Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop freezing after Windows Vista loads [Solved]

Started by joecool90 , Sep 28 2011 09:11 AM

  • This topic is locked This topic is locked

#1
joecool90
Posted 28 September 2011 - 09:11 AM

joecool90

    Member

  • Member
  • PipPip
  • 92 posts
Hi,

I appreciate any help that anyone can give. After being the victim of fraud transactions in my bank accounts, I was told that doing a lot of online shopping could be the cause of this. Therefore I decided to try to improve my security by downloading and running all of the software you recommend at http://www.geekstogo...e-first-place/.

However after doing this, my laptop now freezes every time I load into Windows Vista (it does boot ok before Windows opens). I have tried this a few times and get the same thing, so I am now working from safe mode). I suspect that a bit of malware that was removed previously is now preventing my laptop from loading correctly?

Very grateful for your assistance with this. I will say that I had a malware problem some years ago on a different laptop and your advice was very successful then, so hoping for more of the same this time round!

Many thanks,

Joe

OTL logfile created on: 28/09/2011 15:52:01 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\ACER\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 68.57% Memory free
6.19 Gb Paging File | 5.40 Gb Available in Paging File | 87.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.44 Gb Total Space | 27.01 Gb Free Space | 24.24% Space Free | Partition Type: NTFS
Drive D: | 104.90 Gb Total Space | 19.93 Gb Free Space | 19.00% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: ACER-PC | User Name: ACER | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/28 15:50:12 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ACER\Desktop\OTL.exe
PRC - [2011/08/18 21:33:18 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/04/19 07:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/03/25 13:34:04 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/20 04:07:39 | 000,412,728 | ---- | M] () -- C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.186\ppgooglenaclpluginchrome.dll
MOD - [2011/09/20 04:07:37 | 003,696,184 | ---- | M] () -- C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.186\pdf.dll
MOD - [2011/09/20 04:06:11 | 000,142,568 | ---- | M] () -- C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.186\avutil-51.dll
MOD - [2011/09/20 04:06:10 | 000,253,320 | ---- | M] () -- C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.186\avformat-53.dll
MOD - [2011/09/20 04:06:09 | 002,403,240 | ---- | M] () -- C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.186\avcodec-53.dll
MOD - [2011/09/20 01:32:41 | 006,338,720 | ---- | M] () -- C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.186\gcswf32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/09/06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/09/06 03:55:14 | 004,220,376 | ---- | M] (Emsi Software GmbH) [Auto | Stopped] -- C:\Program Files\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2011/09/06 03:55:10 | 000,207,936 | ---- | M] (Emsi Software GmbH) [Auto | Stopped] -- C:\Program Files\Online Armor\OAcat.exe -- (OAcat)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/18 21:33:18 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/04/19 07:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/03/25 13:34:04 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe -- (ServicepointService)
SRV - [2009/09/24 11:59:26 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\Windows\System32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2009/03/20 07:40:43 | 003,520,512 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2008/07/30 02:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Stopped] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/07/21 02:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/07/19 23:13:44 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/06/02 18:25:40 | 000,024,576 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/05/26 13:43:58 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2008/05/01 04:41:12 | 000,815,104 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/05/01 04:10:10 | 000,466,944 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/17 02:35:02 | 000,081,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2007/12/11 04:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/12/07 01:15:28 | 000,110,592 | ---- | M] () [Auto | Stopped] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)


========== Driver Services (SafeList) ==========

DRV - [2011/09/06 21:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 21:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 21:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 21:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 21:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/09/06 21:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 03:55:48 | 000,040,296 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\oahlp32.sys -- (oahlpXX)
DRV - [2011/09/06 03:55:28 | 000,029,312 | ---- | M] (Emsisoft) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OAnet.sys -- (OAnet)
DRV - [2011/09/06 03:55:28 | 000,025,192 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\Windows\System32\drivers\OAmon.sys -- (OAmon)
DRV - [2011/09/06 03:55:26 | 000,205,864 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\System32\drivers\OADriver.sys -- (OADevice)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/18 21:33:08 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/08/18 21:33:07 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/09/01 09:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/03/08 10:02:58 | 000,062,496 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2009/08/21 20:24:04 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/08/05 06:18:22 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2009/03/20 07:40:39 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008/12/05 11:24:00 | 007,538,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/07/19 00:05:10 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Stopped] -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008/05/26 13:44:14 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008/04/27 23:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®
DRV - [2008/02/29 08:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/01/17 02:35:08 | 000,122,368 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Stopped] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys -- (NTIPPKernel)
DRV - [2007/01/26 07:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2006/11/02 14:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Stopped] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...9&m=aspire_8930
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...9&m=aspire_8930

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...9&m=aspire_8930
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}:5.0.12

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Virgin Media\Service Manager\nprpspa.dll (Virgin Media)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.15: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.16: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.15: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.16: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ACER\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ACER\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/04/19 19:10:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/28 13:03:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/14 19:17:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/16 21:40:06 | 000,000,000 | ---D | M]

[2009/10/15 19:38:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ACER\AppData\Roaming\Mozilla\Extensions
[2011/09/13 22:05:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\miz7r0fi.default\extensions
[2010/05/21 09:09:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\miz7r0fi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/09 19:10:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/09 19:10:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
[2010/05/21 09:08:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/17 07:46:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/23 09:37:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/22 22:27:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/24 23:25:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/07 08:29:08 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/03/07 08:29:08 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/03/07 08:29:08 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/03/07 08:29:08 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.186\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.186\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Service Manager (Enabled) = C:\Program Files\Virgin Media\Service Manager\nprpspa.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~1\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\

O1 HOSTS File: ([2011/09/05 14:40:48 | 000,614,259 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 16324 more lines...
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files\Online Armor\oaui.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ServiceManager.exe] C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe (Virgin Media)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\VistaCodecPack\rm\Update_OB\realsched.exe" -osboot File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [workflow] F:\installs\workflow.exe File not found
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\System32\grpconv.exe (Microsoft Corporation)
O4 - Startup: C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://download.macr...are/awswaxf.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.c...oad/vexcast.cab (VodClient Control Class)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail....NPUplden-gb.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0262EFB3-8DFF-407E-AE8E-C31A44EECB26}: NameServer = 152.78.128.200 152.78.128.201
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FAA85B7-4C67-4C95-8036-02723AB7A771}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Acer03.JPG
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Acer03.JPG
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Online Armor\oaevent.dll (Emsi Software GmbH)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{151e913e-1797-11e0-aa20-00a0d1aeb6c4}\Shell\AutoRun\command - "" = laf\\lauski.exe
O33 - MountPoints2\{151e913e-1797-11e0-aa20-00a0d1aeb6c4}\Shell\explore\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{151e913e-1797-11e0-aa20-00a0d1aeb6c4}\Shell\open\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{4159cdbb-c851-11de-a520-00a0d1aeb6c4}\Shell\AutoRun\command - "" = laf\\lauski.exe
O33 - MountPoints2\{4159cdbb-c851-11de-a520-00a0d1aeb6c4}\Shell\explore\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{4159cdbb-c851-11de-a520-00a0d1aeb6c4}\Shell\open\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{aff71ea1-43d0-11de-949c-00a0d1aeb6c4}\Shell\AutoRun\command - "" = laf\\lauski.exe
O33 - MountPoints2\{aff71ea1-43d0-11de-949c-00a0d1aeb6c4}\Shell\explore\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{aff71ea1-43d0-11de-949c-00a0d1aeb6c4}\Shell\open\command - "" = laf\\\lauski.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/28 15:51:23 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\ACER\Desktop\OTL.exe
[2011/09/28 15:44:06 | 000,000,000 | ---D | C] -- C:\Users\ACER\AppData\Local\Secunia PSI
[2011/09/28 15:44:02 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011/09/28 13:03:42 | 000,320,856 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/09/28 13:03:42 | 000,020,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/09/28 13:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/09/28 13:03:40 | 000,442,200 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/09/28 13:03:40 | 000,052,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/09/28 13:03:40 | 000,034,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/09/28 13:03:39 | 000,054,616 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/09/28 13:03:33 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/09/28 13:03:33 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/09/28 13:03:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/09/28 13:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/09/28 11:17:01 | 000,000,000 | ---D | C] -- C:\Users\ACER\AppData\Roaming\OnlineArmor
[2011/09/28 11:17:01 | 000,000,000 | ---D | C] -- C:\ProgramData\OnlineArmor
[2011/09/28 11:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Armor
[2011/09/28 11:14:59 | 000,029,312 | ---- | C] (Emsisoft) -- C:\Windows\System32\drivers\OAnet.sys
[2011/09/28 11:14:59 | 000,025,192 | ---- | C] (Emsisoft) -- C:\Windows\System32\drivers\OAmon.sys
[2011/09/28 11:14:26 | 000,000,000 | ---D | C] -- C:\Program Files\Online Armor
[2011/09/28 11:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Agnitum
[2011/09/28 10:23:01 | 000,000,000 | ---D | C] -- C:\Users\ACER\Desktop\hosts
[2011/09/27 21:41:30 | 000,000,000 | ---D | C] -- C:\Users\ACER\AppData\Roaming\Malwarebytes
[2011/09/27 21:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/27 21:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/09/27 21:41:17 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/09/27 21:41:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/27 20:29:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2011/09/27 20:29:53 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2009/01/09 03:58:48 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 30 Days ==========

[2011/09/28 15:50:12 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ACER\Desktop\OTL.exe
[2011/09/28 15:44:02 | 000,000,903 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/09/28 15:38:58 | 000,001,356 | ---- | M] () -- C:\Users\ACER\AppData\Local\d3d9caps.dat
[2011/09/28 15:31:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/28 15:27:22 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{8217BE74-99C1-4656-8D51-19C27BAD773F}
[2011/09/28 15:26:53 | 000,161,436 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/09/28 15:25:25 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011/09/28 15:24:45 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/28 15:20:04 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/28 15:20:04 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/28 13:15:02 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/09/28 13:03:42 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/09/28 12:56:04 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945882338-3912884603-1135198170-1000UA.job
[2011/09/28 12:27:02 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{D66BECDD-843B-4109-93FA-57629B53F917}
[2011/09/28 12:24:31 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{D832C08B-79FB-41F8-A47E-954FB3E3AC9D}
[2011/09/28 12:21:32 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/09/28 11:52:05 | 000,026,160 | ---- | M] () -- C:\Users\ACER\Documents\Diary.odt
[2011/09/28 11:31:04 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/28 10:22:17 | 000,150,727 | ---- | M] () -- C:\Users\ACER\Desktop\hosts.zip
[2011/09/28 09:58:43 | 000,161,436 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/09/28 08:33:26 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{B8C405FE-C578-4A83-B804-D49EFAFE00E0}
[2011/09/28 08:32:52 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945882338-3912884603-1135198170-1000Core.job
[2011/09/23 08:30:18 | 000,229,888 | ---- | M] () -- C:\Users\ACER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/21 14:08:25 | 000,002,041 | ---- | M] () -- C:\Users\ACER\Desktop\Google Chrome.lnk
[2011/09/21 14:08:25 | 000,002,003 | ---- | M] () -- C:\Users\ACER\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/21 09:44:49 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/09/06 21:45:29 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/09/06 21:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/09/06 21:38:05 | 000,442,200 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/09/06 21:37:53 | 000,320,856 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/09/06 21:36:38 | 000,034,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/09/06 21:36:36 | 000,052,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/09/06 21:36:26 | 000,054,616 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/09/06 21:36:12 | 000,020,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/09/06 03:55:48 | 000,040,296 | ---- | M] () -- C:\Windows\System32\drivers\oahlp32.sys
[2011/09/06 03:55:28 | 000,029,312 | ---- | M] (Emsisoft) -- C:\Windows\System32\drivers\OAnet.sys
[2011/09/06 03:55:28 | 000,025,192 | ---- | M] (Emsisoft) -- C:\Windows\System32\drivers\OAmon.sys
[2011/09/06 03:55:26 | 000,205,864 | ---- | M] () -- C:\Windows\System32\drivers\OADriver.sys
[2011/09/05 14:40:48 | 000,614,259 | ---- | M] () -- C:\Windows\System32\drivers\etc\HOSTS
[2011/09/04 16:51:46 | 000,602,292 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/09/04 16:51:46 | 000,106,428 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2011/09/28 15:44:02 | 000,000,903 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/09/28 15:44:02 | 000,000,866 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2011/09/28 15:27:22 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{8217BE74-99C1-4656-8D51-19C27BAD773F}
[2011/09/28 13:03:42 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/09/28 12:27:02 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{D66BECDD-843B-4109-93FA-57629B53F917}
[2011/09/28 12:24:31 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{D832C08B-79FB-41F8-A47E-954FB3E3AC9D}
[2011/09/28 11:15:00 | 000,040,296 | ---- | C] () -- C:\Windows\System32\drivers\oahlp32.sys
[2011/09/28 11:14:59 | 000,205,864 | ---- | C] () -- C:\Windows\System32\drivers\OADriver.sys
[2011/09/28 10:22:24 | 000,150,727 | ---- | C] () -- C:\Users\ACER\Desktop\hosts.zip
[2011/09/28 08:33:26 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{B8C405FE-C578-4A83-B804-D49EFAFE00E0}
[2011/09/21 09:44:49 | 000,001,891 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/18 12:33:41 | 000,000,136 | ---- | C] () -- C:\Users\ACER\AppData\Roaming\wklnhst.dat
[2011/04/09 19:23:29 | 000,077,824 | R--- | C] () -- C:\Windows\System32\sasperf.dll
[2009/11/17 14:11:58 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2009/11/17 14:11:58 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2009/11/17 14:11:58 | 000,000,100 | ---- | C] () -- C:\Windows\System32\prsgrc.dll
[2009/11/17 14:09:04 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2009/11/17 14:09:04 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2009/10/15 19:38:36 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/05/28 21:45:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/28 21:45:21 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/04/19 02:23:51 | 000,663,552 | ---- | C] () -- C:\Windows\System32\libeay32_1-1-0_DDR.dll
[2009/04/19 02:23:51 | 000,532,594 | ---- | C] () -- C:\Windows\System32\xerces-c_1_40_0_DDR.dll
[2009/04/19 02:23:51 | 000,524,377 | ---- | C] () -- C:\Windows\System32\stlport_4_0_0_DDR.dll
[2009/04/19 02:23:51 | 000,307,329 | ---- | C] () -- C:\Windows\System32\BJBase_2-2-2_DDR.dll
[2009/04/19 02:23:51 | 000,159,744 | ---- | C] () -- C:\Windows\System32\ssleay32_1-1-0_DDR.dll
[2009/04/17 03:07:44 | 000,001,356 | ---- | C] () -- C:\Users\ACER\AppData\Local\d3d9caps.dat
[2009/04/06 21:32:16 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/04/03 17:14:56 | 000,229,888 | ---- | C] () -- C:\Users\ACER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/02 01:51:10 | 000,161,436 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/04/02 01:51:06 | 000,161,436 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/03/20 07:44:21 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009/03/20 07:44:21 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009/03/20 07:44:21 | 000,009,216 | ---- | C] () -- C:\Windows\usbvideo_reg.exe
[2009/03/20 07:44:21 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009/03/20 07:41:03 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2009/01/09 06:19:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2009/01/09 06:19:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2009/01/09 05:48:16 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009/01/09 05:33:21 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2009/01/09 05:33:21 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2009/01/09 05:33:21 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009/01/09 05:31:25 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2009/01/09 04:38:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/09 03:55:30 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/10/07 17:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 17:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/12/27 22:05:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007/11/15 00:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2007/04/25 02:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007/03/10 12:51:48 | 000,282,624 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007/02/06 01:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007/01/26 07:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,405,392 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,602,292 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,106,428 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/02/25 19:09:38 | 000,774,144 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005/01/03 11:10:44 | 000,319,488 | ---- | C] () -- C:\Windows\System32\DLXAPI32.DLL
[2001/12/27 01:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/11/14 21:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/09/04 08:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/31 01:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 07:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2010/07/13 09:09:45 | 000,000,000 | -HSD | M] -- C:\Users\ACER\AppData\Roaming\.#
[2009/04/18 20:25:48 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Acer
[2009/01/09 06:04:38 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Acer GameZone Console
[2009/05/03 14:18:58 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2009/04/15 17:28:11 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\eSobi
[2011/09/28 11:17:15 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\OnlineArmor
[2009/04/19 08:36:01 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\OpenOffice.org
[2009/04/18 20:15:49 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\PowerCinema
[2011/04/09 20:44:35 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\SAS
[2011/06/18 12:33:43 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Template
[2009/03/31 22:23:40 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Validity
[2011/04/27 08:03:33 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Virgin Media
[2011/01/18 22:26:56 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Windows Live Writer
[2011/09/28 12:21:37 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:4220A65C
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:F3176E45

< End of report >

OTL Extras logfile created on: 28/09/2011 15:52:01 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\ACER\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 68.57% Memory free
6.19 Gb Paging File | 5.40 Gb Available in Paging File | 87.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.44 Gb Total Space | 27.01 Gb Free Space | 24.24% Space Free | Partition Type: NTFS
Drive D: | 104.90 Gb Total Space | 19.93 Gb Free Space | 19.00% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: ACER-PC | User Name: ACER | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4C932138-7ABA-4DC6-B1C8-931942B2B06D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{A8B330B6-5CFA-4B02-ABF9-C2010087E09B}" = lport=4660 | protocol=6 | dir=in | name=emule tcp port |
"{B642AB93-5EBD-48A9-9A88-26BCACB4B325}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C084BFD0-9CE2-4E33-8B94-EF64BB86DFA1}" = lport=4670 | protocol=17 | dir=in | name=emule udp port |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0068B5E0-1E5F-4E74-9043-1F366254E2EA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0E4B0DFF-5A64-4F98-B24B-C08D76F5C8A4}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{162DDE76-431C-490B-B0AD-0D10E6AA5056}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{186D5894-127F-45D7-80CD-8F72E6757A32}" = protocol=6 | dir=in | app=c:\program files\virgin media\service manager\servicepointservice.exe |
"{34384DED-06D8-4891-87AC-0B3943ECB970}" = protocol=17 | dir=in | app=c:\program files\virgin media\service manager\servicepointservice.exe |
"{35A642C6-6AD4-4515-994C-4BF217C9894C}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{390EA1AD-26AF-4C48-8E20-A8DD363881AE}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{449D8143-5A6B-48DB-99A8-9386D9E43199}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{4F5772D7-B637-483F-A036-F19F35D138F7}" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"{5D327E59-C911-491D-8330-2494F0B744E8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6A5B678B-A6A4-42E5-BAE6-159408ABD561}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{6A917AB8-30B6-4C7A-8830-C7B99149BE29}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{7E926DC6-7E44-42EE-B94C-1615BE2AAF57}" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"{80768ED7-4F02-419F-85AC-5249DC98147C}" = dir=in | app=c:\program files\acer\acer vcm\vc.exe |
"{89E90B4E-0311-4F5E-9D25-A658E35D5B47}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{98CFFB4B-97A0-45EF-BB59-72B671DA33DB}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{99510553-CD61-48A0-8B2F-8BF152B4508F}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{9E5D9703-4547-4096-B256-DDEA07F2EE87}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{A75C65D8-953E-4F46-9A1C-AAB28AB5D6C3}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{AEC36D97-4D2F-4D64-BBE2-986EEA6DC15C}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{BBBA3C6F-701D-4E52-A063-5B419D4F2343}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{DA548DB8-D8EB-4E89-AA34-589DE61147EA}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{DB8D0FD0-0A9B-45F4-874D-0999EB38B29D}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{E2BE57FB-1AE6-4BF9-BA8B-C8FEDC8A27E7}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.5000
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{07035AB3-5C70-3315-35A9-CFFECA140880}" = BBC iPlayer Desktop
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel® PROSet/Wireless WiFi Software
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java™ 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5CCBACD2-436E-4D98-AF54-AFD2E57D394C}" = SAS Enterprise Guide 4.3
"{621025AE-3510-478E-BC27-1A647150976F}" = SPSS 16.0 for Windows
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360}" = Alien Shooter
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110422467}" = Tiks Texas Hold em
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111940693}" = Bookworm Adventures
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112028410}" = Putt Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112548397}" = The Rise of Atlantis
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113848220}" = Agatha Christie Peril at End House
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113919217}" = Mythic Mahjong
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11408540}" = Magic Match Adventures
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114086870}" = Womens Murder Club
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114717227}" = Magic Farm
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D34043C-AED4-47EA-AA96-912B713B044F}" = Stata 9
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A4B0BFFE-DADB-4D00-8C8B-26B6EA87FCC5}" = SAS/IML Studio 3.3
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 3.0.6.3
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9390B82-786C-43CF-A970-D39E23EF0366}" = SAS 9.2
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1656e28ae7cb12a3498502c5526295f6" = SAS Private JRE (J2SE™ Java Runtime Environment 1.4.2_09)
"1d8476e4fcca11dab0f6f685d746a93a" = SAS/SECURE Java 9.2
"Acer Acer Bio Protection 6.0.00.15" = Acer Bio Protection

AAV 6.0.00.15
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"avast" = avast! Free Antivirus
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"BroadJump Client Foundation" = BroadJump Client Foundation
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"d512c678901db9d321c85ecf7c30ae2e" = SAS Deployment Tester - Client 1.3
"eMule" = eMule
"febb569a337f725f5f8607711f665d3b" = SAS Versioned Jar Repository 9.2
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"NVIDIA Drivers" = NVIDIA Drivers
"OnlineArmor_is1" = Online Armor 5.1
"ProInst" = Intel PROSet Wireless
"RadialpointClientGateway_is1" = Virgin Media Service Manager 3.7.47
"RealPlayer 6.0" = RealPlayer
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"SopCast" = SopCast 3.2.9
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"Veetle TV" = Veetle TV 0.9.16
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 02/08/2011 14:55:32 | Computer Name = ACER-PC | Source = WinMgmt | ID = 10
Description =

Error - 07/08/2011 09:14:24 | Computer Name = ACER-PC | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, time stamp 0x4e17bc82,
faulting module mcbrwctl.dll, version 3.3.1.133, time stamp 0x4d9f7769, exception
code 0x40000015, fault offset 0x00039c3b, process id 0xc6c, application start time
0x01cc515fe2c25f90.

Error - 12/08/2011 11:31:24 | Computer Name = ACER-PC | Source = WinMgmt | ID = 10
Description =

Error - 18/08/2011 16:20:47 | Computer Name = ACER-PC | Source = WinMgmt | ID = 10
Description =

Error - 19/08/2011 02:26:10 | Computer Name = ACER-PC | Source = WinMgmt | ID = 10
Description =

Error - 19/08/2011 03:12:07 | Computer Name = ACER-PC | Source = WinMgmt | ID = 10
Description =

Error - 19/08/2011 03:23:25 | Computer Name = ACER-PC | Source = WinMgmt | ID = 10
Description =

Error - 19/08/2011 13:04:47 | Computer Name = ACER-PC | Source = WinMgmt | ID = 10
Description =

Error - 20/08/2011 03:12:17 | Computer Name = ACER-PC | Source = WinMgmt | ID = 10
Description =

Error - 21/08/2011 05:37:53 | Computer Name = ACER-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 28/09/2011 10:25:22 | Computer Name = ACER-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 28/09/2011 10:31:14 | Computer Name = ACER-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 15:29:57 on 28/09/2011 was unexpected.

Error - 28/09/2011 10:31:29 | Computer Name = ACER-PC | Source = DCOM | ID = 10005
Description =

Error - 28/09/2011 10:31:38 | Computer Name = ACER-PC | Source = DCOM | ID = 10005
Description =

Error - 28/09/2011 10:31:43 | Computer Name = ACER-PC | Source = DCOM | ID = 10005
Description =

Error - 28/09/2011 10:31:42 | Computer Name = ACER-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 28/09/2011 10:31:52 | Computer Name = ACER-PC | Source = DCOM | ID = 10005
Description =

Error - 28/09/2011 10:32:03 | Computer Name = ACER-PC | Source = DCOM | ID = 10005
Description =

Error - 28/09/2011 10:32:36 | Computer Name = ACER-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 28/09/2011 10:32:36 | Computer Name = ACER-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0

Advertisements

#2
havredave
Posted 03 October 2011 - 03:38 PM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
Hi, welcome to GeeksToGo! I'm havredave, and I'll do my best to help you fix whatever it is that ails your computer.

Just a few things before we begin, to ease the process on both of us:
  • Please don't run any scanning or cleaning software without my direction, as it can make things worse and take longer in the long run.
  • Please be patient. A good cleaning can take quite a while, and usually involves many steps before it is complete. I may not post back quickly, because I often have to research issues or run ideas by my peers for a more thorough fix. Also, I'm currently still in training, so there may be a longer than normal pause between my posts as I get expert feedback and permission to post each fix.
  • You may wish to print out each instruction post in case you lose Internet connectivity (using safe mode, for example), so you can complete the fix.
  • If you have any question on any step, or if something doesn't work as described, please stop and ask before we proceed. Better safe than sorry!
  • Please paste your logs into your replies instead of attaching them. This makes it far easier to review. Feel free to use multiple replies if you need to.
  • Please stick with me until I let you know we're finished. Even if the machine is running better, it doesn't mean it's clean.

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe file to run it. If it asks you about downloading an updated avast database, please agree to do so.

Click the "Scan" button to start scan. There's no need to change the scan type setting; just leave it where it is.
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply.
Posted Image



Also, since your scan is now a bit old, please do another OTL scan per these instructions:

  • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Copy the text from the codeblock below (ctrl-c) and paste it (ctrl-v) into the Custom Scans/Fixes box.

    netsvcs
%SYSTEMDRIVE%\*.exe
%USERPROFILE%\..|smtmp;true;true;true /FP
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
volsnap.sys
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT
  • Put a checkmark in the Scan All Users checkbox.
  • Put checkmarks in the LOP Check and Purity Check checkboxes.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window with OTL.Txt. This is saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it in your topic.



In all, please respond with aswMBR.txt and OTL.txt in your next response.
  • 0

#3
joecool90
Posted 05 October 2011 - 10:50 AM

joecool90

    Member

  • Topic Starter
  • Member
  • PipPip
  • 92 posts
Apologies for the delay in responding, I blame my 9-5.

aswMBR.txt:


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-10-05 17:19:03
-----------------------------
17:19:03.961 OS Version: Windows 6.0.6002 Service Pack 2
17:19:03.961 Number of processors: 2 586 0x170A
17:19:03.961 ComputerName: ACER-PC UserName: ACER
17:19:35.989 Initialize success
17:19:36.731 AVAST engine defs: 11100201
17:19:54.218 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:19:54.221 Disk 0 Vendor: ST925082 3.AA Size: 238475MB BusType: 3
17:19:54.237 Disk 0 MBR read successfully
17:19:54.240 Disk 0 MBR scan
17:19:54.666 Disk 0 unknown MBR code
17:19:54.692 Disk 0 scanning sectors +488394752
17:19:55.554 Disk 0 scanning C:\Windows\system32\drivers
17:20:08.725 Service scanning
17:20:10.245 Modules scanning
17:20:13.684 Disk 0 trace - called modules:
17:20:13.705 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:20:13.709 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x867c4620]
17:20:13.713 3 CLASSPNP.SYS[8ab9d8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8595a028]
17:20:14.238 AVAST engine scan C:\Windows
17:20:17.589 AVAST engine scan C:\Windows\system32
17:21:39.824 AVAST engine scan C:\Windows\system32\drivers
17:21:50.284 AVAST engine scan C:\Users\ACER
17:30:13.821 AVAST engine scan C:\ProgramData
17:31:06.634 Scan finished successfully
17:34:10.083 Disk 0 MBR has been saved successfully to "C:\Users\ACER\Desktop\MBR.dat"
17:34:10.109 The log file has been saved successfully to "C:\Users\ACER\Desktop\aswMBR.txt"

otl.txt:

OTL logfile created on: 05/10/2011 17:38:26 - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\ACER\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 77.78% Memory free
6.19 Gb Paging File | 5.73 Gb Available in Paging File | 92.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.44 Gb Total Space | 61.71 Gb Free Space | 55.37% Space Free | Partition Type: NTFS
Drive D: | 104.90 Gb Total Space | 84.81 Gb Free Space | 80.85% Space Free | Partition Type: NTFS

Computer Name: ACER-PC | User Name: ACER | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/28 15:50:12 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ACER\Desktop\OTL.exe
PRC - [2011/08/18 21:33:18 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/03/25 13:34:04 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV - [2011/09/06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/18 21:33:18 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/04/19 07:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/04/19 07:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/03/25 13:34:04 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe -- (ServicepointService)
SRV - [2009/09/24 11:59:26 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\Windows\System32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2009/03/20 07:40:43 | 003,520,512 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2008/07/30 02:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Stopped] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/07/21 02:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/07/19 23:13:44 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/06/02 18:25:40 | 000,024,576 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/05/26 13:43:58 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2008/05/01 04:41:12 | 000,815,104 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/05/01 04:10:10 | 000,466,944 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/11 04:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/12/07 01:15:28 | 000,110,592 | ---- | M] () [Auto | Stopped] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)


========== Driver Services (SafeList) ==========

DRV - [2011/10/01 15:49:25 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/09/06 21:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 21:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 21:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 21:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 21:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/09/06 21:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/18 21:33:08 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/08/18 21:33:07 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/09/01 09:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/03/08 10:02:58 | 000,062,496 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2009/08/21 20:24:04 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/08/05 06:18:22 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2009/03/20 07:40:39 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008/12/05 11:24:00 | 007,538,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/26 13:44:14 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008/04/27 23:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®
DRV - [2008/02/29 08:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007/01/26 07:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2006/11/02 14:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Stopped] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...9&m=aspire_8930
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...9&m=aspire_8930


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-945882338-3912884603-1135198170-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...9&m=aspire_8930
IE - HKU\S-1-5-21-945882338-3912884603-1135198170-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-945882338-3912884603-1135198170-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-945882338-3912884603-1135198170-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-945882338-3912884603-1135198170-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-945882338-3912884603-1135198170-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.com/
IE - HKU\S-1-5-21-945882338-3912884603-1135198170-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-945882338-3912884603-1135198170-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}:5.0.12

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Virgin Media\Service Manager\nprpspa.dll (Virgin Media)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.15: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.16: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.15: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.16: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ACER\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ACER\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/04/19 19:10:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/28 13:03:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/30 13:42:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/30 13:42:44 | 000,000,000 | ---D | M]

[2009/10/15 19:38:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ACER\AppData\Roaming\Mozilla\Extensions
[2011/09/13 22:05:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\miz7r0fi.default\extensions
[2010/05/21 09:09:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\miz7r0fi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/30 13:35:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/09 19:10:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
[2010/05/21 09:08:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/17 07:46:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/23 09:37:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/22 22:27:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/24 23:25:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/09/20 18:08:28 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/09/20 18:08:28 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/09/20 18:08:28 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/09/20 18:08:28 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.186\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.186\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.186\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Service Manager (Enabled) = C:\Program Files\Virgin Media\Service Manager\nprpspa.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~1\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\

O1 HOSTS File: ([2011/09/05 14:40:48 | 000,614,259 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 16324 more lines...
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-945882338-3912884603-1135198170-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ServiceManager.exe] C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe (Virgin Media)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\VistaCodecPack\rm\Update_OB\realsched.exe" -osboot File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [workflow] F:\installs\workflow.exe File not found
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-945882338-3912884603-1135198170-1000..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKU\S-1-5-21-945882338-3912884603-1135198170-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe (Convesoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://download.macr...are/awswaxf.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.c...oad/vexcast.cab (VodClient Control Class)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail....NPUplden-gb.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0262EFB3-8DFF-407E-AE8E-C31A44EECB26}: NameServer = 152.78.128.200 152.78.128.201
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FAA85B7-4C67-4C95-8036-02723AB7A771}: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7D875F0-2A76-4C9B-AC8A-6020B6E459CD}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Acer03.JPG
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Acer03.JPG
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{151e913e-1797-11e0-aa20-00a0d1aeb6c4}\Shell\AutoRun\command - "" = laf\\lauski.exe
O33 - MountPoints2\{151e913e-1797-11e0-aa20-00a0d1aeb6c4}\Shell\explore\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{151e913e-1797-11e0-aa20-00a0d1aeb6c4}\Shell\open\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{4159cdbb-c851-11de-a520-00a0d1aeb6c4}\Shell\AutoRun\command - "" = laf\\lauski.exe
O33 - MountPoints2\{4159cdbb-c851-11de-a520-00a0d1aeb6c4}\Shell\explore\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{4159cdbb-c851-11de-a520-00a0d1aeb6c4}\Shell\open\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{aff71ea1-43d0-11de-949c-00a0d1aeb6c4}\Shell\AutoRun\command - "" = laf\\lauski.exe
O33 - MountPoints2\{aff71ea1-43d0-11de-949c-00a0d1aeb6c4}\Shell\explore\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{aff71ea1-43d0-11de-949c-00a0d1aeb6c4}\Shell\open\command - "" = laf\\\lauski.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2011/10/05 17:18:02 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\ACER\Desktop\aswMBR.exe
[2011/10/01 15:49:25 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2011/10/01 15:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\LSoft Technologies
[2011/10/01 15:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2011/09/30 13:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/09/30 13:41:45 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/09/30 13:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/09/30 13:34:11 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/09/29 18:56:05 | 000,000,000 | ---D | C] -- C:\35aecda3ee8791d0a5c7efc8c987
[2011/09/28 15:51:23 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\ACER\Desktop\OTL.exe
[2011/09/28 15:44:06 | 000,000,000 | ---D | C] -- C:\Users\ACER\AppData\Local\Secunia PSI
[2011/09/28 15:44:02 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011/09/28 13:03:42 | 000,320,856 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/09/28 13:03:42 | 000,020,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/09/28 13:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/09/28 13:03:40 | 000,442,200 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/09/28 13:03:40 | 000,052,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/09/28 13:03:40 | 000,034,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/09/28 13:03:39 | 000,054,616 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/09/28 13:03:33 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/09/28 13:03:33 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/09/28 13:03:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/09/28 13:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/09/28 11:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Agnitum
[2011/09/28 10:23:01 | 000,000,000 | ---D | C] -- C:\Users\ACER\Desktop\hosts
[2011/09/27 21:41:30 | 000,000,000 | ---D | C] -- C:\Users\ACER\AppData\Roaming\Malwarebytes
[2011/09/27 21:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/27 21:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/09/27 21:41:17 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/09/27 21:41:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/27 20:29:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2011/09/27 20:29:53 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2009/01/09 03:58:48 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 30 Days ==========

[2011/10/05 17:34:10 | 000,000,512 | ---- | M] () -- C:\Users\ACER\Desktop\MBR.dat
[2011/10/05 17:18:58 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\ACER\Desktop\aswMBR.exe
[2011/10/05 17:04:00 | 000,598,782 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/05 17:04:00 | 000,104,658 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/05 16:59:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/02 12:46:33 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{37C344E3-3ED8-427B-BC01-F3F66F99FBFD}
[2011/10/02 12:44:47 | 000,161,436 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/10/02 12:42:56 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011/10/02 12:42:21 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/02 12:42:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/02 12:42:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/02 10:32:09 | 000,031,744 | ---- | M] () -- C:\Users\ACER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/02 10:32:05 | 000,001,356 | ---- | M] () -- C:\Users\ACER\AppData\Local\d3d9caps.dat
[2011/10/01 22:27:54 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{063B1003-3EA9-4ABC-8B66-0D065E02D942}
[2011/10/01 22:05:07 | 000,001,852 | ---- | M] () -- C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk
[2011/10/01 22:04:51 | 000,002,439 | ---- | M] () -- C:\Users\Public\Desktop\Orion.lnk
[2011/10/01 21:55:58 | 000,000,000 | ---- | M] () -- C:\Windows\vpd.properties
[2011/10/01 19:43:53 | 000,405,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/10/01 12:57:44 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{901CAD3C-22C2-439D-99C3-31C4E97E4B09}
[2011/10/01 12:56:25 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945882338-3912884603-1135198170-1000UA.job
[2011/09/30 18:31:17 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/30 17:28:02 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/09/30 13:48:09 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/09/30 13:36:01 | 000,001,728 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/09/30 13:19:44 | 000,161,436 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/09/28 15:50:12 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ACER\Desktop\OTL.exe
[2011/09/28 15:44:02 | 000,000,903 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/09/28 15:27:22 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{8217BE74-99C1-4656-8D51-19C27BAD773F}
[2011/09/28 13:15:02 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/09/28 13:03:42 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/09/28 12:27:02 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{D66BECDD-843B-4109-93FA-57629B53F917}
[2011/09/28 12:24:31 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{D832C08B-79FB-41F8-A47E-954FB3E3AC9D}
[2011/09/28 10:22:17 | 000,150,727 | ---- | M] () -- C:\Users\ACER\Desktop\hosts.zip
[2011/09/28 08:33:26 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{B8C405FE-C578-4A83-B804-D49EFAFE00E0}
[2011/09/28 08:32:52 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945882338-3912884603-1135198170-1000Core.job
[2011/09/21 14:08:25 | 000,002,041 | ---- | M] () -- C:\Users\ACER\Desktop\Google Chrome.lnk
[2011/09/21 14:08:25 | 000,002,003 | ---- | M] () -- C:\Users\ACER\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/21 09:44:49 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/09/06 21:45:29 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/09/06 21:45:29 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/09/06 21:38:05 | 000,442,200 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/09/06 21:37:53 | 000,320,856 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/09/06 21:36:38 | 000,034,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/09/06 21:36:36 | 000,052,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/09/06 21:36:26 | 000,054,616 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/09/06 21:36:12 | 000,020,568 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

========== Files Created - No Company Name ==========

[2011/10/05 17:34:10 | 000,000,512 | ---- | C] () -- C:\Users\ACER\Desktop\MBR.dat
[2011/10/02 12:46:33 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{37C344E3-3ED8-427B-BC01-F3F66F99FBFD}
[2011/10/01 22:27:54 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{063B1003-3EA9-4ABC-8B66-0D065E02D942}
[2011/10/01 22:05:07 | 000,001,852 | ---- | C] () -- C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk
[2011/10/01 12:57:44 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{901CAD3C-22C2-439D-99C3-31C4E97E4B09}
[2011/09/30 13:36:01 | 000,001,728 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/09/28 15:44:02 | 000,000,903 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/09/28 15:44:02 | 000,000,866 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2011/09/28 15:27:22 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{8217BE74-99C1-4656-8D51-19C27BAD773F}
[2011/09/28 13:03:42 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/09/28 12:27:02 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{D66BECDD-843B-4109-93FA-57629B53F917}
[2011/09/28 12:24:31 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{D832C08B-79FB-41F8-A47E-954FB3E3AC9D}
[2011/09/28 10:22:24 | 000,150,727 | ---- | C] () -- C:\Users\ACER\Desktop\hosts.zip
[2011/09/28 08:33:26 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{B8C405FE-C578-4A83-B804-D49EFAFE00E0}
[2011/09/21 09:44:49 | 000,001,891 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/18 12:33:41 | 000,000,136 | ---- | C] () -- C:\Users\ACER\AppData\Roaming\wklnhst.dat
[2009/11/17 14:11:58 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2009/11/17 14:11:58 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2009/11/17 14:11:58 | 000,000,100 | ---- | C] () -- C:\Windows\System32\prsgrc.dll
[2009/11/17 14:09:04 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2009/11/17 14:09:04 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2009/10/15 19:38:36 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/05/28 21:45:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/28 21:45:21 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/04/19 02:23:51 | 000,663,552 | ---- | C] () -- C:\Windows\System32\libeay32_1-1-0_DDR.dll
[2009/04/19 02:23:51 | 000,532,594 | ---- | C] () -- C:\Windows\System32\xerces-c_1_40_0_DDR.dll
[2009/04/19 02:23:51 | 000,524,377 | ---- | C] () -- C:\Windows\System32\stlport_4_0_0_DDR.dll
[2009/04/19 02:23:51 | 000,307,329 | ---- | C] () -- C:\Windows\System32\BJBase_2-2-2_DDR.dll
[2009/04/19 02:23:51 | 000,159,744 | ---- | C] () -- C:\Windows\System32\ssleay32_1-1-0_DDR.dll
[2009/04/17 03:07:44 | 000,001,356 | ---- | C] () -- C:\Users\ACER\AppData\Local\d3d9caps.dat
[2009/04/06 21:32:16 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/04/03 17:14:56 | 000,031,744 | ---- | C] () -- C:\Users\ACER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/02 01:51:10 | 000,161,436 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/04/02 01:51:06 | 000,161,436 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/03/20 07:44:21 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009/03/20 07:44:21 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009/03/20 07:44:21 | 000,009,216 | ---- | C] () -- C:\Windows\usbvideo_reg.exe
[2009/03/20 07:44:21 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009/03/20 07:41:03 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2009/01/09 06:19:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2009/01/09 06:19:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2009/01/09 05:48:16 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009/01/09 05:33:21 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2009/01/09 05:33:21 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2009/01/09 05:33:21 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009/01/09 05:31:25 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2009/01/09 04:38:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/09 03:55:30 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/10/07 17:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 17:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/12/27 22:05:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007/11/15 00:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2007/04/25 02:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007/03/10 12:51:48 | 000,282,624 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007/02/06 01:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007/01/26 07:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,405,392 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,598,782 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,104,658 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/02/25 19:09:38 | 000,774,144 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005/01/03 11:10:44 | 000,319,488 | ---- | C] () -- C:\Windows\System32\DLXAPI32.DLL
[2001/12/27 01:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/11/14 21:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/09/04 08:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/31 01:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 07:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2010/07/13 09:09:45 | 000,000,000 | -HSD | M] -- C:\Users\ACER\AppData\Roaming\.#
[2009/04/18 20:25:48 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Acer
[2009/01/09 06:04:38 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Acer GameZone Console
[2009/05/03 14:18:58 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2009/04/15 17:28:11 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\eSobi
[2009/04/19 08:36:01 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\OpenOffice.org
[2011/04/09 20:44:35 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\SAS
[2011/06/18 12:33:43 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Template
[2009/03/31 22:23:40 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Validity
[2011/04/27 08:03:33 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Virgin Media
[2011/01/18 22:26:56 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Windows Live Writer
[2011/09/30 17:28:02 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %USERPROFILE%\..|smtmp;true;true;true /FP >


< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2006/11/02 10:51:18 | 000,208,488 | ---- | M] (Microsoft Corporation) MD5=11EF6C1CAEF76B685233450A126125D6 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys
[2009/04/11 07:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\drivers\volsnap.sys
[2009/04/11 07:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_1e6030e4\volsnap.sys
[2009/04/11 07:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6002.18005_none_17a2308cf936c619\volsnap.sys
[2008/01/21 03:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_f53a1785\volsnap.sys
[2008/01/21 03:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) MD5=D8B4A53DD2769F226B3EB374374987C9 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys

< MD5 for: WINLOGON.EXE >
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/20 19:14:25 | 000,552,456 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/20 19:14:25 | 000,552,456 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/20 19:14:25 | 000,552,456 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/20 19:14:25 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/20 19:14:25 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/20 19:14:25 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/09/20 04:07:40 | 001,030,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/09/20 04:07:40 | 001,030,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/09/20 04:07:40 | 001,030,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/09/20 04:07:40 | 001,030,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/04/18 06:56:30 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/04/18 06:56:30 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/04/18 06:56:30 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/18 06:56:31 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/04/18 06:56:31 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/20 19:14:25 | 000,552,456 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/20 19:14:25 | 000,552,456 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/20 19:14:25 | 000,552,456 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/20 19:14:25 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/20 19:14:25 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/20 19:14:25 | 000,912,344 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/09/20 04:07:40 | 001,030,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/09/20 04:07:40 | 001,030,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/09/20 04:07:40 | 001,030,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\ACER\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/09/20 04:07:40 | 001,030,200 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/04/18 06:56:30 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/04/18 06:56:30 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/04/18 06:56:30 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/18 06:56:31 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/04/18 06:56:31 | 000,748,336 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:4220A65C
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:F3176E45

< End of report >

Thanks

Joe
  • 0

#4
havredave
Posted 05 October 2011 - 10:56 AM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
Don't worry about the timing. I am on what amounts to a 9-5 as well, except that's when I CAN answer posts. :)

Your log will take me a bit to go through, as I'm not seeing right off what could be causing your computer to not boot properly, so I'll have to dig deeper. I'll try to get back to you as soon as possible.
  • 0

#5
havredave
Posted 06 October 2011 - 01:03 PM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
I have a few more things for you today:


Warning

You have evidence of a worm infection being on your computer. This worm is known to steal passwords, among other things.

If your computer was used for online banking, has credit card information or other sensitive data on it, I suggest you do the following.
  • All passwords should be changed to include those used for banking, email, eBay and forums.
    • You should consider them to be compromised.
    • They should be changed using a different computer and not the infected one.
    • If you use the infected computer, an attacker may get the new passwords and transaction information.
  • Banking and credit card institutions should be notified of the possible security breach.


I'd like to help you immunise against further infection, both to the affected machine and to other machines you might have.

To immunise your external media:
Click here to visit Panda Security, and download Panda USB Vaccine. It runs on your machine all the time once installed, and will offer to vaccinate any external media (flash drives, etc.) that you plug into it. Simply double-click the downloaded file from Panda and follow the prompts to install.



Now, a few less-critical things:

First

I see that you've installed Malwarebytes' Anti-Malware (MBAM) and some other scanning software. Have you used these to scan yet? I'd be very interested in seeing logs from at least the MBAM scans, if you have.

You should be able to find them in the following folder, which you can copy/paste into search (click start, paste into the white box with blinking cursor):

C:\Users\ACER\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs

If there's more than one in there, please post the ones from after the time you got this infection.


Next

I need to peek in a folder and see what's inside. Please run OTL, and paste the following into the Custom Scans/Fixes box. Click the Quick Scan button, and let it finish; please post back with the resulting OTL.txt file.

C:\Users\ACER\AppData\Roaming\.#\*.* /s



Please post back then, with your experience immunising your external media (flash drives, etc.) in case you had trouble, your MBAM logs if any, and the OTL scan.
  • 0

#6
joecool90
Posted 08 October 2011 - 12:10 PM

joecool90

    Member

  • Topic Starter
  • Member
  • PipPip
  • 92 posts
Thanks for your latest email. Have notified my bank and have changed necessary passwords.

Have installed Panda, no problems found with external drives.

Malwarebytes' Anti-Malware log as requested (last log was before all my problems started).

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7888

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 9.0.8112.16421

08/10/2011 18:57:51
mbam-log-2011-10-08 (18-57-50).txt

Scan type: Quick scan
Objects scanned: 173845
Time elapsed: 4 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Latest OTL scan:

OTL logfile created on: 08/10/2011 18:59:24 - Run 3
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\ACER\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.98 Gb Available Physical Memory | 65.97% Memory free
6.19 Gb Paging File | 5.37 Gb Available in Paging File | 86.69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.44 Gb Total Space | 78.57 Gb Free Space | 70.51% Space Free | Partition Type: NTFS
Drive D: | 104.90 Gb Total Space | 84.81 Gb Free Space | 80.85% Space Free | Partition Type: NTFS

Computer Name: ACER-PC | User Name: ACER | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/28 15:50:12 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ACER\Desktop\OTL.exe
PRC - [2011/08/31 17:00:48 | 001,047,208 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2011/08/18 21:33:18 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/03/25 13:34:04 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/21 03:24:02 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/30 16:12:40 | 000,412,728 | ---- | M] () -- C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.202\ppgooglenaclpluginchrome.dll
MOD - [2011/09/30 16:12:39 | 003,696,184 | ---- | M] () -- C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
MOD - [2011/09/30 16:11:13 | 000,142,568 | ---- | M] () -- C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.202\avutil-51.dll
MOD - [2011/09/30 16:11:12 | 000,253,320 | ---- | M] () -- C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.202\avformat-53.dll
MOD - [2011/09/30 16:11:10 | 002,403,240 | ---- | M] () -- C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.202\avcodec-53.dll
MOD - [2011/09/29 21:06:57 | 008,587,936 | ---- | M] () -- C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
MOD - [2008/09/16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/09/06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/18 21:33:18 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/04/19 07:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/04/19 07:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/03/25 13:34:04 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe -- (ServicepointService)
SRV - [2009/09/24 11:59:26 | 001,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) [Auto | Stopped] -- C:\Windows\System32\nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2009/03/20 07:40:43 | 003,520,512 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2008/07/30 02:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Stopped] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/07/21 02:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/07/19 23:13:44 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/06/02 18:25:40 | 000,024,576 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/05/26 13:43:58 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2008/05/01 04:41:12 | 000,815,104 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/05/01 04:10:10 | 000,466,944 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/11 04:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/12/07 01:15:28 | 000,110,592 | ---- | M] () [Auto | Stopped] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)


========== Driver Services (SafeList) ==========

DRV - [2011/10/01 15:49:25 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/09/06 21:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 21:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 21:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 21:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 21:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/09/06 21:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/18 21:33:08 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/08/18 21:33:07 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/09/01 09:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/03/08 10:02:58 | 000,062,496 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2009/08/21 20:24:04 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/08/05 06:18:22 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2009/03/20 07:40:39 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\system32\Drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008/12/05 11:24:00 | 007,538,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/26 13:44:14 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008/04/27 23:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®
DRV - [2008/02/29 08:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007/01/26 07:32:18 | 000,069,632 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2006/11/02 14:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Stopped] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...9&m=aspire_8930
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...9&m=aspire_8930

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...9&m=aspire_8930
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}:5.0.12

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Virgin Media\Service Manager\nprpspa.dll (Virgin Media)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.15: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.16: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.15: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.16: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ACER\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ACER\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/04/19 19:10:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/28 13:03:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/30 13:42:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/30 13:42:44 | 000,000,000 | ---D | M]

[2009/10/15 19:38:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ACER\AppData\Roaming\Mozilla\Extensions
[2011/09/13 22:05:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\miz7r0fi.default\extensions
[2010/05/21 09:09:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ACER\AppData\Roaming\Mozilla\Firefox\Profiles\miz7r0fi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/30 13:35:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/09 19:10:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
[2010/05/21 09:08:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/17 07:46:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/23 09:37:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/22 22:27:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/24 23:25:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/09/20 18:08:28 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/09/20 18:08:28 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/09/20 18:08:28 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/09/20 18:08:28 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ACER\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Service Manager (Enabled) = C:\Program Files\Virgin Media\Service Manager\nprpspa.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~1\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Users\ACER\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\

O1 HOSTS File: ([2011/09/05 14:40:48 | 000,614,259 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 16324 more lines...
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ServiceManager.exe] C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe (Virgin Media)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\VistaCodecPack\rm\Update_OB\realsched.exe" -osboot File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [workflow] F:\installs\workflow.exe File not found
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk = C:\Program Files\Convesoft\Orion\Messenger.exe (Convesoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://download.macr...are/awswaxf.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://www.vexcast.c...oad/vexcast.cab (VodClient Control Class)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail....NPUplden-gb.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0262EFB3-8DFF-407E-AE8E-C31A44EECB26}: NameServer = 152.78.128.200 152.78.128.201
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FAA85B7-4C67-4C95-8036-02723AB7A771}: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7D875F0-2A76-4C9B-AC8A-6020B6E459CD}: DhcpNameServer = 194.168.4.100 194.168.8.100
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Acer03.JPG
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Acer03.JPG
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{151e913e-1797-11e0-aa20-00a0d1aeb6c4}\Shell\AutoRun\command - "" = laf\\lauski.exe
O33 - MountPoints2\{151e913e-1797-11e0-aa20-00a0d1aeb6c4}\Shell\explore\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{151e913e-1797-11e0-aa20-00a0d1aeb6c4}\Shell\open\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{4159cdbb-c851-11de-a520-00a0d1aeb6c4}\Shell\AutoRun\command - "" = laf\\lauski.exe
O33 - MountPoints2\{4159cdbb-c851-11de-a520-00a0d1aeb6c4}\Shell\explore\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{4159cdbb-c851-11de-a520-00a0d1aeb6c4}\Shell\open\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{aff71ea1-43d0-11de-949c-00a0d1aeb6c4}\Shell\AutoRun\command - "" = laf\\lauski.exe
O33 - MountPoints2\{aff71ea1-43d0-11de-949c-00a0d1aeb6c4}\Shell\explore\command - "" = laf\\\lauski.exe
O33 - MountPoints2\{aff71ea1-43d0-11de-949c-00a0d1aeb6c4}\Shell\open\command - "" = laf\\\lauski.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/08 18:53:10 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/10/08 18:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2011/10/08 18:50:08 | 000,000,000 | ---D | C] -- C:\Program Files\Panda USB Vaccine
[2011/10/08 18:50:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2011/10/05 17:18:02 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\ACER\Desktop\aswMBR.exe
[2011/10/01 15:49:25 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2011/10/01 15:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\LSoft Technologies
[2011/10/01 15:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2011/09/30 13:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/09/30 13:41:45 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/09/30 13:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/09/29 18:56:05 | 000,000,000 | ---D | C] -- C:\35aecda3ee8791d0a5c7efc8c987
[2011/09/28 15:51:23 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\ACER\Desktop\OTL.exe
[2011/09/28 15:44:06 | 000,000,000 | ---D | C] -- C:\Users\ACER\AppData\Local\Secunia PSI
[2011/09/28 15:44:02 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2011/09/28 13:03:42 | 000,320,856 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/09/28 13:03:42 | 000,020,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/09/28 13:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/09/28 13:03:40 | 000,442,200 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/09/28 13:03:40 | 000,052,568 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/09/28 13:03:40 | 000,034,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/09/28 13:03:39 | 000,054,616 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/09/28 13:03:33 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/09/28 13:03:33 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/09/28 13:03:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/09/28 13:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/09/28 11:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Agnitum
[2011/09/28 10:23:01 | 000,000,000 | ---D | C] -- C:\Users\ACER\Desktop\hosts
[2011/09/27 21:41:30 | 000,000,000 | ---D | C] -- C:\Users\ACER\AppData\Roaming\Malwarebytes
[2011/09/27 21:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/27 21:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/09/27 21:41:17 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/09/27 21:41:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/27 20:29:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2011/09/27 20:29:53 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2009/01/09 03:58:48 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 30 Days ==========

[2011/10/08 18:53:10 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/10/08 18:17:43 | 000,598,782 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/08 18:17:43 | 000,104,658 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/08 18:13:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/08 09:25:28 | 000,001,356 | ---- | M] () -- C:\Users\ACER\AppData\Local\d3d9caps.dat
[2011/10/08 09:25:22 | 000,046,592 | ---- | M] () -- C:\Users\ACER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/06 21:02:27 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945882338-3912884603-1135198170-1000UA.job
[2011/10/06 21:01:53 | 000,002,041 | ---- | M] () -- C:\Users\ACER\Desktop\Google Chrome.lnk
[2011/10/06 21:01:53 | 000,002,003 | ---- | M] () -- C:\Users\ACER\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/06 20:39:19 | 000,161,436 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/10/06 20:38:52 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011/10/06 20:38:19 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/06 20:38:14 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/06 20:38:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/06 20:38:09 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/05 17:34:10 | 000,000,512 | ---- | M] () -- C:\Users\ACER\Desktop\MBR.dat
[2011/10/05 17:18:58 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\ACER\Desktop\aswMBR.exe
[2011/10/02 12:46:33 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{37C344E3-3ED8-427B-BC01-F3F66F99FBFD}
[2011/10/01 22:27:54 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{063B1003-3EA9-4ABC-8B66-0D065E02D942}
[2011/10/01 22:05:07 | 000,001,852 | ---- | M] () -- C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk
[2011/10/01 22:04:51 | 000,002,439 | ---- | M] () -- C:\Users\Public\Desktop\Orion.lnk
[2011/10/01 21:55:58 | 000,000,000 | ---- | M] () -- C:\Windows\vpd.properties
[2011/10/01 19:43:53 | 000,405,392 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/10/01 12:57:44 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{901CAD3C-22C2-439D-99C3-31C4E97E4B09}
[2011/09/30 17:28:02 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/09/30 13:36:01 | 000,001,728 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/09/30 13:19:44 | 000,161,436 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/09/28 15:50:12 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ACER\Desktop\OTL.exe
[2011/09/28 15:44:02 | 000,000,903 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/09/28 15:27:22 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{8217BE74-99C1-4656-8D51-19C27BAD773F}
[2011/09/28 13:15:02 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/09/28 13:03:42 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/09/28 12:27:02 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{D66BECDD-843B-4109-93FA-57629B53F917}
[2011/09/28 12:24:31 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{D832C08B-79FB-41F8-A47E-954FB3E3AC9D}
[2011/09/28 10:22:17 | 000,150,727 | ---- | M] () -- C:\Users\ACER\Desktop\hosts.zip
[2011/09/28 08:33:26 | 000,000,000 | ---- | M] () -- C:\Users\ACER\AppData\Local\{B8C405FE-C578-4A83-B804-D49EFAFE00E0}
[2011/09/28 08:32:52 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945882338-3912884603-1135198170-1000Core.job
[2011/09/21 09:44:49 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

========== Files Created - No Company Name ==========

[2011/10/05 17:34:10 | 000,000,512 | ---- | C] () -- C:\Users\ACER\Desktop\MBR.dat
[2011/10/02 12:46:33 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{37C344E3-3ED8-427B-BC01-F3F66F99FBFD}
[2011/10/01 22:27:54 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{063B1003-3EA9-4ABC-8B66-0D065E02D942}
[2011/10/01 22:05:07 | 000,001,852 | ---- | C] () -- C:\Users\ACER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk
[2011/10/01 12:57:44 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{901CAD3C-22C2-439D-99C3-31C4E97E4B09}
[2011/09/30 13:36:01 | 000,001,728 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/09/28 15:44:02 | 000,000,903 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2011/09/28 15:44:02 | 000,000,866 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2011/09/28 15:27:22 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{8217BE74-99C1-4656-8D51-19C27BAD773F}
[2011/09/28 13:03:42 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/09/28 12:27:02 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{D66BECDD-843B-4109-93FA-57629B53F917}
[2011/09/28 12:24:31 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{D832C08B-79FB-41F8-A47E-954FB3E3AC9D}
[2011/09/28 10:22:24 | 000,150,727 | ---- | C] () -- C:\Users\ACER\Desktop\hosts.zip
[2011/09/28 08:33:26 | 000,000,000 | ---- | C] () -- C:\Users\ACER\AppData\Local\{B8C405FE-C578-4A83-B804-D49EFAFE00E0}
[2011/09/21 09:44:49 | 000,001,891 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/18 12:33:41 | 000,000,136 | ---- | C] () -- C:\Users\ACER\AppData\Roaming\wklnhst.dat
[2009/11/17 14:11:58 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2009/11/17 14:11:58 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2009/11/17 14:11:58 | 000,000,100 | ---- | C] () -- C:\Windows\System32\prsgrc.dll
[2009/11/17 14:09:04 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2009/11/17 14:09:04 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2009/10/15 19:38:36 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/05/28 21:45:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/28 21:45:21 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/04/19 02:23:51 | 000,663,552 | ---- | C] () -- C:\Windows\System32\libeay32_1-1-0_DDR.dll
[2009/04/19 02:23:51 | 000,532,594 | ---- | C] () -- C:\Windows\System32\xerces-c_1_40_0_DDR.dll
[2009/04/19 02:23:51 | 000,524,377 | ---- | C] () -- C:\Windows\System32\stlport_4_0_0_DDR.dll
[2009/04/19 02:23:51 | 000,307,329 | ---- | C] () -- C:\Windows\System32\BJBase_2-2-2_DDR.dll
[2009/04/19 02:23:51 | 000,159,744 | ---- | C] () -- C:\Windows\System32\ssleay32_1-1-0_DDR.dll
[2009/04/17 03:07:44 | 000,001,356 | ---- | C] () -- C:\Users\ACER\AppData\Local\d3d9caps.dat
[2009/04/06 21:32:16 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/04/03 17:14:56 | 000,046,592 | ---- | C] () -- C:\Users\ACER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/02 01:51:10 | 000,161,436 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/04/02 01:51:06 | 000,161,436 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/03/20 07:44:21 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009/03/20 07:44:21 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009/03/20 07:44:21 | 000,009,216 | ---- | C] () -- C:\Windows\usbvideo_reg.exe
[2009/03/20 07:44:21 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009/03/20 07:41:03 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2009/01/09 06:19:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2009/01/09 06:19:08 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2009/01/09 05:48:16 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009/01/09 05:33:21 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2009/01/09 05:33:21 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2009/01/09 05:33:21 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009/01/09 05:31:25 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2009/01/09 04:38:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/09 03:55:30 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/10/07 17:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 17:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 17:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/12/27 22:05:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007/11/15 00:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2007/04/25 02:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007/03/10 12:51:48 | 000,282,624 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007/02/06 01:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007/01/26 07:32:18 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,405,392 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,598,782 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,104,658 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/02/25 19:09:38 | 000,774,144 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005/01/03 11:10:44 | 000,319,488 | ---- | C] () -- C:\Windows\System32\DLXAPI32.DLL
[2001/12/27 01:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/11/14 21:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/09/04 08:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/31 01:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 07:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2010/07/13 09:09:45 | 000,000,000 | -HSD | M] -- C:\Users\ACER\AppData\Roaming\.#
[2009/04/18 20:25:48 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Acer
[2009/01/09 06:04:38 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Acer GameZone Console
[2009/05/03 14:18:58 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2009/04/15 17:28:11 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\eSobi
[2009/04/19 08:36:01 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\OpenOffice.org
[2011/04/09 20:44:35 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\SAS
[2011/06/18 12:33:43 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Template
[2009/03/31 22:23:40 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Validity
[2011/04/27 08:03:33 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Virgin Media
[2011/01/18 22:26:56 | 000,000,000 | ---D | M] -- C:\Users\ACER\AppData\Roaming\Windows Live Writer
[2011/09/30 17:28:02 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< C:\Users\ACER\AppData\Roaming\.#\*.* /s >
[2009/04/10 23:48:27 | 000,002,048 | -H-- | M] () -- C:\Users\ACER\AppData\Roaming\.#\MBX@1028@1C82990.###
[2009/04/10 23:48:27 | 000,002,048 | -H-- | M] () -- C:\Users\ACER\AppData\Roaming\.#\MBX@1028@1C829C0.###
[2009/04/10 23:48:30 | 000,002,048 | -H-- | M] () -- C:\Users\ACER\AppData\Roaming\.#\MBX@1028@1C829F0.###

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:4220A65C
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:F3176E45

< End of report >
  • 0

#7
havredave
Posted 09 October 2011 - 09:23 PM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
Hey, sorry I didn't post yesterday. I got completely sidetracked and forgot to log in :)

I'll get on this at around 9am MST tomorrow and see what I can see, then go from there. :yes:
  • 0

#8
havredave
Posted 10 October 2011 - 11:08 AM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
Please reboot into safe mode with networking. If it locks on boot like it does in normal mode, disregard the rest of this post and let me know. Otherwise, proceed with the following:

Visit VirScan.org.

Click the Browse button near the top of the page, and paste the following into the File name box:

C:\Users\ACER\AppData\Roaming\.#\MBX@1028@1C82990.###

Click Open, then press the Upload button.

It won't take very long to upload, as the file is very small. If VirScan reports that the file has already been scanned, click the See Result button. Otherwise, press the Scan button.

When VirScan shows you a result page, please copy the URL (should be similar to http://r.virscan.org...bcd6bf135f7ef32), and paste it in your next response.

Please repeat these steps for the following additional file names:

C:\Users\ACER\AppData\Roaming\.#\MBX@1028@1C829C0.###
C:\Users\ACER\AppData\Roaming\.#\MBX@1028@1C829F0.###

  • 0

#9
joecool90
Posted 10 October 2011 - 01:52 PM

joecool90

    Member

  • Topic Starter
  • Member
  • PipPip
  • 92 posts
Thanks for your latest replies. Will try to look at this during the week but more realistically at the weekend.
  • 0

#10
havredave
Posted 10 October 2011 - 03:08 PM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
Sounds good to me. I'll try to make a point of being around on the weekend (I'm usually not, unless I have a good reason... like your log!) to help you fix things up.

I believe you're already avoiding use of the computer since it won't get into normal mode, but just in case, I'd like to recommend you not use it much at all until we progress further. Simply using an infected machine, especially if it's online, can change the playing field drastically, making us start over.
  • 0

Advertisements

#11
joecool90
Posted 13 October 2011 - 01:25 PM

joecool90

    Member

  • Topic Starter
  • Member
  • PipPip
  • 92 posts
Found some time:

http://r.virscan.org...c889e2d0916f31f

http://r.virscan.org...3cdaa0081b.html

http://r.virscan.org...cc32670353.html

Seems like these found a few...!
  • 0

#12
havredave
Posted 13 October 2011 - 01:29 PM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
Thanks for posting - those few hits aren't enough to call them infected. More likely they are a false positive, but I've more research to do on those!

I'll get back to you as soon as I can. Your log, with a set of oddly formed entries, opened up an interesting can of worms that I'm discussing for training purposes behind the scenes. Well, and so we can make sure your machine is clean. :)
  • 0

#13
havredave
Posted 13 October 2011 - 01:50 PM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
Please run a scan with OTL
  • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Copy the text from the codeblock below (ctrl-c) and paste it (ctrl-v) into the Custom Scans/Fixes box.

    /md5start
lauski.*
/md5stop
  • Click the None button.
  • Click the Run Scan button. The scan could take a while, depending on how many files there are on your system.
  • When the scan completes, it will open a notepad window with a new OTL.Txt. This is saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it in your topic.

  • 0

#14
joecool90
Posted 15 October 2011 - 04:30 AM

joecool90

    Member

  • Topic Starter
  • Member
  • PipPip
  • 92 posts
OTL logfile created on: 15/10/2011 10:15:37 - Run 4
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\ACER\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.48 Gb Available Physical Memory | 82.77% Memory free
6.19 Gb Paging File | 5.86 Gb Available in Paging File | 94.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.44 Gb Total Space | 78.39 Gb Free Space | 70.34% Space Free | Partition Type: NTFS
Drive D: | 104.90 Gb Total Space | 84.81 Gb Free Space | 80.85% Space Free | Partition Type: NTFS

Computer Name: ACER-PC | User Name: ACER | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Custom Scans ==========



< End of report >
  • 0

#15
havredave
Posted 15 October 2011 - 11:24 AM

havredave

    GeekU Moderator

  • GeekU Moderator
  • 1,711 posts
Well, I can't say that log surprises me much. I'll get back to you, hopefully this weekend, with more. :)
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP