uninstall
"GridVista" = Acer GridVista
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}" = Kaspersky Internet Security
"LManager" = Launch Manager
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"PROHYBRIDR" = 2007 Microsoft Office system
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 0.9.2
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Customizations" = Yahoo! Extras
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"YInstHelper" = Yahoo! Install Manager
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-534116950-1332898044-2559044525-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22/09/2014 10:45:56 AM | Computer Name = Allen-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 22/09/2014 10:45:56 AM | Computer Name = Allen-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 22/09/2014 10:45:56 AM | Computer Name = Allen-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 22/09/2014 10:45:56 AM | Computer Name = Allen-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 22/09/2014 10:45:57 AM | Computer Name = Allen-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 22/09/2014 10:45:57 AM | Computer Name = Allen-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 22/09/2014 10:45:57 AM | Computer Name = Allen-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 22/09/2014 10:45:57 AM | Computer Name = Allen-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 22/09/2014 5:23:20 PM | Computer Name = Allen-PC | Source = Google Update | ID = 20
Description =
Error - 23/09/2014 7:38:25 AM | Computer Name = Allen-PC | Source = Google Update | ID = 20
Description =
[ Media Center Events ]
Error - 28/10/2008 3:37:29 PM | Computer Name = Allen-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 06/11/2008 12:54:27 AM | Computer Name = Allen-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 12/01/2009 2:48:58 PM | Computer Name = Allen-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 13/02/2009 4:20:53 PM | Computer Name = Allen-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 01/04/2009 12:40:50 PM | Computer Name = Allen-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 29/04/2009 10:19:53 PM | Computer Name = Allen-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 07/05/2009 1:28:56 PM | Computer Name = Allen-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 20/09/2014 7:51:37 PM | Computer Name = Allen-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 20/09/2014 7:54:33 PM | Computer Name = Allen-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 21/09/2014 12:05:42 AM | Computer Name = Allen-PC | Source = DCOM | ID = 10010
Description =
Error - 21/09/2014 11:26:35 AM | Computer Name = Allen-PC | Source = DCOM | ID = 10016
Description =
Error - 21/09/2014 11:26:37 AM | Computer Name = Allen-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21/09/2014 2:53:48 PM | Computer Name = Allen-PC | Source = DCOM | ID = 10016
Description =
Error - 21/09/2014 2:53:49 PM | Computer Name = Allen-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22/09/2014 10:40:46 AM | Computer Name = Allen-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:26:50 AM on 22/09/2014 was unexpected.
Error - 22/09/2014 10:40:54 AM | Computer Name = Allen-PC | Source = DCOM | ID = 10016
Description =
Error - 22/09/2014 10:40:56 AM | Computer Name = Allen-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >