Computer Hope
Microsoft => Microsoft Windows => Windows Vista and 7 => Topic started by: kelseyman on November 11, 2010, 11:38:18 PM
-
ok i'll copy and paste the errors how i saw it described in a previous post. theres 7 errors altogether
Version=1
EventType=BlueScreen
EventTime=129335740779031462
ReportType=4
Consent=1
UploadTime=129335740826143462
Response.type=4
DynamicSig[1].Name=OS Version
DynamicSig[1].Value=6.0.6002.2.2.0.768.3
DynamicSig[2].Name=Locale ID
DynamicSig[2].Value=2057
UI[2]=C:\Windows\system32\wer.dll
UI[3]=Windows has recovered from an unexpected shutdown
UI[4]=Windows can check online for a solution to the problem.
UI[5]=&Check for solution
UI[6]=&Check later
UI[7]=Cancel
UI[8]=Windows has recovered from an unexpected shutdown
UI[9]=A problem caused Windows to stop working correctly. Windows will notify you if a solution is available.
UI[10]=Close
Sec[0].Key=BCCode
Sec[0].Value=50
Sec[1].Key=BCP1
Sec[1].Value=B3B3B3B3
Sec[2].Key=BCP2
Sec[2].Value=00000000
Sec[3].Key=BCP3
Sec[3].Value=8C0FFC04
Sec[4].Key=BCP4
Sec[4].Value=00000000
Sec[5].Key=OS Version
Sec[5].Value=6_0_6002
Sec[6].Key=Service Pack
Sec[6].Value=2_0
Sec[7].Key=Product
Sec[7].Value=768_1
State[0].Key=Transport.DoneStage1
State[0].Value=1
State[1].Key=CA
State[1].Value=1
State[2].Key=BLOB
State[2].Value=CHKSUM=1561B60BF6C0EBC945EF4AEA93C03D7C;BID=OCATAG;ID=131740cf-c2a4-489e-8e51-135c355e7509;SUB=11//6//2010 8:27:16 PM
File[0].CabName=Mini110710-01.dmp
File[0].Path=Mini110710-01.dmp
File[0].Flags=851970
File[0].Type=2
File[1].CabName=sysdata.xml
File[1].Path=WER-61011-0.sysdata.xml
File[1].Flags=851970
File[1].Type=5
File[2].CabName=Version.txt
File[2].Path=WER4EEA.tmp.version.txt
File[2].Flags=851971
File[2].Type=5
File[3].CabName=Report.cab
File[3].Path=Report.cab
File[3].Flags=196608
File[3].Type=7
FriendlyEventName=Shut down unexpectedly
ConsentKey=BlueScreen
AppName=Windows
AppPath=C:\Windows\System32\WerFault.exe
Version=1
EventType=BlueScreen
EventTime=129335740930507462
ReportType=4
Consent=1
UploadTime=129335740930663462
Response.Str=http:////wer.microsoft.com//responses//resredir.aspx?sid=13692&Bucket=0xC5_2_nt!ExAllocatePoolWithTag+4ca&ID=780f1dd5-7993-46b1-bd14-e68c037f29c5
DynamicSig[1].Name=OS Version
DynamicSig[1].Value=6.0.6002.2.2.0.768.3
DynamicSig[2].Name=Locale ID
DynamicSig[2].Value=2057
UI[2]=C:\Windows\system32\wer.dll
UI[3]=Windows has recovered from an unexpected shutdown
UI[5]=&Check for solution
UI[6]=&Check later
UI[7]=Cancel
UI[8]=Windows has recovered from an unexpected shutdown
UI[9]=A problem caused Windows to stop working correctly. Windows will notify you if a solution is available.
UI[10]=Close
Sec[0].Key=BCCode
Sec[0].Value=c5
Sec[1].Key=BCP1
Sec[1].Value=6B0DD01F
Sec[2].Key=BCP2
Sec[2].Value=00000002
Sec[3].Key=BCP3
Sec[3].Value=00000001
Sec[4].Key=BCP4
Sec[4].Value=81D08010
Sec[5].Key=OS Version
Sec[5].Value=6_0_6002
Sec[6].Key=Service Pack
Sec[6].Value=2_0
Sec[7].Key=Product
Sec[7].Value=768_1
State[0].Key=Transport.DoneStage1
State[0].Value=1
State[1].Key=CA
State[1].Value=1
State[2].Key=BLOB
State[2].Value=CHKSUM=C21B49C48193D7957036B882F2ED5CF7;BID=OCATAG;ID=780f1dd5-7993-46b1-bd14-e68c037f29c5;SID=13692;SUB=11//6//2010 8:27:25 PM
File[0].CabName=Mini110410-01.dmp
File[0].Path=Mini110410-01.dmp
File[0].Flags=589826
File[0].Type=2
File[1].CabName=sysdata.xml
File[1].Path=WER-61011-0.sysdata.xml
File[1].Flags=589826
File[1].Type=5
File[2].CabName=Version.txt
File[2].Path=WER89E4.tmp.version.txt
File[2].Flags=589827
File[2].Type=5
File[3].CabName=Report.cab
File[3].Path=Report.cab
File[3].Flags=196608
File[3].Type=7
FriendlyEventName=Shut down unexpectedly
ConsentKey=BlueScreen
AppName=Windows
AppPath=C:\Windows\System32\WerFault.exe
Version=1
EventType=BlueScreen
EventTime=129339072933031833
ReportType=4
Consent=1
UploadTime=129339072964699833
Response.type=4
DynamicSig[1].Name=OS Version
DynamicSig[1].Value=6.0.6002.2.2.0.768.3
DynamicSig[2].Name=Locale ID
DynamicSig[2].Value=2057
UI[2]=C:\Windows\system32\wer.dll
UI[3]=Windows has recovered from an unexpected shutdown
UI[4]=Windows can check online for a solution to the problem.
UI[5]=&Check for solution
UI[6]=&Check later
UI[7]=Cancel
UI[8]=Windows has recovered from an unexpected shutdown
UI[9]=A problem caused Windows to stop working correctly. Windows will notify you if a solution is available.
UI[10]=Close
Sec[0].Key=BCCode
Sec[0].Value=a
Sec[1].Key=BCP1
Sec[1].Value=B7B7B7B7
Sec[2].Key=BCP2
Sec[2].Value=00000002
Sec[3].Key=BCP3
Sec[3].Value=00000001
Sec[4].Key=BCP4
Sec[4].Value=81C20FF9
Sec[5].Key=OS Version
Sec[5].Value=6_0_6002
Sec[6].Key=Service Pack
Sec[6].Value=2_0
Sec[7].Key=Product
Sec[7].Value=768_1
State[0].Key=Transport.DoneStage1
State[0].Value=1
State[1].Key=CA
State[1].Value=1
State[2].Key=BLOB
State[2].Value=CHKSUM=8D925E83741374D1CF0488F050072B16;BID=OCATAG;ID=d4d018b6-d526-4f80-9e16-df938182e8bb;SUB=11//10//2010 4:00:48 PM
File[0].CabName=Mini111110-01.dmp
File[0].Path=Mini111110-01.dmp
File[0].Flags=851970
File[0].Type=2
File[1].CabName=sysdata.xml
File[1].Path=WER-74209-0.sysdata.xml
File[1].Flags=851970
File[1].Type=5
File[2].CabName=Version.txt
File[2].Path=WER72ED.tmp.version.txt
File[2].Flags=851971
File[2].Type=5
File[3].CabName=Report.cab
File[3].Path=Report.cab
File[3].Flags=196608
File[3].Type=7
FriendlyEventName=Shut down unexpectedly
ConsentKey=BlueScreen
AppName=Windows
AppPath=C:\Windows\System32\WerFault.exe
Version=1
EventType=BlueScreen
EventTime=129335740779031462
ReportType=4
Consent=1
UploadTime=129335740826143462
Response.type=4
DynamicSig[1].Name=OS Version
DynamicSig[1].Value=6.0.6002.2.2.0.768.3
DynamicSig[2].Name=Locale ID
DynamicSig[2].Value=2057
UI[2]=C:\Windows\system32\wer.dll
UI[3]=Windows has recovered from an unexpected shutdown
UI[4]=Windows can check online for a solution to the problem.
UI[5]=&Check for solution
UI[6]=&Check later
UI[7]=Cancel
UI[8]=Windows has recovered from an unexpected shutdown
UI[9]=A problem caused Windows to stop working correctly. Windows will notify you if a solution is available.
UI[10]=Close
Sec[0].Key=BCCode
Sec[0].Value=50
Sec[1].Key=BCP1
Sec[1].Value=B3B3B3B3
Sec[2].Key=BCP2
Sec[2].Value=00000000
Sec[3].Key=BCP3
Sec[3].Value=8C0FFC04
Sec[4].Key=BCP4
Sec[4].Value=00000000
Sec[5].Key=OS Version
Sec[5].Value=6_0_6002
Sec[6].Key=Service Pack
Sec[6].Value=2_0
Sec[7].Key=Product
Sec[7].Value=768_1
State[0].Key=Transport.DoneStage1
State[0].Value=1
State[1].Key=CA
State[1].Value=1
State[2].Key=BLOB
State[2].Value=CHKSUM=1561B60BF6C0EBC945EF4AEA93C03D7C;BID=OCATAG;ID=131740cf-c2a4-489e-8e51-135c355e7509;SUB=11//6//2010 8:27:16 PM
File[0].CabName=Mini110710-01.dmp
File[0].Path=Mini110710-01.dmp
File[0].Flags=851970
File[0].Type=2
File[1].CabName=sysdata.xml
File[1].Path=WER-61011-0.sysdata.xml
File[1].Flags=851970
File[1].Type=5
File[2].CabName=Version.txt
File[2].Path=WER4EEA.tmp.version.txt
File[2].Flags=851971
File[2].Type=5
File[3].CabName=Report.cab
File[3].Path=Report.cab
File[3].Flags=196608
File[3].Type=7
FriendlyEventName=Shut down unexpectedly
ConsentKey=BlueScreen
AppName=Windows
AppPath=C:\Windows\System32\WerFault.exe
Version=1
EventType=BlueScreen
EventTime=129335740930507462
ReportType=4
Consent=1
UploadTime=129335740930663462
Response.Str=http:////wer.microsoft.com//responses//resredir.aspx?sid=13692&Bucket=0xC5_2_nt!ExAllocatePoolWithTag+4ca&ID=780f1dd5-7993-46b1-bd14-e68c037f29c5
DynamicSig[1].Name=OS Version
DynamicSig[1].Value=6.0.6002.2.2.0.768.3
DynamicSig[2].Name=Locale ID
DynamicSig[2].Value=2057
UI[2]=C:\Windows\system32\wer.dll
UI[3]=Windows has recovered from an unexpected shutdown
UI[5]=&Check for solution
UI[6]=&Check later
UI[7]=Cancel
UI[8]=Windows has recovered from an unexpected shutdown
UI[9]=A problem caused Windows to stop working correctly. Windows will notify you if a solution is available.
UI[10]=Close
Sec[0].Key=BCCode
Sec[0].Value=c5
Sec[1].Key=BCP1
Sec[1].Value=6B0DD01F
Sec[2].Key=BCP2
Sec[2].Value=00000002
Sec[3].Key=BCP3
Sec[3].Value=00000001
Sec[4].Key=BCP4
Sec[4].Value=81D08010
Sec[5].Key=OS Version
Sec[5].Value=6_0_6002
Sec[6].Key=Service Pack
Sec[6].Value=2_0
Sec[7].Key=Product
Sec[7].Value=768_1
State[0].Key=Transport.DoneStage1
State[0].Value=1
State[1].Key=CA
State[1].Value=1
State[2].Key=BLOB
State[2].Value=CHKSUM=C21B49C48193D7957036B882F2ED5CF7;BID=OCATAG;ID=780f1dd5-7993-46b1-bd14-e68c037f29c5;SID=13692;SUB=11//6//2010 8:27:25 PM
File[0].CabName=Mini110410-01.dmp
File[0].Path=Mini110410-01.dmp
File[0].Flags=589826
File[0].Type=2
File[1].CabName=sysdata.xml
File[1].Path=WER-61011-0.sysdata.xml
File[1].Flags=589826
File[1].Type=5
File[2].CabName=Version.txt
File[2].Path=WER89E4.tmp.version.txt
File[2].Flags=589827
File[2].Type=5
File[3].CabName=Report.cab
File[3].Path=Report.cab
File[3].Flags=196608
File[3].Type=7
FriendlyEventName=Shut down unexpectedly
ConsentKey=BlueScreen
AppName=Windows
AppPath=C:\Windows\System32\WerFault.exe
Version=1
EventType=BlueScreen
EventTime=129339072933031833
ReportType=4
Consent=1
UploadTime=129339072964699833
Response.type=4
DynamicSig[1].Name=OS Version
DynamicSig[1].Value=6.0.6002.2.2.0.768.3
DynamicSig[2].Name=Locale ID
DynamicSig[2].Value=2057
UI[2]=C:\Windows\system32\wer.dll
UI[3]=Windows has recovered from an unexpected shutdown
UI[4]=Windows can check online for a solution to the problem.
UI[5]=&Check for solution
UI[6]=&Check later
UI[7]=Cancel
UI[8]=Windows has recovered from an unexpected shutdown
UI[9]=A problem caused Windows to stop working correctly. Windows will notify you if a solution is available.
UI[10]=Close
Sec[0].Key=BCCode
Sec[0].Value=a
Sec[1].Key=BCP1
Sec[1].Value=B7B7B7B7
Sec[2].Key=BCP2
Sec[2].Value=00000002
Sec[3].Key=BCP3
Sec[3].Value=00000001
Sec[4].Key=BCP4
Sec[4].Value=81C20FF9
Sec[5].Key=OS Version
Sec[5].Value=6_0_6002
Sec[6].Key=Service Pack
Sec[6].Value=2_0
Sec[7].Key=Product
Sec[7].Value=768_1
State[0].Key=Transport.DoneStage1
State[0].Value=1
State[1].Key=CA
State[1].Value=1
State[2].Key=BLOB
State[2].Value=CHKSUM=8D925E83741374D1CF0488F050072B16;BID=OCATAG;ID=d4d018b6-d526-4f80-9e16-df938182e8bb;SUB=11//10//2010 4:00:48 PM
File[0].CabName=Mini111110-01.dmp
File[0].Path=Mini111110-01.dmp
File[0].Flags=851970
File[0].Type=2
File[1].CabName=sysdata.xml
File[1].Path=WER-74209-0.sysdata.xml
File[1].Flags=851970
File[1].Type=5
File[2].CabName=Version.txt
File[2].Path=WER72ED.tmp.version.txt
File[2].Flags=851971
File[2].Type=5
File[3].CabName=Report.cab
File[3].Path=Report.cab
File[3].Flags=196608
File[3].Type=7
FriendlyEventName=Shut down unexpectedly
ConsentKey=BlueScreen
AppName=Windows
AppPath=C:\Windows\System32\WerFault.exe
this first started to happen after i re-installed everything
i wiped the computer down then re-installed the os and all i had on it before from the recovery disks.
since that i get bsod
any help would be greatly appreciated
many thanks in advance
-
Download BlueScreenView:
http://www.nirsoft.net/utils/blue_screen_view.html
unzip downloaded file and double click on BlueScreenView.exe to run the program.
when scanning is done, go to EDIT - Select All
Go to FILE - SAVE Selected Items, and save the report as BSOD.txt
Open BSOD.txt in Notepad, copy all of the content, and paste it into your next reply
-
ok i think i have it right this time,i followed what you said and this is what came out.
==================================================
Dump File : Mini111110-02.dmp
Crash Time : 11/11/2010 04:29:50
Bug Check String : DRIVER_CORRUPTED_EXPOOL
Bug Check Code : 0x000000c5
Parameter 1 : 0xb7b7b7bb
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x81cf8010
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+4dfd9
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18267 (vistasp2_gdr.100608-0458)
Processor : 32-bit
Computer Name :
Full Path : C:\Windows\MiniDump\Mini111110-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
==================================================
==================================================
Dump File : Mini111110-01.dmp
Crash Time : 11/11/2010 00:00:51
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0xb7b7b7b7
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x81c20ff9
Caused By Driver : hal.dll
Caused By Address : hal.dll+3ff9
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
Computer Name :
Full Path : C:\Windows\MiniDump\Mini111110-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
==================================================
==================================================
Dump File : Mini110710-01.dmp
Crash Time : 07/11/2010 03:27:12
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : 0xb3b3b3b3
Parameter 2 : 0x00000000
Parameter 3 : 0x8c0ffc04
Parameter 4 : 0x00000000
Caused By Driver : dxgkrnl.sys
Caused By Address : dxgkrnl.sys+93e9a
File Description : DirectX Graphics Kernel
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 7.0.6002.18107 (vistasp2_gdr_win7ip_dgt(wmbla).090924-1550)
Processor : 32-bit
Computer Name :
Full Path : C:\Windows\MiniDump\Mini110710-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
==================================================
==================================================
Dump File : Mini110410-01.dmp
Crash Time : 04/11/2010 22:37:26
Bug Check String : DRIVER_CORRUPTED_EXPOOL
Bug Check Code : 0x000000c5
Parameter 1 : 0x6b0dd01f
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x81d08010
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+4dfd9
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18267 (vistasp2_gdr.100608-0458)
Processor : 32-bit
Computer Name :
Full Path : C:\Windows\MiniDump\Mini110410-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
==================================================
ok that should be it
thats everything that the little program from nirsoft came out with.
manythanks for takin the time to help me out
-
At what point do you get the blue screen?
Preliminary guess is bad ram, bad mobo or bad power supply.
-
in answer to your question i bought the computer brand new a few years ago,i haven't opened it or tampered with it in any way.
i noticed a while ago it was goin a little slower than usual and there were a few other problems,so i reformatted the drive and re-installed everything from the recovery disks.
when i last had a bsod i had quite a few things runnin,msn messenger with my web cam on, a few web pages open and music playin.
its happened four times now so i'd like to try and remedy the problem if thats goin to be possible
many thanks for your time
-
Open device manager. Any errors?
-
nope there's no errors in device manager
-
Okay. Then I suggest you download memtest (http://www.memtest.org/), burn it to a cd and run it. If that doesn't show any errors you can run chkdsk /r on your hd, though I doubt that's the problem. Let's see where we are after these two actions. Could still be a bad mobo or ps - but either way I think it's likely a hw issue.
-
ok i've done a memory test and thats just fine, done the check disk thing and thats just fine.
-
How long ago did you format the drive?
Are you doing anything in particular, when BSOD happen?
Are Windows and your AV program up to date?
-
@broni
i formatted the drive no more than six months ago and have always up dated it as and when it asked me too.
all i am doin when the bsod happens is just normal stuff, surfin, talkin on cam, and playin music.
nothing that would really tax the computer,thius is why i have a problem seein how there can be anything wrong with the computer.
-
Download System Information for Windows (http://www.gtopala.com/siw-download.html) (SIW free version)
No installation required.
After it scans your computer, navigate to Hardware>Sensors and post all info from there.
(http://209.85.48.8/228/109/upload/p4467438.gif)
-
there ya go i think thats how you described how to do it. hope thats the right info for you
Sensor Value Min Max
SIMON-PC
ITE IT87
Voltages
CPU VCORE 1.23 V 1.23 V 1.30 V
VIN1 2.03 V 2.03 V 2.03 V
+3.3V 3.18 V 3.17 V 3.18 V
+5V 4.97 V 4.97 V 5.03 V
+12V 12.16 V 12.03 V 12.16 V
-12V -3.20 V -3.20 V -3.20 V
-5V -7.17 V -7.17 V -7.17 V
+5V VCCH 4.89 V 4.87 V 4.89 V
VBAT 3.15 V 3.15 V 3.15 V
Temperatures
TMPIN0 42 °C (107 °F) 40 °C (103 °F) 49 °C (120 °F)
TMPIN1 43 °C (109 °F) 43 °C (109 °F) 44 °C (111 °F)
TMPIN2 25 °C (76 °F) 25 °C (76 °F) 25 °C (76 °F)
Fans
FANIN0 1739 RPM 1588 RPM 2710 RPM
Fans PWM
FANPWM0 0 % 0 % 0 %
FANPWM1 0 % 0 % 0 %
FANPWM2 0 % 0 % 0 %
Intel Core 2 Duo E4500
Temperatures
Core #0 43 °C (109 °F) 43 °C (109 °F) 52 °C (125 °F)
Core #1 42 °C (107 °F) 42 °C (107 °F) 51 °C (123 °F)
NVIDIA GeForce 8400 GS
Temperatures
GPU Core 74 °C (165 °F) 74 °C (165 °F) 74 °C (165 °F)
ST3250820AS
Temperatures
Assembly 44 °C (111 °F) 44 °C (111 °F) 44 °C (111 °F)
Air Flow 44 °C (111 °F) 44 °C (111 °F) 44 °C (111 °F)
SIMON-PC (PACKARD BELL BV IMEDIA J2412)
ITE IT87
Voltages
CPU VCORE 1.28 V 1.23 V 1.30 V
VIN1 2.03 V 2.03 V 2.03 V
+3.3V 3.17 V 3.17 V 3.18 V
+5V 5.00 V 4.97 V 5.03 V
+12V 12.03 V 12.03 V 12.16 V
-12V -3.20 V -3.20 V -3.20 V
-5V -7.17 V -7.17 V -7.17 V
+5V VCCH 4.87 V 4.87 V 4.89 V
VBAT 3.15 V 3.15 V 3.15 V
Temperatures
TMPIN0 41 °C (105 °F) 40 °C (103 °F) 49 °C (120 °F)
TMPIN1 43 °C (109 °F) 43 °C (109 °F) 44 °C (111 °F)
TMPIN2 25 °C (76 °F) 25 °C (76 °F) 25 °C (76 °F)
Fans
FANIN0 1591 RPM 1588 RPM 2710 RPM
Fans PWM
FANPWM0 0 % 0 % 0 %
FANPWM1 0 % 0 % 0 %
FANPWM2 0 % 0 % 0 %
Intel Core 2 Duo E4500
Temperatures
Core #0 45 °C (112 °F) 44 °C (111 °F) 52 °C (125 °F)
Core #1 43 °C (109 °F) 42 °C (107 °F) 51 °C (123 °F)
NVIDIA GeForce 8400 GS
Temperatures
GPU Core 74 °C (165 °F) 74 °C (165 °F) 74 °C (165 °F)
ST3250820AS
Temperatures
Assembly 44 °C (111 °F) 44 °C (111 °F) 44 °C (111 °F)
Air Flow 44 °C (111 °F) 44 °C (111 °F) 44 °C (111 °F)
-
Max. temp. for your CPU is listed at 73.3C, so you should be OK, but let's double check...
Start couple of extra programs, play some video and report back with new numbers.
Mostly, I need these:
Temperatures
Core #0 45 °C (112 °F) 44 °C (111 °F) 52 °C (125 °F)
Core #1 43 °C (109 °F) 42 °C (107 °F) 51 °C (123 °F)
NVIDIA GeForce 8400 GS
Temperatures
GPU Core 74 °C (165 °F) 74 °C (165 °F) 74 °C (165 °F)
-
@ broni
i've run it for a few hours now with multiple applications runnin.
Sensor Value Min Max
SIMON-PC
ITE IT87
Voltages
CPU VCORE 1.28 V 1.23 V 1.28 V
VIN1 2.03 V 2.03 V 2.03 V
+3.3V 3.18 V 3.17 V 3.18 V
+5V 5.00 V 4.97 V 5.03 V
+12V 12.10 V 12.03 V 12.10 V
-12V -3.20 V -3.26 V -3.20 V
-5V -7.17 V -7.17 V -7.17 V
+5V VCCH 4.89 V 4.87 V 4.89 V
VBAT 3.15 V 3.15 V 3.15 V
Temperatures
TMPIN0 47 °C (116 °F) 44 °C (111 °F) 51 °C (123 °F)
TMPIN1 45 °C (112 °F) 45 °C (112 °F) 45 °C (112 °F)
TMPIN2 25 °C (76 °F) 25 °C (76 °F) 25 °C (76 °F)
Fans
FANIN0 2596 RPM 2327 RPM 3000 RPM
Fans PWM
FANPWM0 0 % 0 % 0 %
FANPWM1 0 % 0 % 0 %
FANPWM2 0 % 0 % 0 %
Intel Core 2 Duo E4500
Temperatures
Core #0 48 °C (118 °F) 47 °C (116 °F) 53 °C (127 °F)
Core #1 48 °C (118 °F) 46 °C (114 °F) 53 °C (127 °F)
NVIDIA GeForce 8400 GS
Temperatures
GPU Core 74 °C (165 °F) 74 °C (165 °F) 75 °C (166 °F)
ST3250820AS
Temperatures
Assembly 43 °C (109 °F) 42 °C (107 °F) 43 °C (109 °F)
Air Flow 43 °C (109 °F) 42 °C (107 °F) 43 °C (109 °F)
SIMON-PC (PACKARD BELL BV IMEDIA J2412)
ITE IT87
Voltages
CPU VCORE 1.26 V 1.23 V 1.28 V
VIN1 2.03 V 2.03 V 2.03 V
+3.3V 3.17 V 3.17 V 3.18 V
+5V 5.00 V 4.97 V 5.03 V
+12V 12.10 V 12.03 V 12.10 V
-12V -3.20 V -3.26 V -3.20 V
-5V -7.17 V -7.17 V -7.17 V
+5V VCCH 4.89 V 4.87 V 4.89 V
VBAT 3.15 V 3.15 V 3.15 V
Temperatures
TMPIN0 47 °C (116 °F) 44 °C (111 °F) 51 °C (123 °F)
TMPIN1 45 °C (112 °F) 45 °C (112 °F) 45 °C (112 °F)
TMPIN2 25 °C (76 °F) 25 °C (76 °F) 25 °C (76 °F)
Fans
FANIN0 2606 RPM 2327 RPM 3000 RPM
Fans PWM
FANPWM0 0 % 0 % 0 %
FANPWM1 0 % 0 % 0 %
FANPWM2 0 % 0 % 0 %
Intel Core 2 Duo E4500
Temperatures
Core #0 51 °C (123 °F) 47 °C (116 °F) 53 °C (127 °F)
Core #1 48 °C (118 °F) 46 °C (114 °F) 53 °C (127 °F)
NVIDIA GeForce 8400 GS
Temperatures
GPU Core 74 °C (165 °F) 74 °C (165 °F) 75 °C (166 °F)
ST3250820AS
Temperatures
Assembly 43 °C (109 °F) 42 °C (107 °F) 43 °C (109 °F)
Air Flow 43 °C (109 °F) 42 °C (107 °F) 43 °C (109 °F)
-
That's not it.
Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your Desktop.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Under the Custom Scan box paste this in:
netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop
- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
-
ok this is the text from the test you asked me to do
OTL logfile created on: 14/11/2010 19:50:03 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Simon\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224.88 Gb Total Space | 164.24 Gb Free Space | 73.03% Space Free | Partition Type: NTFS
Computer Name: SIMON-PC | User Name: Simon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/11/14 19:39:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Simon\Downloads\OTL.exe
PRC - [2010/11/03 00:00:39 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/11/03 00:00:38 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/16 12:42:12 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/10/11 12:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/10/11 12:58:12 | 000,725,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/10/06 17:24:38 | 000,652,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/10/06 17:24:36 | 001,065,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2010/10/06 17:24:08 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/06 17:24:08 | 000,647,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/09/22 23:28:10 | 000,025,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010/09/15 05:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/09/07 03:50:22 | 001,047,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2010/06/09 00:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/08/23 00:03:00 | 000,028,672 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\V0350Mon.exe
PRC - [2007/07/19 13:32:34 | 001,120,568 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
PRC - [2007/03/01 14:38:48 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/01/18 12:03:10 | 000,099,896 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\FIJI\AOSD.exe
PRC - [2007/01/18 12:03:00 | 000,079,416 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\FIJI\ABoard.exe
PRC - [2007/01/11 10:40:22 | 000,232,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2007/01/11 10:40:18 | 000,017,656 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
========== Modules (SafeList) ==========
MOD - [2010/11/14 19:39:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Simon\Downloads\OTL.exe
MOD - [2010/08/31 15:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/10/11 12:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/09/23 00:21:24 | 001,493,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/09/22 16:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/06/14 14:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/25 01:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008/01/19 07:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/10/16 18:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/09/23 00:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2010/09/13 16:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:49:00 | 000,298,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 21:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 21:42:38 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/19 21:42:36 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/02/26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/02/26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/02/26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/02/26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/04/11 04:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/01/19 07:41:25 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007/08/29 00:03:00 | 000,170,368 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\V0350Vid.sys -- (VF0350Vid) Live! Cam Video IM (VF0350)
DRV - [2007/06/11 00:01:02 | 000,142,656 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\V0350Afx.sys -- (VF0350Afx)
DRV - [2007/03/05 17:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\V0350Vfx.sys -- (VF0350Vfx)
DRV - [2007/03/01 15:21:10 | 001,744,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/11/02 09:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 09:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 09:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 09:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 09:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 09:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 09:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 09:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 09:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 09:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 09:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 09:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 09:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 09:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 09:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 09:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 09:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 09:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 09:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 09:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 09:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 09:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 09:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 09:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 09:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 09:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 09:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 09:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 09:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 09:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 09:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 09:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 09:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 08:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 08:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 08:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 08:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 08:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 08:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 07:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 07:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/11/02 07:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginen ame: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1151
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/11/12 21:52:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/11 00:44:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/03 00:00:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/08/09 16:19:49 | 000,000,000 | ---D | M]
[2010/08/09 17:26:20 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Mozilla\Extensions
[2010/11/13 20:06:44 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\d7avfsz6.default\extensions
[2010/09/03 23:42:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\d7avfsz6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/30 10:37:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/08/25 07:43:45 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/09/03 23:42:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/30 10:37:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2007/08/25 07:43:36 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/08/29 15:36:38 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/11/03 00:00:41 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/11/03 00:00:41 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/11/03 00:00:42 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/11/03 00:00:42 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ACTIVBOARD] C:\Program Files\Packard Bell\FIJI\ABoard.exe (Packard Bell BV)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [V0350Mon.exe] C:\Windows\V0350Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (AVGRSSTX.DLL) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010/11/13 20:58:47 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/11/13 20:58:19 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/11/13 19:31:34 | 000,000,000 | ---D | C] -- C:\ProgramData\ReviverSoft
[2010/11/13 19:30:51 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\OpenCandy
[2010/11/13 19:30:49 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\OpenCandy
[2010/11/13 02:06:53 | 000,000,000 | ---D | C] -- C:\Users\Simon\Desktop\notes and links to myself
[2010/11/13 01:14:59 | 000,000,000 | ---D | C] -- C:\Users\Simon\Documents\Updater5
[2010/11/12 21:57:50 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Roaming\AVG10
[2010/11/12 21:53:31 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/11/12 21:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/11/12 21:52:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2010/11/12 21:45:57 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/11/04 22:37:19 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/11/03 16:19:37 | 000,000,000 | ---D | C] -- C:\Windows\en
[2010/11/02 14:29:56 | 000,000,000 | ---D | C] -- C:\Users\Simon\AppData\Local\Windows Live
[2010/09/04 18:00:51 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Simon\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 30 Days ==========
[2010/11/14 19:30:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator.job
[2010/11/14 18:55:26 | 000,617,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/11/14 18:55:26 | 000,111,958 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/11/14 18:51:59 | 099,194,032 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2010/11/14 18:48:16 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/14 18:48:16 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/14 18:48:12 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-Simon-Startup.job
[2010/11/14 18:48:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/13 21:55:45 | 000,000,000 | ---- | M] () -- C:\Users\Simon\AppData\Local\prvlcl.dat
[2010/11/13 19:46:18 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/11/13 19:46:17 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/11/13 02:00:15 | 216,219,668 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/11/13 00:25:44 | 000,000,833 | ---- | M] () -- C:\Users\Simon\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG 2011.lnk
[2010/11/12 02:59:05 | 000,643,584 | ---- | M] () -- C:\Users\Simon\Documents\Copy of music database.xls
[2010/11/09 03:53:00 | 000,022,528 | ---- | M] () -- C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/07 03:03:08 | 001,579,343 | ---- | M] () -- C:\Users\Simon\Documents\003.JPG
[2010/11/04 16:02:01 | 000,345,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/10/16 18:55:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/10/16 18:55:00 | 000,004,962 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
========== Files Created - No Company Name ==========
[2010/11/14 18:51:59 | 099,194,032 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2010/11/13 19:32:32 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\Registry Reviver-Simon-Startup.job
[2010/11/13 00:25:44 | 000,000,833 | ---- | C] () -- C:\Users\Simon\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG 2011.lnk
[2010/11/12 02:59:04 | 000,643,584 | ---- | C] () -- C:\Users\Simon\Documents\Copy of music database.xls
[2010/11/07 02:58:50 | 001,579,343 | ---- | C] () -- C:\Users\Simon\Documents\003.JPG
[2010/11/04 22:37:09 | 216,219,668 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/09/05 00:44:23 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/09/05 00:44:18 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/09/04 18:01:54 | 000,000,671 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\vso_ts_preview.xml
[2010/09/04 18:01:34 | 000,000,034 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\pcouffin.log
[2010/09/04 18:00:51 | 000,087,608 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\inst.exe
[2010/09/04 18:00:51 | 000,007,887 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\pcouffin.cat
[2010/09/04 18:00:51 | 000,001,144 | ---- | C] () -- C:\Users\Simon\AppData\Roaming\pcouffin.inf
[2010/09/03 23:33:55 | 000,000,680 | ---- | C] () -- C:\Users\Simon\AppData\Local\d3d9caps.dat
[2010/08/18 14:09:14 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/08/18 14:09:14 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/08/18 14:09:13 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/08/18 14:09:13 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/08/18 14:09:13 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/08/10 22:27:53 | 000,000,000 | ---- | C] () -- C:\Users\Simon\AppData\Local\prvlcl.dat
[2010/08/10 01:27:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/08/09 23:22:56 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/09 13:44:21 | 000,022,528 | ---- | C] () -- C:\Users\Simon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2007/02/13 07:48:38 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
========== LOP Check ==========
[2010/11/12 21:57:50 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\AVG10
[2010/08/09 23:04:23 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Nokia
[2010/08/09 23:04:26 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Nokia Ovi Suite
[2010/11/13 19:30:49 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\OpenCandy
[2010/08/09 13:42:46 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Packard Bell
[2010/08/09 22:37:54 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\PC Suite
[2010/09/04 21:48:48 | 000,000,000 | ---D | M] -- C:\Users\Simon\AppData\Roaming\Vso
[2010/08/24 13:04:52 | 000,000,274 | ---- | M] () -- C:\Windows\Tasks\PBRegbk.job
[2010/11/14 19:30:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator.job
[2010/11/14 18:48:12 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\Registry Reviver-Simon-Startup.job
[2010/11/14 04:49:03 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2006/09/18 21:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 06:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2007/08/25 16:15:10 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 21:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/11/14 18:48:03 | 2459,705,344 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\Fonts\*.com >
[2006/11/02 12:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 12:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 12:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2010/08/10 02:06:28 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006/09/18 21:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 12:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 18:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2010/09/23 00:32:56 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2010/08/10 00:32:02 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2006/11/02 10:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 10:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 10:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 10:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 10:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/08/10 21:41:49 | 000,000,286 | -HS- | M] () -- C:\Users\Simon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\0*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2010/08/09 13:38:43 | 000,000,402 | -HS- | M] () -- C:\Users\Simon\Favorites\desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
[2010/11/13 19:46:17 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.001
< %systemroot%\system32\drivers\*.rmv >
< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >
< dir /b "%systemroot%\*.exe" | find /i " " /c >
< %PROGRAMFILES%\Microsoft\*.* >
< %systemroot%\System32\Wbem\proquota.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.dat >
< %USERPROFILE%\Cookies\*.txt /x >
< %SystemRoot%\system32\fonts\*.* >
< %systemroot%\system32\winlog\*.* >
< %systemroot%\system32\Language\*.* >
< %systemroot%\system32\Settings\*.* >
< %systemroot%\system32\*.quo >
< %SYSTEMROOT%\AppPatch\*.exe >
< %SYSTEMROOT%\inf\*.exe >
< %SYSTEMROOT%\Installer\*.exe >
< %systemroot%\system32\config\*.bak2 >
< %systemroot%\system32\Computers\*.* >
< %SystemRoot%\system32\Sound\*.* >
< %SystemRoot%\system32\SpecialImg\*.* >
< %SystemRoot%\system32\code\*.* >
< %SystemRoot%\system32\draft\*.* >
< %SystemRoot%\system32\MSSSys\*.* >
< %ProgramFiles%\Javascript\*.* >
< %systemroot%\pchealth\helpctr\System\*.exe /s >
< %systemroot%\Web\*.exe >
< %systemroot%\system32\msn\*.* >
< %systemroot%\system32\*.tro >
< %AppData%\Microsoft\Installer\msupdates\*.* >
< %ProgramFiles%\Messenger\*.* >
< %systemroot%\system32\systhem32\*.* >
< %systemroot%\system\*.exe >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-11-10 18:01:34
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Updater5:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\PcSetup:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\Ovi:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\My Received Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\ConvertXtoDVD:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Documents\003.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Desktop\unused desktop icons:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Simon\Desktop\notes and links to myself:Roxio EMC Stream
< End of report >
this is the extra's report
OTL Extras logfile created on: 14/11/2010 19:50:03 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Simon\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224.88 Gb Total Space | 164.24 Gb Free Space | 73.03% Space Free | Partition Type: NTFS
Computer Name: SIMON-PC | User Name: Simon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1156F79D-6FF6-4137-B512-DBD58F4257DD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4A4E7D97-F07B-4275-8453-F4790CD2EB45}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8CD3589D-A038-42A4-9E84-1660FE742170}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9BF2F582-97CD-44B2-B771-C9562548C22C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{030D21EA-1F8E-499B-83BB-A3BE4094662D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{05D3FE40-789A-4EA6-B929-5E9D7D81E593}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{125C6397-7C57-4FA1-BEDA-1D847B0E245F}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{1284CB89-2B76-41F3-A8B4-DA3DE51CF520}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{2411E829-5422-4FE9-81F8-71CEDE70F71B}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{3A2C87A6-68A3-4C17-8D80-2C960B501536}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{48BA9B2D-32A0-4EC1-B084-0AE2B6B56849}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{64A1147C-2471-406B-8711-3E63EBA08FA7}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{67BBC2B7-A51C-46A0-AA7F-33909BE7072D}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{6923A47C-11B1-46B4-A045-D8916A58C3E7}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{7731A99A-C5FC-454A-A6CC-29C13A049F0D}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{AC44A1A5-6837-4DA5-B88C-F075F6ADC1D3}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"{C0E7000D-81E8-4FAC-BA01-87B98A307488}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{C920CFD4-54B0-4A1F-9DE2-1C43306FBC54}" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"{D1FE9384-DA61-4979-AB78-621639A749AE}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{D56C5B8A-9ED3-4A4E-86B6-18EC93614D88}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{2E6C3D03-E9B6-479D-AAD0-6C0D41293889}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{732D5184-AC42-4344-89A8-713BF960FD0F}C:\program files\bitlord\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{8221787A-7E0B-414C-91A1-405762FE406E}C:\program files\bitlord\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{FBA204E6-FFF3-45F4-A0BE-B79A202CFBDF}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0323CB96-221A-4042-84A3-93EDE47099FC}" = AVG 2011
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A258E63-8DF5-4ADB-9832-38A0121D65EB}" = AVG 2011
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.3.0.96
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7DB362E-16DC-4E29-8A34-E74381E00B5B}" = Adobe Shockwave Player
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB7032FF-AFED-4C58-AA5C-8473B273793A}" = HDReg
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Creator 9 LE
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE9033AD-CBAE-4EDF-989A-BC479FBC6F1F}" = Internet From BT
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F
-
The 2nd part of OTL log is incomplete, but it's not crucial at this point.
I can't be certain without further scans, but I can see two suspicious O4 entries in your log, so....
Read here: http://www.computerhope.com/forum/index.php/topic,46313.0.html
Start new topic here: http://www.computerhope.com/forum/index.php/board,7.0.html
Do NOT post any logs in THIS thread.