Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Notebook backlight shutting off

Started by Wafna , Jul 16 2014 11:50 PM

  • This topic is locked This topic is locked

#1
Wafna
Posted 16 July 2014 - 11:50 PM

Wafna

    Member

  • Member
  • PipPip
  • 71 posts

I don't know if this is actual malware, or a hardware issue.

 

3 days ago, I shut down, and went to bed. no problems, nothing out of the ordinary. I woke up, powered up, logged in and... the back-light on my laptop's screen shut off. Reboot, and lighting is fine until after I log in, and issue repeats. I give it some time, still isn't coming back, but I manage to change the display settings enough to get the brightness as low as possible. This had the side effect of having the screen shut itself off after a period of inactivity. When the screen turned itself off (hard to tell without the back-light), something resets, and the backlight works. for a time. Sometimes as little as 30 seconds, sometimes as much as a few hours.

Today It seems to be shorter periods of time if Google Chrome is in use, though yesterday it didn't seem to matter what was being used. (So far no problems with internet using Opera.) If I try raising the screen brightness off minimum, it cuts out until the screen has turned off. At times the screen has shut off immediately after a key-stroke; hitting enter on a fb message, clicking search, etc. Temperature has crossed my mind sometimes as a possible cause, but that doesn't address why the screen shut-off resets the back-light, allowing it to work again. Currently everything is running fine (but still dim) with both Opera and Chrome running... If it's malware, is it possible the issue is time-of-day related, depending on a controller being awake, with some automated function (like the brightness setting still setting it off)?

A bit about myself: I'm running an Acer Aspire, 6920 series, on Window's Vista OS, SP2, the 32 bit version. The system page tells me I'm running an Intel Core Duo processor at 1.83GHz, with 4 gigs of ram. She's an old kit for sure. I ran a SUPERantispyware scan earlier tonight that cleared a bunch of cookies, but that was all. The Microsoft Security Essentials program ran a full scan that came back clean as well. Both programs downloaded updates before scanning. As a note, since I spotted reference to it in the OTL scan, I don't use Firefox, and I don't think I've ever had it installed... strange that it'd show up. I use the current version of uTorrent as well, so unless something is piggy-backing on that program, (had an issue on an old computer with a P2P program doing that... I was seeding a couple gigs of german dubbed baywatch episodes for a few weeks before G2G found it.) uTorrent is normal.

Anyway, thanks for any help you can give me! Always a pleasure to work with you folks.

Wafna

 

Here's the OTL readout:

 

 

 

OTL logfile created on: 7/16/2014 11:07:57 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = E:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 30.08% Memory free
6.18 Gb Paging File | 4.10 Gb Available in Paging File | 66.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.44 Gb Total Space | 7.39 Gb Free Space | 6.63% Space Free | Partition Type: NTFS
Drive D: | 107.90 Gb Total Space | 31.83 Gb Free Space | 29.50% Space Free | Partition Type: NTFS
Drive E: | 14.93 Gb Total Space | 9.78 Gb Free Space | 65.52% Space Free | Partition Type: FAT32
Drive G: | 931.48 Gb Total Space | 382.61 Gb Free Space | 41.08% Space Free | Partition Type: NTFS

Computer Name: WAFNAABROAD | User Name: store | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - E:\OTL.exe (OldTimer Tools)
PRC - C:\Users\store\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
PRC - C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe (Western Digital Technologies, Inc.)
PRC - C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital Technologies, Inc.)
PRC - D:\Program Files\Opera\opera.exe (Opera Software)
PRC - C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
PRC - C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe (Research In Motion Limited)
PRC - C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
PRC - C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
PRC - C:\Program Files\Western Digital\WD Apps\WDDriveAutoUnlock.exe (Western Digital)
PRC - C:\Users\store\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
PRC - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
PRC - C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
PRC - C:\Program Files\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Memeo\AutoBackup\MemeoService.exe (Memeo)
PRC - C:\Users\store\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)


========== Modules (No Company Name) ==========

MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
MOD - D:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll ()
MOD - D:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll ()
MOD - D:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll ()
MOD - D:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll ()
MOD - D:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll ()
MOD - D:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll ()
MOD - D:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll ()
MOD - D:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll ()
MOD - D:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll ()
MOD - D:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll ()
MOD - D:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll ()
MOD - D:\Program Files\Opera\gstreamer\gstreamer.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\ce6c051500f9e64025b58921cc632f51\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\fbf434299b068c463296945c12845734\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\73726634ae4a00a21279a6a66b081301\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d17ceca243fabda73eefb21d9bd072df\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f87e71868aedbc6c4e8fe7160d17c4ab\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2b605fc7deda872727d1ed37710420e\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8e6265a54260bddfc05951e764f5bc48\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\VideoLAN\VLC\libvlccore.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_http_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\libvlc.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll ()
MOD - C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3005.0__3036420f80dd6947\Framework.Library.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3005.0__4df5dcab8860d239\Framework.Utility.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3005.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll ()
MOD - C:\Windows\System32\SysHook.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Program Files\Launch Manager\PowerUtl.dll ()


========== Services (SafeList) ==========

SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (WDBackup) -- C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe (Western Digital Technologies, Inc.)
SRV - (WDDriveService) -- C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital Technologies, Inc.)
SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (RIM MDNS) -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe (Apple Inc.)
SRV - (RIM Tunnel Service) -- C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe (Research In Motion Limited)
SRV - (BlackBerry Device Manager) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (vfsFPService) -- C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (RS_Service) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (MobilityService) -- C:\ACER\Mobility Center\MobilityService.exe ()
SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (BMUService) -- C:\Program Files\Memeo\AutoBackup\MemeoService.exe (Memeo)


========== Driver Services (SafeList) ==========

DRV - (catchme) -- C:\Users\store\AppData\Local\Temp\catchme.sys File not found
DRV - (MpKslde815f6c) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4DF3AD16-12A9-4E28-992E-955313CB8A63}\MpKslde815f6c.sys (Microsoft Corporation)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (rimvndis) -- C:\Windows\System32\drivers\rimvndis6.sys (Research in Motion Limited)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.)
DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (AlfaFF) -- C:\Windows\System32\drivers\AlfaFF.sys (Alfa Corporation)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (vfs101x) -- C:\Windows\System32\drivers\vfs101x.sys (Validity Sensors, Inc.)
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys ()
DRV - (DritekPortIO) -- C:\Program Files\Launch Manager\DPortIO.sys (Dritek System Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....ms}&fr=chr-acer
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2897: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2955: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1675: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\store\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\store\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\store\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\store\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\store\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\store\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\store\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\store\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\store\Program Files\DNA [2011/03/19 11:06:23 | 000,000,000 | ---D | M]

[2012/06/08 00:10:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\store\AppData\Roaming\mozilla\Firefox\extensions
[2012/06/08 00:10:54 | 000,000,000 | ---D | M] (uTorrentControl3 Community Toolbar) -- C:\Users\store\AppData\Roaming\mozilla\Firefox\extensions\{46a3135d-3683-48cf-b94c-82655cbc0e8a}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\store\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\store\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\store\AppData\Local\Google\Chrome\Application\35.0.1916.153\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\store\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\store\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\store\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\store\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\store\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\store\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\store\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0\
CHR - Extension: Google Wallet = C:\Users\store\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Auto Refresh Plus = C:\Users\store\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih\2.0.6_0\
CHR - Extension: Gmail = C:\Users\store\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2011/03/19 21:25:29 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RIM PeerManager] C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe (Research In Motion Limited)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WD Drive Unlocker] C:\Program Files\Western Digital\WD Apps\WDDriveAutoUnlock.exe (Western Digital)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\store\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [googletalk] C:\Users\store\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - HKCU..\Run: [uTorrent] C:\Users\store\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.co...ploader_v10.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30980EAB-51C5-4D73-93CF-0E7DB106F340}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94B7C318-37E5-49C3-81D3-309B28D937FF}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - (C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll) - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop WallPaper: C:\Users\store\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\store\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/07/16 10:44:06 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{C5EB7389-E825-423D-B4D1-EEC59123E080}
[2014/07/15 21:27:02 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{E4C447BE-DA77-49C5-9FA0-3BFC95B323C5}
[2014/07/15 12:39:40 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\Western_Digital_Technolog
[2014/07/15 12:19:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/07/15 12:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/07/15 09:26:01 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{F9D56236-08A3-42FC-848E-1D9894B052AF}
[2014/07/14 11:18:28 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{37601E6D-9EFE-4229-AA85-C62CFC1D7D3A}
[2014/07/12 10:25:33 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{BE8D3A17-9B5A-404C-B3BC-0200E109331A}
[2014/07/11 09:54:58 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{AAEA128A-DDAF-48C9-9747-323A8D0DBC47}
[2014/07/10 21:41:17 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{E11DF586-1116-4131-93A9-53E8AFD484FF}
[2014/07/10 10:45:33 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{3E182CF3-4308-4E0F-9106-63DFE7AABE82}
[2014/07/09 09:49:24 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{8D0DFAB4-FC40-44DE-A2BE-C29EC5E89AE4}
[2014/07/08 11:00:38 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{FFA1D0BC-91F0-4055-841A-48649DF55571}
[2014/07/05 16:20:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2014/07/04 09:59:50 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{3D7CCE43-9B62-4F7B-B39A-41C61B78FA12}
[2014/07/03 21:03:14 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{A3E3DE17-23F4-4153-93C3-AF1ABF2DFD0A}
[2014/07/02 11:23:53 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{D64C77F4-F0D9-4BAB-B385-DFB42514160C}
[2014/07/02 01:34:28 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{E9D33E74-41FA-4E68-8237-84A5589B8AB9}
[2014/07/01 11:26:43 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{AED83954-44C6-468B-88E7-A2F3636103C9}
[2014/06/30 23:25:24 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{A6995780-A364-41E9-BB90-75C972D935FF}
[2014/06/29 21:48:15 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{81C9ED40-C677-4126-977A-D4DD83DE9929}
[2014/06/27 20:13:46 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{8A265139-6F68-4D71-B9BB-513D60292A7C}
[2014/06/27 16:06:18 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{C8CD4F0F-5491-4162-ABBA-0F3E2180336B}
[2014/06/26 21:23:42 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{ED90365A-3CC7-480C-B0A9-FF4D84B0A22B}
[2014/06/26 21:06:12 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{86DA0449-564E-4C72-AACC-DE4D4D57503D}
[2014/06/26 16:54:47 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{DFB098D1-7087-4AAF-869F-A41C471F5778}
[2014/06/26 06:30:44 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{865E8B46-BC87-431B-BCD6-A1D596993270}
[2014/06/25 22:30:51 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{C2E1A484-C4DA-4EB6-9CF9-C4C34897AD32}
[2014/06/25 21:24:25 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{973E4C95-0E56-4B43-8B1F-95BF1A863CB7}
[2014/06/24 22:48:07 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{716DDEDF-B18E-4BE3-980B-09027850D422}
[2014/06/24 13:38:24 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{566B9D9C-F9C3-40CF-AF15-DB938FF12DAE}
[2014/06/24 09:08:22 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{7FC182DA-B880-472E-865A-4C25230B9C48}
[2014/06/23 19:08:57 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{3EBF16D8-51A0-451E-A10A-A09DB05465F9}
[2014/06/23 16:10:45 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{4506B574-FDCC-48A0-92C9-05DEF5E885A5}
[2014/06/22 19:58:30 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{AAC03CD8-6F6F-4484-A0E1-2B893D46C382}
[2014/06/22 15:08:04 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{36DB2D5E-CFB8-4F5D-83F2-E097CE6E6CA6}
[2014/06/22 07:35:51 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{B0CD0AF4-11BB-4B9A-9760-C453B5411DC8}
[2014/06/22 06:05:51 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{C55608EC-3D0C-43B6-82D6-1CEE76E0FAD6}
[2014/06/21 15:41:22 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{C5033C67-27A8-425E-9DEB-38CCCBB695F5}
[2014/06/21 00:11:33 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{5BB31AFB-BB0B-401E-99D5-C5C2589BDEDE}
[2014/06/20 11:00:19 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{7AD413C6-6264-4B08-8CEC-C7326C35BAE4}
[2014/06/19 16:05:40 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{C4F39F2B-DB38-450A-8FB3-03F84A9F435C}
[2014/06/18 19:39:19 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{46AE0557-CADB-464E-B09D-3074B065361E}
[2014/06/18 15:08:00 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{BEE82CBF-B2FB-469B-8243-00D434CF414A}
[2014/06/18 01:22:17 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{371FDF82-DDF2-448B-A215-6D3CA326313F}
[2014/06/17 21:38:59 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{0FD8098A-5830-4C5B-8D8A-7CBE54F94859}
[2014/06/17 09:14:25 | 000,000,000 | ---D | C] -- C:\Users\store\AppData\Local\{AD03DA72-FED4-4477-930D-7A5A0D108807}

========== Files - Modified Within 30 Days ==========

[2014/07/16 23:06:40 | 000,666,576 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/07/16 23:06:40 | 000,130,124 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/07/16 23:02:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1236810605-3148777986-619718454-1000UA.job
[2014/07/16 22:42:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/16 22:41:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/16 22:41:11 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/16 21:41:02 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1236810605-3148777986-619718454-1000UA.job
[2014/07/16 19:43:46 | 000,195,072 | ---- | M] () -- C:\Users\store\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/07/16 19:40:47 | 000,215,980 | ---- | M] () -- C:\Users\store\Comiclist.adr
[2014/07/16 15:41:01 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1236810605-3148777986-619718454-1000Core.job
[2014/07/16 12:02:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2014/07/16 10:43:39 | 000,002,299 | ---- | M] () -- C:\Users\store\AppData\Roaming\acervcmtmp.ini
[2014/07/16 10:42:17 | 000,008,192 | ---- | M] () -- C:\Windows\System32\WDPABKP.dat
[2014/07/16 10:41:49 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/16 10:41:28 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2014/07/16 10:40:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/16 10:40:43 | 3211,190,272 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/15 01:02:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1236810605-3148777986-619718454-1000Core.job
[2014/07/11 10:12:58 | 000,000,891 | ---- | M] () -- C:\Windows\System32\bash.exe.stackdump
[2014/07/10 21:34:55 | 346,602,743 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/06/27 20:10:46 | 000,908,262 | ---- | M] () -- C:\Windows\System32\vfw-0.bmp
[2014/06/18 00:43:38 | 000,001,356 | ---- | M] () -- C:\Users\store\AppData\Local\d3d9caps.dat
[2014/06/17 09:33:22 | 000,061,958 | ---- | M] () -- C:\Users\store\Desktop\OC Hotels.jpg

========== Files Created - No Company Name ==========

[2014/07/16 19:40:47 | 000,215,980 | ---- | C] () -- C:\Users\store\Comiclist.adr
[2014/07/16 11:57:59 | 277,830,280 | ---- | C] () -- C:\Users\store\Desktop\Apartment Tour Oct. 03, 2013.mp4
[2014/07/15 12:26:33 | 000,008,192 | ---- | C] () -- C:\Windows\System32\WDPABKP.dat
[2014/07/11 10:05:50 | 000,000,891 | ---- | C] () -- C:\Windows\System32\bash.exe.stackdump
[2014/06/18 01:16:33 | 3211,190,272 | -HS- | C] () -- C:\hiberfil.sys
[2014/06/17 09:33:18 | 000,061,958 | ---- | C] () -- C:\Users\store\Desktop\OC Hotels.jpg
[2014/01/15 16:20:42 | 000,000,114 | ---- | C] () -- C:\Windows\wininit.ini
[2011/01/26 19:55:35 | 000,110,910 | ---- | C] () -- C:\Users\store\598px-Freelancer_Map.svg.png
[2010/10/08 20:00:12 | 000,025,380 | ---- | C] () -- C:\Users\store\cancer_prostate_04.jpg
[2010/09/13 18:55:29 | 000,157,028 | ---- | C] () -- C:\Users\store\opera6.adr
[2010/09/13 10:35:11 | 000,021,026 | ---- | C] () -- C:\Users\store\Comiclist1.adr
[2010/03/04 21:13:23 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/18 17:38:24 | 000,000,167 | ---- | C] () -- C:\Users\store\udownload.dat
[2009/09/17 21:25:15 | 000,065,426 | ---- | C] () -- C:\Users\store\hvdi.dll
[2009/07/08 13:37:54 | 000,001,073 | ---- | C] () -- C:\Users\store\srvgate.dll
[2009/07/02 17:49:31 | 000,002,299 | ---- | C] () -- C:\Users\store\AppData\Roaming\acervcmtmp.ini
[2009/05/08 12:50:17 | 000,001,356 | ---- | C] () -- C:\Users\store\AppData\Local\d3d9caps.dat
[2009/04/22 07:38:50 | 000,000,093 | ---- | C] () -- C:\Users\store\AppData\Local\fusioncache.dat
[2009/01/29 13:53:08 | 000,000,552 | ---- | C] () -- C:\Users\store\AppData\Local\d3d8caps.dat
[2008/12/24 15:36:59 | 000,195,072 | ---- | C] () -- C:\Users\store\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/24 11:52:04 | 000,027,043 | ---- | C] () -- C:\Users\store\AppData\Roaming\UserTile.png
[2008/05/18 23:11:50 | 000,564,287 | ---- | C] () -- C:\Users\store\AppData\Local\rogers.swf
[2008/05/18 23:11:50 | 000,000,739 | ---- | C] () -- C:\Users\store\AppData\Local\scrcfg.ini

========== ZeroAccess Check ==========

[2006/11/02 06:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 07:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/04/04 20:37:43 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\.minecraft
[2014/02/21 19:26:34 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\.mono
[2011/08/22 18:37:03 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\4470583
[2008/12/24 12:36:28 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\Acer
[2008/03/21 01:16:03 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\Acer GameZone Console
[2010/03/31 12:19:19 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\BitTorrent
[2014/02/18 18:40:01 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\calibre
[2011/04/01 20:04:43 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\crawl
[2011/03/19 11:03:13 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\DNA
[2009/06/05 21:44:05 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\eSobi
[2010/04/06 13:34:30 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\Facebook
[2012/11/15 05:26:55 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\gd.sos.McPixel
[2008/05/10 05:00:24 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\Leadertech
[2014/02/03 15:47:29 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\OpenOffice
[2010/09/26 13:23:20 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\OpenOffice.org
[2008/12/24 11:09:44 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\Opera
[2008/12/24 11:52:03 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\PeerNetworking
[2010/06/15 00:55:48 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\PopCapv1003
[2013/08/07 19:26:30 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\Research In Motion
[2014/01/19 02:21:43 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\Unity
[2014/07/16 19:42:14 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\uTorrent
[2008/05/10 05:00:22 | 000,000,000 | ---D | M] -- C:\Users\store\AppData\Roaming\Validity

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:02C1CB6D

< End of report >


  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP