??? It didn't open OTL Extras
OTL Log
OTL logfile created on: 7/19/2011 5:12:21 PM - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Boo\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1013.33 Mb Total Physical Memory | 163.80 Mb Available Physical Memory | 16.17% Memory free
2.24 Gb Paging File | 0.81 Gb Available in Paging File | 36.06% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69.77 Gb Total Space | 10.62 Gb Free Space | 15.22% Space Free | Partition Type: NTFS
Drive D: | 69.52 Gb Total Space | 67.74 Gb Free Space | 97.45% Space Free | Partition Type: NTFS
Computer Name: BOO-PC | User Name: Boo | Logged in as Administrator.
Cannot determine boot mode. | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/07/14 23:51:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Boo\Downloads\OTL.exe
PRC - [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/06/15 14:51:08 | 000,683,352 | ---- | M] (IObit) -- C:\Program Files\IObit\Game Booster\gbtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgam.exe
PRC - [2011/01/05 13:11:04 | 004,321,112 | ---- | M] (AOL Inc.) -- C:\Program Files\AIM\aim.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2006/11/24 15:57:54 | 000,107,008 | -H-- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
========== Modules (SafeList) ========== MOD - [2011/07/14 23:51:50 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Boo\Downloads\OTL.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (gusvc)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/21 21:25:46 | 000,118,464 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007/06/21 21:25:44 | 000,257,736 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2007/06/21 21:24:12 | 001,076,832 | ---- | M] (Cyberlink) [Auto | Stopped] -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2007/06/05 13:13:28 | 000,024,576 | -H-- | M] () [Auto | Stopped] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/05/22 18:00:02 | 000,135,168 | -H-- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007/05/17 01:15:22 | 000,163,840 | -H-- | M] (acer) [Auto | Stopped] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007/04/25 19:34:30 | 000,457,512 | -H-- | M] (HiTRSUT) [Auto | Stopped] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/03/14 13:52:30 | 000,024,576 | -H-- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007/02/13 06:26:50 | 000,053,248 | -H-- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2006/11/24 15:57:54 | 000,107,008 | -H-- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
========== Driver Services (SafeList) ========== DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/07/12 17:55:22 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/04/14 21:28:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:38 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/21 18:08:15 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nocashio.sys -- (nocashio)
DRV - [2011/02/10 07:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/04 17:23:39 | 000,436,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/07/26 22:23:07 | 000,003,026 | ---- | M] (Logix4u) [Kernel | System | Running] -- C:\Windows\System32\drivers\hwinterface.sys -- (hwinterface)
DRV - [2009/03/18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/01/19 02:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/06/18 06:03:32 | 000,737,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/06/13 22:33:26 | 000,154,624 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/12/07 18:12:02 | 000,076,584 | -H-- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006/11/02 09:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/09/19 17:47:04 | 000,080,744 | ---- | M] (Wasay) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-397108202-2752575421-25471281-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-397108202-2752575421-25471281-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-397108202-2752575421-25471281-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://search.yahoo....=utf-8&fr=b1ie7IE - HKU\S-1-5-21-397108202-2752575421-25471281-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKU\S-1-5-21-397108202-2752575421-25471281-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
http://www.facebook.com/IE - HKU\S-1-5-21-397108202-2752575421-25471281-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-397108202-2752575421-25471281-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-397108202-2752575421-25471281-1000\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-397108202-2752575421-25471281-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Start Searcher"
FF - prefs.js..browser.search.defaultthis.engineName: "Start Searcher"
FF - prefs.js..browser.search.defaulturl: "
http://www.startsearcher.com/?q="FF - prefs.js..browser.startup.homepage: "
http://www.mariopart...k.com/home.php"FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..keyword.URL: "
http://www.bing.com/...form=ZGAADF&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: c:\program files\real\realplayer\Netscape6\nprjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\AutocompletePro\
[email protected]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/07/17 11:19:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/07/10 20:48:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/15 00:07:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files\Object\internetengine
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{e641e573-5f45-49f4-a2b6-986c6a89d4ad}: C:\Program Files\Object\searchtoolbar
[2010/06/08 00:08:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Boo\AppData\Roaming\Mozilla\Extensions
[2011/07/11 02:05:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Boo\AppData\Roaming\Mozilla\Firefox\Profiles\cork2tv8.default\extensions
[2011/07/09 16:05:23 | 000,000,000 | ---D | M] (SocialRibbons LP 1) -- C:\Users\Boo\AppData\Roaming\Mozilla\Firefox\Profiles\cork2tv8.default\extensions\{6e6347bc-3cf0-aa94-8d40-b0f3e4b41e92}
[2011/07/09 16:05:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Boo\AppData\Roaming\Mozilla\Firefox\Profiles\cork2tv8.default\extensions\{6e6347bc-3cf0-aa94-8d40-b0f3e4b41e92}\chrome\content\dca\core\extensionManager
[2011/06/19 17:48:45 | 000,001,919 | ---- | M] () -- C:\Users\Boo\AppData\Roaming\Mozilla\Firefox\Profiles\cork2tv8.default\searchplugins\bing-zugo.xml
[2011/05/21 19:45:45 | 000,002,470 | ---- | M] () -- C:\Users\Boo\AppData\Roaming\Mozilla\Firefox\Profiles\cork2tv8.default\searchplugins\safesearch.xml
[2011/07/15 00:08:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/15 00:08:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/07/17 11:19:11 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011/06/16 00:17:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/07/15 00:07:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
Hosts file not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - Reg Error: Value error. File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - Reg Error: Value error. File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (ImageShack Toolbar) - {6932D140-ABC4-4073-A44C-D4A541665E35} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKU\S-1-5-21-397108202-2752575421-25471281-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKU\S-1-5-21-397108202-2752575421-25471281-1000\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKU\S-1-5-18..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-397108202-2752575421-25471281-1000..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL Inc.)
O4 - HKU\S-1-5-21-397108202-2752575421-25471281-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\System32\grpconv.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-397108202-2752575421-25471281-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35}
http://toolbar.image...hackToolbar.cab (ImageShack Toolbar)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/03/21 17:03:18 | 000,000,073 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{88e0a045-0f5f-11df-b61d-001b387763aa}\Shell - "" = AutoRun
O33 - MountPoints2\{88e0a045-0f5f-11df-b61d-001b387763aa}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{be39ce56-742f-11df-89a2-001b387763aa}\Shell - "" = AutoRun
O33 - MountPoints2\{be39ce56-742f-11df-89a2-001b387763aa}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ========== [2011/07/18 22:05:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/07/18 20:32:47 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/07/18 17:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/17 20:59:48 | 000,000,000 | ---D | C] -- C:\Users\Boo\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/07/17 20:59:12 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant
[2011/07/17 20:58:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/07/15 02:20:38 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/07/15 00:49:11 | 000,000,000 | ---D | C] -- C:\Users\Boo\AppData\Roaming\SUPERAntiSpyware.com
[2011/07/15 00:49:11 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/07/15 00:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/07/15 00:48:30 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/07/15 00:08:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/07/15 00:08:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/07/15 00:07:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/07/14 21:47:44 | 000,000,000 | ---D | C] -- C:\Users\Boo\AppData\Roaming\AVG10
[2011/07/14 21:43:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/07/14 21:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011/07/14 21:38:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2011/07/14 21:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/07/14 21:36:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/07/14 21:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/07/12 18:52:16 | 000,000,000 | ---D | C] -- C:\Users\Boo\AppData\Roaming\Skype
[2011/07/12 18:51:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/07/12 18:51:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/07/12 18:51:28 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011/07/11 19:17:13 | 000,000,000 | ---D | C] -- C:\Users\Boo\AppData\Roaming\skypePM
[2011/07/11 19:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/07/11 13:05:05 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/07/11 13:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
[2011/07/11 13:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GridVista
[2011/07/11 13:05:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
[2011/07/11 13:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Empowering Technology
[2011/07/11 13:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade
[2011/07/11 13:04:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/07/11 13:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/07/11 13:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI-83 Plus Flash Debugger
[2011/07/11 13:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sven Co-op
[2011/07/11 13:04:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2011/07/11 13:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011/07/11 13:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCHTHACK PSOBB
[2011/07/11 13:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI CD & DVD-Maker 7
[2011/07/11 13:04:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Backup NOW! 4.7
[2011/07/11 13:04:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
[2011/07/11 13:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
[2011/07/11 13:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/07/11 13:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2011/07/11 13:04:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/07/11 13:04:30 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/07/11 13:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Launch Manager
[2011/07/11 13:04:29 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2011/07/11 13:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster
[2011/07/11 13:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freebies Hack Engine
[2011/07/11 13:04:27 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
[2011/07/11 13:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
[2011/07/11 13:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deus Ex
[2011/07/11 13:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011/07/11 13:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerProducer
[2011/07/11 13:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/07/10 21:19:57 | 000,000,000 | ---D | C] -- C:\Users\Boo\AppData\Roaming\Malwarebytes
[2011/07/10 21:19:48 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/07/10 21:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/07/10 21:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/07/10 17:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/07/09 16:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\FreeCause
[2011/07/09 15:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\Freebies Hack Engine
[2011/07/07 02:32:42 | 000,000,000 | ---D | C] -- C:\Users\Boo\AppData\Roaming\IObit
[2011/07/06 19:44:36 | 000,000,000 | ---D | C] -- C:\Users\Boo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wheel Of Fortune
[2011/07/05 09:05:25 | 000,000,000 | ---D | C] -- C:\Users\Boo\AppData\Local\WinMainAgent
[2011/06/30 16:49:56 | 000,000,000 | ---D | C] -- C:\Windows\Wheel Of Fortune
[2011/06/30 16:49:56 | 000,000,000 | ---D | C] -- C:\Program Files\Wheel Of Fortune
[2011/06/30 14:43:16 | 000,000,000 | ---D | C] -- C:\Users\Boo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BigJon PCGames Config Wizard
[2011/06/30 14:43:14 | 000,000,000 | ---D | C] -- C:\Windows\BigJon PCGames Config Wizard
[2011/06/30 14:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\BigJon PCGames Config Wizard
[2011/06/30 14:40:03 | 000,000,000 | ---D | C] -- C:\Windows\Your Product
[2011/06/30 14:34:17 | 000,000,000 | ---D | C] -- C:\Temp
[2011/06/20 21:51:40 | 000,000,000 | ---D | C] -- C:\Users\Boo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2011/06/20 17:05:03 | 000,000,000 | ---D | C] -- C:\Program Files\Digiarty
[2011/06/20 16:54:24 | 000,139,264 | ---- | C] (
http://www.xvid.org) -- C:\Windows\System32\xvid.ax
[2010/02/01 14:25:26 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[2007/07/31 09:43:36 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[1998/04/27 01:00:00 | 000,570,128 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\DAO350.DLL
[31 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/07/19 17:11:44 | 000,000,512 | ---- | M] () -- C:\Users\Boo\Desktop\MBR.dat
[2011/07/19 16:56:31 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2011/07/19 14:47:54 | 000,610,310 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/19 14:47:54 | 000,105,858 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/19 08:29:16 | 000,001,705 | ---- | M] () -- C:\Users\Boo\Desktop\Wheel Of Fortune.lnk
[2011/07/19 08:26:14 | 000,002,377 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/07/18 18:07:46 | 122,731,489 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/07/18 17:38:45 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/17 20:59:15 | 000,000,916 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk
[2011/07/17 18:40:14 | 000,000,938 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2011/07/17 11:19:13 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/07/15 04:18:58 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 04:18:57 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/15 00:48:38 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/07/14 12:21:59 | 000,383,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/11 19:38:54 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2011/07/11 17:53:18 | 000,000,104 | ---- | M] () -- C:\Users\Boo\Desktop\Recycle Bin.lnk
[2011/07/11 17:23:45 | 000,002,645 | ---- | M] () -- C:\Users\Public\Documents\Global.sw2
[2011/07/11 16:41:32 | 000,000,953 | ---- | M] () -- C:\Users\Boo\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/07/11 02:05:03 | 000,000,000 | ---- | M] () -- C:\install.rdf
[2011/07/10 20:42:00 | 000,000,256 | ---- | M] () -- C:\ProgramData\~31448824
[2011/07/10 20:42:00 | 000,000,200 | ---- | M] () -- C:\ProgramData\~31448824r
[2011/07/10 20:09:01 | 000,000,336 | ---- | M] () -- C:\ProgramData\31448824
[2011/07/09 21:16:10 | 000,000,537 | ---- | M] () -- C:\Users\Boo\Documents\Goldeneye.cpf
[2011/07/09 16:38:05 | 000,001,001 | ---- | M] () -- C:\Users\Boo\Desktop\Freebies Hack Engine.lnk
[2011/07/08 23:04:18 | 000,000,396 | ---- | M] () -- C:\Windows\n02.ini
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/07/06 15:28:02 | 000,344,064 | ---- | M] () -- C:\Users\Boo\Documents\Database2.accdb
[2011/07/06 15:27:52 | 000,348,160 | ---- | M] () -- C:\Users\Boo\Documents\Database1.accdb
[2011/07/06 14:34:38 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/07/05 15:44:18 | 000,000,537 | ---- | M] () -- C:\Users\Boo\Documents\Perfect Dark.cpf
[2011/06/21 18:00:01 | 000,029,696 | ---- | M] () -- C:\Users\Boo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/20 21:51:40 | 000,000,578 | ---- | M] () -- C:\Users\Boo\Desktop\Fraps.lnk
[2011/06/20 17:05:08 | 000,001,199 | ---- | M] () -- C:\Users\Boo\Desktop\WinX Free AVI to WMV Converter.lnk
[2011/06/20 16:55:34 | 000,000,067 | ---- | M] () -- C:\Windows\swf2avi.INI
[31 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/07/19 17:11:44 | 000,000,512 | ---- | C] () -- C:\Users\Boo\Desktop\MBR.dat
[2011/07/18 18:07:46 | 122,731,489 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/07/17 20:59:15 | 000,000,928 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2011/07/17 20:59:15 | 000,000,916 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk
[2011/07/17 18:40:14 | 000,000,950 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2011/07/17 18:40:14 | 000,000,938 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2011/07/15 00:48:38 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/07/14 21:42:30 | 000,000,834 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/07/12 18:51:30 | 000,002,377 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/07/11 19:38:54 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/07/11 17:53:18 | 000,000,104 | ---- | C] () -- C:\Users\Boo\Desktop\Recycle Bin.lnk
[2011/07/11 16:41:32 | 000,000,953 | ---- | C] () -- C:\Users\Boo\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/07/11 13:29:11 | 000,000,240 | ---- | C] () -- C:\Users\Boo\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/07/11 13:29:10 | 000,001,722 | ---- | C] () -- C:\Users\Boo\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/07/11 13:29:10 | 000,001,699 | ---- | C] () -- C:\Users\Boo\Application Data\Microsoft\Internet Explorer\Quick Launch\Notepad.lnk
[2011/07/11 13:29:10 | 000,000,258 | ---- | C] () -- C:\Users\Boo\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/07/11 13:29:10 | 000,000,199 | ---- | C] () -- C:\Users\Boo\Application Data\Microsoft\Internet Explorer\Quick Launch\Acer HD Audio Manager - Shortcut.lnk
[2011/07/11 13:13:43 | 000,002,102 | ---- | C] () -- C:\Users\Boo\Desktop\TI-83 Plus Flash Debugger.lnk
[2011/07/11 13:13:43 | 000,000,965 | ---- | C] () -- C:\Users\Boo\Desktop\Switch to Gaming Mode.lnk
[2011/07/11 13:13:42 | 000,002,156 | ---- | C] () -- C:\Users\Boo\Desktop\Microsoft Office - 60 Day Trial.lnk
[2011/07/11 13:13:42 | 000,001,891 | ---- | C] () -- C:\Users\Boo\Desktop\Adobe Reader 9.lnk
[2011/07/11 13:13:42 | 000,001,867 | ---- | C] () -- C:\Users\Boo\Desktop\Acer Arcade.lnk
[2011/07/11 13:13:42 | 000,001,739 | ---- | C] () -- C:\Users\Boo\Desktop\DAEMON Tools Lite.lnk
[2011/07/11 13:13:42 | 000,001,698 | ---- | C] () -- C:\Users\Boo\Desktop\AIM.lnk
[2011/07/11 13:13:42 | 000,001,641 | ---- | C] () -- C:\Users\Boo\Desktop\Empowering Technology.lnk
[2011/07/11 13:13:42 | 000,001,001 | ---- | C] () -- C:\Users\Boo\Desktop\Freebies Hack Engine.lnk
[2011/07/11 13:13:42 | 000,000,953 | ---- | C] () -- C:\Users\Boo\Desktop\Game Booster.lnk
[2011/07/11 13:13:42 | 000,000,850 | ---- | C] () -- C:\Users\Boo\Desktop\Mozilla Firefox.lnk
[2011/07/11 13:13:42 | 000,000,756 | ---- | C] () -- C:\Users\Boo\Desktop\µTorrent.lnk
[2011/07/11 13:04:58 | 000,001,950 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk
[2011/07/11 13:04:57 | 000,001,768 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
[2011/07/11 13:04:56 | 000,001,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/07/11 13:04:56 | 000,001,245 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011/07/11 13:04:54 | 000,000,604 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk
[2011/07/11 13:04:52 | 000,001,903 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Easy Transfer 7.lnk
[2011/07/11 13:04:50 | 000,001,757 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
[2011/07/11 13:04:45 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk
[2011/07/11 13:04:45 | 000,001,703 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk
[2011/07/11 13:04:44 | 000,001,770 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk
[2011/07/11 13:04:43 | 000,002,447 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/07/11 13:04:43 | 000,001,881 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2003.lnk
[2011/07/11 13:04:43 | 000,001,789 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2011/07/11 13:04:43 | 000,001,731 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Registration.lnk
[2011/07/11 13:04:43 | 000,001,711 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Assist.lnk
[2011/07/11 13:04:43 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/07/11 13:04:41 | 000,001,493 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
[2011/07/11 02:05:03 | 000,000,000 | ---- | C] () -- C:\install.rdf
[2011/07/10 21:19:48 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/10 20:48:35 | 000,000,874 | ---- | C] () -- C:\Users\Boo\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/07/10 20:14:44 | 000,000,256 | ---- | C] () -- C:\ProgramData\~31448824
[2011/07/10 20:14:44 | 000,000,200 | ---- | C] () -- C:\ProgramData\~31448824r
[2011/07/10 20:09:01 | 000,000,336 | ---- | C] () -- C:\ProgramData\31448824
[2011/07/06 19:44:36 | 000,001,705 | ---- | C] () -- C:\Users\Boo\Desktop\Wheel Of Fortune.lnk
[2011/07/06 15:27:58 | 000,344,064 | ---- | C] () -- C:\Users\Boo\Documents\Database2.accdb
[2011/07/06 15:27:38 | 000,348,160 | ---- | C] () -- C:\Users\Boo\Documents\Database1.accdb
[2011/07/05 15:44:18 | 000,000,537 | ---- | C] () -- C:\Users\Boo\Documents\Perfect Dark.cpf
[2011/07/05 15:44:06 | 000,000,537 | ---- | C] () -- C:\Users\Boo\Documents\Goldeneye.cpf
[2011/06/20 21:51:40 | 000,000,578 | ---- | C] () -- C:\Users\Boo\Desktop\Fraps.lnk
[2011/06/20 17:05:08 | 000,001,199 | ---- | C] () -- C:\Users\Boo\Desktop\WinX Free AVI to WMV Converter.lnk
[2011/06/20 16:54:33 | 000,000,067 | ---- | C] () -- C:\Windows\swf2avi.INI
[2011/06/20 16:54:24 | 000,758,018 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/06/20 16:54:24 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/02/21 18:08:15 | 000,004,096 | ---- | C] () -- C:\Windows\System32\drivers\nocashio.sys
[2010/11/04 17:32:02 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/08/17 16:58:29 | 000,000,113 | ---- | C] () -- C:\Windows\System32\NemuAudio08.ini
[2010/06/08 00:08:08 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/05/28 13:55:28 | 000,000,552 | ---- | C] () -- C:\Users\Boo\AppData\Local\d3d8caps.dat
[2010/03/14 18:28:24 | 000,029,696 | ---- | C] () -- C:\Users\Boo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/27 22:29:33 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI
[2010/02/27 04:02:18 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/02/26 22:43:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/02/26 22:43:16 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/02/07 01:20:10 | 000,000,396 | ---- | C] () -- C:\Windows\n02.ini
[2010/02/01 16:46:56 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
[2010/02/01 16:46:48 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2010/02/01 15:38:30 | 000,003,366 | ---- | C] () -- C:\Users\Boo\AppData\Roaming\wklnhst.dat
[2010/02/01 15:26:47 | 000,001,764 | ---- | C] () -- C:\Windows\kaillera.ini
[2010/02/01 14:25:26 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/02/11 20:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008/02/11 20:34:48 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin
[2008/02/11 20:34:48 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin
[2008/02/11 20:34:48 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin
[2007/07/31 11:01:29 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007/07/31 09:50:23 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007/07/31 09:44:29 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007/07/31 09:44:29 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007/07/31 09:43:32 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007/07/31 08:07:59 | 000,000,115 | ---- | C] () -- C:\Windows\Alaunch.ini
[2007/07/31 08:07:10 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/07/31 08:07:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1280.dll
[2007/04/25 19:33:22 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007/04/25 19:32:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007/04/25 19:32:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007/04/25 19:31:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007/04/25 19:30:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007/04/25 19:30:44 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/12/25 18:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/13 08:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin
[2006/11/02 08:53:49 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:44:53 | 000,383,664 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:33:01 | 000,610,310 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,105,858 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001/12/26 19:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 02:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 19:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 01:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== LOP Check ========== [2010/02/01 14:43:24 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\acccore
[2010/02/01 14:30:13 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\Acer
[2011/07/14 21:47:44 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\AVG10
[2011/07/07 02:48:34 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\BitTorrent
[2011/07/17 20:59:48 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2010/07/05 00:03:03 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/06/09 21:36:54 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\DAEMON Tools Lite
[2010/08/29 17:35:53 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\fltk.org
[2010/08/22 00:51:45 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\gtk-2.0
[2011/07/07 02:32:42 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\IObit
[2010/02/27 21:44:18 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\iWin
[2010/02/01 14:30:02 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\Leadertech
[2010/08/24 17:30:11 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\Mael
[2010/12/23 02:45:21 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\ooVoo Details
[2010/07/03 16:44:56 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\SEGA
[2011/05/29 16:42:14 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\SoftGrid Client
[2010/02/01 15:38:33 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\Template
[2010/11/10 23:52:51 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\Tific
[2011/04/01 20:50:47 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\TP
[2011/07/19 15:14:59 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\uTorrent
[2010/07/04 23:18:35 | 000,000,000 | ---D | M] -- C:\Users\Boo\AppData\Roaming\WhiteSmokeSetup
[2011/07/18 18:49:46 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/01/01 13:29:18 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2DACE64E-2D18-4342-B58D-D61ABDCDA777}.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < %USERPROFILE%\..|smtmp;true;true;true /FP >[2011/07/10 20:02:44 | 000,000,000 | ---D | M] -- C:\Users\Boo\..\Boo\AppData\Local\Temp\smtmp
[2011/07/10 20:02:44 | 000,000,000 | ---D | M] -- C:\Users\Boo\..\Boo\AppData\Local\Temp\smtmp\1
[2011/07/10 20:02:44 | 000,000,000 | ---D | M] -- C:\Users\Boo\..\Boo\AppData\Local\Temp\smtmp\2
[2011/07/10 20:02:44 | 000,000,000 | ---D | M] -- C:\Users\Boo\..\Boo\AppData\Local\Temp\smtmp\4
< MD5 for: EXPLORER.EXE >[2010/02/03 20:31:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2010/02/03 20:31:00 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2010/02/03 20:30:57 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2010/02/03 22:14:37 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2010/02/03 22:14:36 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2010/02/03 20:31:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 05:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 03:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: SVCHOST.EXE >[2006/11/02 05:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 03:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/19 03:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: USERINIT.EXE >[2008/01/19 03:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 03:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 05:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 05:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 03:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/19 03:33:12 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/19 03:33:12 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/19 03:33:12 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/04/11 02:27:44 | 000,636,080 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/16 00:17:34 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/19 03:33:12 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/19 03:33:12 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/19 03:33:12 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/04/11 02:27:44 | 000,636,080 | ---- | M] (Microsoft Corporation)
========== Alternate Data Streams ========== @Alternate Data Stream - 174 bytes -> C:\ProgramData\TEMP:CF54F1CA
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:131C0EE9
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
aswMBR Log
aswMBR version 0.9.7.777 Copyright© 2011 AVAST Software
Run date: 2011-07-19 17:09:41
-----------------------------
17:09:41.127 OS Version: Windows 6.0.6002 Service Pack 2
17:09:41.127 Number of processors: 1 586 0x1601
17:09:41.128 ComputerName: BOO-PC UserName: Boo
17:10:09.883 Initialize success
17:10:33.968 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
17:10:33.972 Disk 0 Vendor: WDC_WD1600BEVS-22RST0 04.01G04 Size: 152627MB BusType: 3
17:10:34.018 Disk 0 MBR read successfully
17:10:34.023 Disk 0 MBR scan
17:10:34.029 Disk 0 unknown MBR code
17:10:34.035 Disk 0 scanning sectors +312578048
17:10:34.151 Disk 0 scanning C:\Windows\system32\drivers
17:10:43.367 Service scanning
17:10:48.573 Disk 0 trace - called modules:
17:10:48.624 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x85146f16]<<
17:10:48.624 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8512a820]
17:10:48.624 3 CLASSPNP.SYS[86dd68b3] -> nt!IofCallDriver -> [0x8500f918]
17:10:48.625 5 acpi.sys[82b886bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x84ff3230]
17:10:48.625 \Driver\atapi[0x84fc7b50] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0x85146f16
17:10:48.625 Scan finished successfully
17:11:44.753 Disk 0 MBR has been saved successfully to "C:\Users\Boo\Desktop\MBR.dat"
17:11:44.762 The log file has been saved successfully to "C:\Users\Boo\Desktop\Post.txt"
- And thank you for deciding to help me