Hi,
I really need your help in removing this virus. I cant even download programmes as they disappear from where they should be saved.
Im running vista home premium, comodo firewall, avg-free.
Resident shield keeps telling me im infected with the following but wont remove them to vault or heal.
"C:\Windows\System32
\ESQULtjmrgcdhctwxrxsxnkbvqeeijwhqtnpd.dll";"Virus
identified Packed.Monder";"Infected"
"C:\Windows\System32
\ESQULtjmrgcdhctwxrxsxnkbvqeeijwhqtnpd.dll";"Virus
identified Packed.Monder";"Infected"
"C:\Windows\System32
\ESQULtjmrgcdhctwxrxsxnkbvqeeijwhqtnpd.dll";"Virus
identified Packed.Monder";"Infected"
"C:\Windows\System32
\ESQULmitbnqepwdvykvykiycesnnxhoydilln.dll";"Trojan
horse Generic14.WVC";"Infected"
"C:\Windows\System32
\ESQULtjmrgcdhctwxrxsxnkbvqeeijwhqtnpd.dll";"Virus
identified Packed.Monder";"Infected"
I transferred malwarebytes from another pc and installed it as 'run by administrator' but it wont open.
I also installed avast and ran it because it does a boot scan and it found nothing.
I managed to install hijackthis and run it, the log is as follows.
Your help in this is greatly appreciated, I dont know what we'd all do without you guys.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:27:03, on 29/08/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\temp\499854612.tmp
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Acer\Empowering Technology\eDataSecurity\x86
\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Intel\Intel Matrix Storage
Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer Arcade Deluxe\Play
Movie\PMVService.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Musicmatch\Musicmatch
Jukebox\mm_tray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Musicmatch\Musicmatch
Jukebox\MMDiag.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Steam\steam.exe
C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifie
r.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\Wilma\AppData\Roaming\taskeng.exe
C:\Program Files\Philips\SA19XX\Philips Device
Manager\bin\DeviceManager.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering
Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Common
Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\notepad.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet
Explorer\SearchURL,(Default) =
http://uk.rd.yahoo.com/customize/ie/defaults/su/msgr9/*
http://uk.search.yahoo.com
R1 -
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-
7695ECA05670} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-
A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management -
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} -
C:\Acer\Empowering Technology\eDataSecurity\x86
\eDStoolbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-
17FE6E806AA0} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-
9B18-009027A5CD4F} - C:\Program Files\Google\Google
Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%
\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE
C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ALaunch]
C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program
Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [eDataSecurity Loader]
C:\Acer\Empowering Technology\eDataSecurity\x86
\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering
Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program
Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1
\QtZgAcer.EXE
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer
Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe
C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program
Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32
\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32
\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32
\igfxpers.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-
b109a192b4c2}] C:\Program Files\Google\Gmail
Notifier\gnotify.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program
Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8
\avgtray.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program
Files\COMODO\Firewall\cfp.exe" -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 9.0
\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1
\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program
Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program
Files\Common Files\Apple\Mobile Device
Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [PhilipsDM\SA1916] C:\Program
Files\Philips\SA19XX\Philips Device
Manager\Bin\LaunchDM.exe OS_STARTUP
O4 - HKLM\..\Run: [PKR Pal] "C:\Program
Files\PKR\pkrpal.exe" -osboot
O4 - HKLM\..\Run: [heckinternet] "C:\ProgramData\sect
soap soap.9bmmx1i"
O4 - HKLM\..\Run: [clock drv coal bird]
"C:\ProgramData\Once bib else.j8rmvvk"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [mssysfs] C:\Windows\system32\e.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
/install /silent
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program
Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-
88D8A56B10AA}] "C:\Program Files\Common
Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Steam] "c:\program
files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program
Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifie
r.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows
Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MicrosoftUpdate]
C:\Users\Wilma\AppData\Roaming\taskeng.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%
\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL
SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter]
rundll32.exe oobefldr.dll,ShowWelcomeCenter (User
'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%
\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK
SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and
Launcher.lnk = C:\Program Files\Microsoft
Office\Office12\ONENOTEM.EXE
O4 - Startup: winsys.exe.lnk = C:\Windows\System32
\winsys.exe
O4 - Global Startup: Empowering Technology Launcher.lnk
= ?
O4 - Global Startup: SETAUDIO.EXE
O4 - Global Startup: SETRES.EXE
O8 - Extra context menu item: E&xport to Microsoft
Excel - res://C:\PROGRA~1\MICROS~2\Office12
\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-
4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2
\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1
\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE
-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12
\REFIEBAR.DLL
O9 - Extra button: Party-- Look for another playground -- - {B4B52284-A248-4c51-
9F7C-F0A0C67FCC9D} -
C:\Programs\PartyGaming\Party-- Look for another playground --\RunApp.exe
O9 - Extra 'Tools' menuitem: Party-- Look for another playground -- - {B4B52284-
A248-4c51-9F7C-F0A0C67FCC9D} -
C:\Programs\PartyGaming\Party-- Look for another playground --\RunApp.exe
O9 - Extra button: Party** Game for big ones **.com - {B7FE5D70-9AA2-
40F1-9C6B-12A255F085E1} -
C:\Programs\PartyGaming\Party** Game for big ones **\RunApp.exe
O9 - Extra 'Tools' menuitem: Party** Game for big ones **.com -
{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} -
C:\Programs\PartyGaming\Party** Game for big ones **\RunApp.exe
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
(QuickTime Object) -
http://appldnld.apple.com.edgesuite.net/content.info.ap
ple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
(Facebook Photo Uploader 5 Control) -
http://upload.facebook.com/controls/2008.10.10_v5.5.8/F
acebookPhotoUploader5.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPACl
ient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}
(get_atlcom Class) -
http://wwwimages.adobe.com/www.adobe.com/products/acrob
at/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2DFB927C-5088
-492D-8084-D81C1B6107D2}: NameServer =
85.255.112.136,85.255.112.145
O17 - HKLM\System\CS1\Services\Tcpip\Parameters:
NameServer = 85.255.112.136,85.255.112.145
O17 - HKLM\System\CS2\Services\Tcpip\Parameters:
NameServer = 85.255.112.136,85.255.112.145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters:
NameServer = 85.255.112.136,85.255.112.145
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1
-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-
B719FE26E377} - C:\Program Files\Google\Google
Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: nvrtm
O23 - Service: ALaunch Service (ALaunchService) -
Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. -
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG
Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8
\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG
Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8
\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. -
C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Firewall Pro Helper Service
(cmdAgent) - COMODO - C:\Program
Files\COMODO\Firewall\cmdagent.exe
O23 - Service: eDataSecurity Service - Egis
Incorporated - C:\Acer\Empowering
Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc.
- C:\Acer\Empowering
Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. -
C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) -
Acer Inc. - C:\Acer\Empowering
Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) -
Unknown owner - C:\Acer\Empowering
Technology\eSettings\Service\capuserv.exe
O23 - Service: getPlusŪ Helper - NOS Microsystems
Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google
- C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: IntelŪ Matrix Storage Event Monitor
(IAANTMON) - Intel Corporation - C:\Program
Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling
Service (LightScribeService) - Hewlett-Packard Company
- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner -
C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NBService - Nero AG - C:\Program
Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program
Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS)
(RichVideo) - Unknown owner - C:\Program
Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation
- C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer -
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. -
C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12492 bytes
Full Version: trojan horse generic14.WVC
We've changed out Guidelines since you last posted in this forum.
Please follow the instructions here: Guidelines for Posting in This Forum
Note that this link is posted in the Forum Rules at the top of this page.
Please follow the instructions here: Guidelines for Posting in This Forum
Note that this link is posted in the Forum Rules at the top of this page.
First of all my sincere apologies for not realising that you have changed things since my last visit.
Below are the details you require.
MBAM - Will not run for me at all.
OTL.Txt
OTL logfile created on: 29/08/2009 17:19:23 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Wilma\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.11% Memory free
4.00 Gb Paging File | 2.70 Gb Available in Paging File | 67.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.19 Gb Total Space | 40.13 Gb Free Space | 36.09% Space Free | Partition Type: NTFS
Drive D: | 107.69 Gb Total Space | 106.52 Gb Free Space | 98.92% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 788.21 Gb Free Space | 84.62% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: WILMA-PC
Current User Name: Wilma
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2008/10/29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2009/08/12 13:51:11 | 00,152,068 | ---- | M] () -- C:\Windows\temp\499854612.tmp
PRC - [2008/01/24 03:28:00 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2008/02/25 09:53:24 | 00,518,656 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2007/10/10 14:41:54 | 01,286,144 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2007/11/22 09:01:00 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/01/24 03:29:00 | 04,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/02 14:17:28 | 00,707,080 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2008/01/22 19:14:24 | 00,200,704 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
PRC - [2008/02/11 21:13:12 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008/02/11 21:13:02 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008/02/11 21:13:08 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2007/09/19 22:41:50 | 00,051,200 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe
PRC - [2005/07/15 22:48:33 | 00,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe
PRC - [2009/08/29 11:22:03 | 02,007,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2008/11/08 11:09:38 | 01,481,984 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cfp.exe
PRC - [2005/05/10 17:04:52 | 00,110,592 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
PRC - [2008/11/20 14:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007/06/27 20:03:40 | 00,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2005/05/10 17:04:50 | 00,102,400 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
PRC - [2008/02/11 21:13:10 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/01/24 03:28:00 | 01,021,224 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2009/06/14 13:15:48 | 01,217,784 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam.exe
PRC - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/08 11:10:25 | 00,544,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cmdagent.exe
PRC - [2009/05/06 19:03:45 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/01/21 03:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/02/25 09:50:10 | 00,491,008 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/02/11 21:13:06 | 00,170,520 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2008/10/25 08:18:50 | 00,098,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2007/10/02 00:42:36 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2009/08/12 13:53:00 | 00,055,296 | ---- | M] () -- C:\Users\Wilma\AppData\Roaming\taskeng.exe
PRC - [2008/05/30 19:18:14 | 01,512,960 | ---- | M] (Koninklijke Philips Electronics N.V.) -- C:\Program Files\Philips\SA19XX\Philips Device Manager\bin\DeviceManager.exe
PRC - [2007/12/20 19:32:04 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007/12/20 19:33:14 | 00,761,856 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
PRC - [2005/05/10 17:04:50 | 00,403,456 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
PRC - [2008/03/25 02:37:18 | 00,462,848 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
PRC - [2007/11/22 09:01:00 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2007/01/17 19:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/01/10 02:43:28 | 00,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
PRC - [2007/11/28 02:54:36 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2008/10/06 17:54:22 | 00,037,888 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Services\netservices.exe
PRC - [2007/09/06 20:02:04 | 00,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
PRC - [2007/12/04 03:58:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2008/01/24 03:29:00 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe
PRC - [2007/09/10 23:28:18 | 00,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/12/20 02:09:22 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/09/20 21:57:28 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2009/03/03 03:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/03/03 03:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2008/01/21 03:23:52 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2007/06/27 20:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2008/01/21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2007/06/27 20:04:00 | 01,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/03/18 18:50:30 | 00,079,088 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
PRC - [2009/08/29 11:11:14 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2009/08/29 11:22:00 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/08/29 11:21:20 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/29 16:49:41 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2007/09/19 22:41:50 | 00,051,200 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService [Auto | Running])
SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/08/29 11:21:15 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Stopped])
SRV - [2009/08/29 11:22:00 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/07/27 19:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/11/08 11:10:25 | 00,544,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cmdagent.exe -- (cmdAgent [Auto | Running])
SRV - [2008/02/25 09:50:10 | 00,491,008 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service [Auto | Running])
SRV - [2008/01/21 03:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2007/10/02 00:42:36 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService [Auto | Running])
SRV - [2007/12/20 19:32:04 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service [Auto | Running])
SRV - [2007/09/10 23:28:18 | 00,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService [Auto | Running])
SRV - [2007/12/20 02:09:22 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService [Auto | Running])
SRV - [2008/01/21 03:23:49 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2008/06/20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/08/29 11:00:30 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper [On_Demand | Stopped])
SRV - [2009/05/06 19:03:44 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2007/11/22 09:01:00 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running])
SRV - [2008/06/20 02:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2007/01/17 19:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2007/11/28 02:54:36 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService [Auto | Running])
SRV - [2007/06/29 20:16:56 | 00,800,040 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2008/10/06 17:54:22 | 00,037,888 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Services\netservices.exe -- (NetService [Auto | Running])
SRV - [2008/06/20 02:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007/06/27 20:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 22:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/12/04 03:58:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2009/08/29 11:11:14 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service [On_Demand | Running])
SRV - [2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2008/01/21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped])
SRV - [2007/10/25 16:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
SRV - [2007/09/20 21:57:28 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService [Auto | Running])
SRV - [2008/01/21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
SRV - [2008/01/24 03:29:00 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Running])
========== Driver Services (SafeList) ==========
DRV - [2008/01/21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008/01/21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2008/01/21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008/01/21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2009/08/29 11:21:21 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Stopped])
DRV - [2009/08/29 11:21:21 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Stopped])
DRV - [2009/05/09 10:52:39 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2008/01/24 03:29:00 | 00,179,712 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\DRIVERS\b57nd60x.sys -- (b57nd60x [On_Demand | Stopped])
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2008/11/08 11:10:22 | 00,076,280 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\cmdguard.sys -- (cmdGuard [System | Running])
DRV - [2008/11/08 11:10:22 | 00,024,568 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\cmdhlp.sys -- (cmdHlp [System | Running])
DRV - [2008/01/21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/11/02 14:29:38 | 00,021,264 | ---- | M] (Dritek System Inc.) -- C:\Windows\System32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2008/01/21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008/01/21 03:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2008/04/17 14:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/01/21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008/01/21 03:23:22 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV - [2008/01/24 03:29:00 | 00,984,064 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2008/01/24 03:29:00 | 00,208,384 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
DRV - [2007/11/22 09:05:00 | 00,308,248 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2008/01/21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2008/02/11 20:36:10 | 02,302,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (igfx [On_Demand | Running])
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2008/11/08 11:10:23 | 00,066,552 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\inspect.sys -- (Inspect [On_Demand | Running])
DRV - [2007/07/03 18:05:20 | 00,015,392 | ---- | M] (Acer, Inc.) -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15 [Auto | Running])
DRV - [2008/01/24 03:29:00 | 01,950,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/10/09 16:42:42 | 00,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\DRIVERS\KMWDFILTER.sys -- (KMWDFILTER [On_Demand | Stopped])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2008/01/24 03:29:00 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2008/01/21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2008/01/21 03:23:20 | 02,225,664 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw3v32.sys -- (NETw3v32 [On_Demand | Stopped])
DRV - [2007/10/31 03:36:32 | 02,252,800 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw4v32.sys -- (NETw4v32 [On_Demand | Running])
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2008/03/13 19:06:41 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2008/03/11 03:11:00 | 08,240,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Stopped])
DRV - [2008/01/21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2008/01/03 12:07:24 | 00,018,480 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter [Boot | Running])
DRV - [2008/01/03 12:07:24 | 00,016,432 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\DRIVERS\PSDNServ.sys -- (PSDNServ [Auto | Running])
DRV - [2008/01/03 12:07:26 | 00,059,952 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\DRIVERS\PSDVdisk.sys -- (psdvdisk [Auto | Running])
DRV - [2005/05/10 16:04:10 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008/01/21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2008/02/16 01:42:42 | 00,046,592 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007/07/30 18:42:58 | 00,043,008 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007/07/30 19:54:02 | 00,038,400 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2008/01/21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2007/06/12 18:38:26 | 01,729,152 | ---- | M] () -- C:\Windows\System32\DRIVERS\snp2uvc.sys -- (SNP2UVC [On_Demand | Running])
DRV - [2007/05/02 12:12:34 | 00,083,592 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\DRIVERS\ssm_bus.sys -- (ssm_bus [On_Demand | Stopped])
DRV - [2007/05/02 12:12:36 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\DRIVERS\ssm_mdfl.sys -- (ssm_mdfl [On_Demand | Stopped])
DRV - [2007/05/02 12:12:36 | 00,109,704 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\DRIVERS\ssm_mdm.sys -- (ssm_mdm [On_Demand | Stopped])
DRV - [2006/07/24 17:05:00 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2008/01/24 03:28:00 | 00,192,816 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2008/01/21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/10/01 14:01:28 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
DRV - [2008/01/21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2008/01/24 03:29:00 | 00,660,480 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2008/01/24 03:29:00 | 00,043,008 | ---- | M] (Winbond Electronics Corporation) -- C:\Windows\System32\DRIVERS\winbondcir.sys -- (winbondcir [On_Demand | Running])
DRV - [2008/01/24 03:29:00 | 00,008,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.sys -- (XAudio [Auto | Running])
DRV - [2008/01/05 01:15:08 | 00,041,456 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796} [Auto | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/03/02 00:44:06 | 00,000,000 | ---D | M]
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [clock drv coal bird] C:\ProgramData\Once bib else.j8r File not found
O4 - HKLM..\Run: [COMODO Firewall Pro] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO)
O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [heckinternet] C:\ProgramData\sect soap soap.9bm File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [mssysfs] C:\Windows\System32\e.exe File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PhilipsDM\SA1916] C:\Program Files\Philips\SA19XX\Philips Device Manager\Bin\LaunchDM.exe (Koninklijke Philips Electronics N.V.)
O4 - HKLM..\Run: [PKR Pal] C:\Program Files\PKR\pkrpal.exe File not found
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PLFSet] C:\Windows\PLFSet.DLL ( )
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [MicrosoftUpdate] C:\Users\Wilma\AppData\Roaming\taskeng.exe ()
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Wilma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Wilma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winsys.exe.lnk = C:\Windows\System32\winsys.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Party-- Look for another playground -- - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\Party-- Look for another playground --\RunApp.exe ()
O9 - Extra 'Tools' menuitem : Party-- Look for another playground -- - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\Party-- Look for another playground --\RunApp.exe ()
O9 - Extra Button: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\Party** Game for big ones **\RunApp.exe ()
O9 - Extra 'Tools' menuitem : Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\Party** Game for big ones **\RunApp.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: premierleague.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: top100djs.net ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.136,85.255.112.145
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (nvrtm) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-1391942858-3662076656-424549341-6232\rundll32.exe) - C:\RECYCLER\S-1-5-21-1391942858-3662076656-424549341-6232\.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk E:\
O33 - MountPoints2\{b125bd88-6adb-11de-b032-f9925058d96e}\Shell\AutoRun\command - "" = RECYCLER\usbassist.exe
O33 - MountPoints2\{b125bd88-6adb-11de-b032-f9925058d96e}\Shell\opEN\CoMmanD - "" = RECYCLER\usbassist.exe
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/08/29 17:04:20 | 00,050,688 | ---- | C] (Atribune.org) -- C:\Users\Wilma\Desktop\ATF-Cleaner.exe
[2009/08/29 17:04:11 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
[2009/08/29 17:04:00 | 00,838,360 | ---- | C] () -- C:\Users\Wilma\Desktop\SecurityCheck.exe
[2009/08/29 12:26:20 | 00,001,878 | ---- | C] () -- C:\Users\Wilma\Desktop\HijackThis.lnk
[2009/08/29 12:26:15 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/29 12:23:12 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/08/29 12:23:12 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/08/29 12:23:12 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/08/29 12:13:50 | 00,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/29 12:13:32 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/29 12:13:26 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/08/29 12:13:24 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/08/29 12:13:11 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/29 12:12:17 | 03,942,048 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Wilma\Desktop\mbam-setup.exe
[2009/08/28 21:29:43 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/08/17 19:55:27 | 13,195,7136 | ---- | C] () -- C:\Users\Wilma\Desktop\HannahWild_Electro_Sessions.mp3
[2009/08/13 12:51:48 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2009/08/13 11:02:26 | 00,144,384 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\cooper.mine
[2009/08/12 13:53:01 | 00,055,296 | ---- | C] () -- C:\Users\Wilma\AppData\Roaming\taskeng.exe
[2009/08/12 13:51:16 | 00,000,262 | -H-- | C] () -- C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/08/12 13:50:39 | 00,000,000 | RHSD | C] -- C:\RECYCLER
[2009/08/12 13:15:25 | 21,971,599 | ---- | C] () -- C:\Users\Wilma\Desktop\02-dustin_zahn-stranger_to_stability__len_faki_podium_mix.mp3
[2009/08/06 13:12:58 | 09,199,660 | ---- | C] () -- C:\Users\Wilma\Desktop\GREEN DAY 21 GUNS.wav
[2009/08/06 13:09:45 | 02,568,809 | ---- | C] () -- C:\Users\Wilma\Desktop\catchyoutube_com.mp3
[2009/08/06 12:52:59 | 00,000,000 | ---D | C] -- C:\Users\Wilma\Documents\TubeTilla
[2009/08/06 12:47:30 | 00,000,000 | ---D | C] -- C:\Program Files\TubeTilla
[2009/08/05 14:30:37 | 16,963,036 | ---- | C] () -- C:\Users\Wilma\Desktop\Benny-My_Ten_Points_-_Federico_Milani_Rmx-Whist_Records.mp3
[2009/08/05 13:20:04 | 16,982,811 | ---- | C] () -- C:\Users\Wilma\Desktop\03-rehab-purple_lightsaber_(ahmet_sendil_remix)-(www.4clubbers.pl up by B-Max).mp3
[2009/08/05 13:07:56 | 14,903,483 | ---- | C] () -- C:\Users\Wilma\Desktop\Jorgensen vs BSD - I Don't Care (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/05 13:05:25 | 09,403,723 | ---- | C] () -- C:\Users\Wilma\Desktop\Faithless - God is a DJ (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/05 12:59:34 | 12,821,462 | ---- | C] () -- C:\Users\Wilma\Desktop\Deadmau5 aka BSOD - Game Over (Original Mix)www.4clubbers.pl.mp3
[2009/08/05 12:46:53 | 18,384,048 | ---- | C] () -- C:\Users\Wilma\Desktop\Terry Grant - Chinese Laundry (Sonny Wharton Remix) www.4clubbers.pl.mp3
[2009/08/05 12:40:42 | 15,838,160 | ---- | C] () -- C:\Users\Wilma\Desktop\Incognet-Imagine - Arty Remix [4clubbers.pl].mp3
[2009/04/25 16:02:43 | 00,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2009/04/12 13:09:34 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/01/14 12:31:30 | 00,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008/10/28 22:48:15 | 00,139,008 | ---- | C] () -- C:\Windows\System32\guard32.dll
[2008/10/28 16:25:10 | 00,000,000 | ---- | C] () -- C:\Windows\winfile.ini
[2008/10/16 10:07:36 | 00,001,627 | ---- | C] () -- C:\Windows\System32\Load.ini
[2008/06/29 14:24:32 | 00,311,128 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2008/06/29 14:24:32 | 00,168,960 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/06/29 14:24:31 | 01,526,468 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2008/06/21 10:41:57 | 00,000,030 | ---- | C] () -- C:\Windows\SetPanel.ini
[2008/06/21 10:41:28 | 00,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2008/06/21 10:12:31 | 00,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2008/06/21 10:12:31 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2008/06/21 09:50:25 | 00,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/04/28 13:55:27 | 00,162,816 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2008/03/13 21:28:22 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008/03/13 19:23:17 | 00,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008/03/13 19:22:37 | 00,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2008/03/13 18:04:11 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/03/13 18:04:11 | 00,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/03/13 18:04:10 | 01,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/03/13 18:04:10 | 01,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/03/13 18:04:02 | 01,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008/03/13 18:04:02 | 00,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll
[2008/03/13 18:03:46 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/02/11 20:55:18 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:23:31 | 00,000,459 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 11:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 23:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 06:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 23:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 05:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== Files - Modified Within 30 Days ==========
[2009/08/29 17:09:36 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 17:09:36 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 17:00:03 | 00,000,262 | -H-- | M] () -- C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/08/29 16:50:17 | 00,838,360 | ---- | M] () -- C:\Users\Wilma\Desktop\SecurityCheck.exe
[2009/08/29 16:49:41 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
[2009/08/29 16:48:54 | 00,050,688 | ---- | M] (Atribune.org) -- C:\Users\Wilma\Desktop\ATF-Cleaner.exe
[2009/08/29 12:26:20 | 00,001,878 | ---- | M] () -- C:\Users\Wilma\Desktop\HijackThis.lnk
[2009/08/29 12:13:50 | 00,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/29 11:21:58 | 40,257,360 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/08/29 11:21:58 | 00,073,369 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/08/29 11:21:21 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/08/29 11:21:21 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/08/29 11:21:21 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2009/08/29 11:18:28 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/08/29 11:18:28 | 00,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/08/29 11:18:28 | 00,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/08/29 11:09:42 | 00,000,212 | ---- | M] () -- C:\Windows\tasks\PAV.job
[2009/08/29 11:09:32 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/29 11:09:24 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/29 11:09:14 | 21,353,84064 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/28 23:04:41 | 02,925,853 | -H-- | M] () -- C:\Users\Wilma\AppData\Local\IconCache.db
[2009/08/28 22:57:27 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/08/21 12:48:00 | 00,000,504 | ---- | M] () -- C:\Users\Wilma\Documents\My Sharing Folders.lnk
[2009/08/17 19:55:33 | 13,195,7136 | ---- | M] () -- C:\Users\Wilma\Desktop\HannahWild_Electro_Sessions.mp3
[2009/08/16 09:04:54 | 03,942,048 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Wilma\Desktop\mbam-setup.exe
[2009/08/13 11:02:12 | 00,144,384 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\cooper.mine
[2009/08/12 23:25:25 | 00,297,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/08/12 13:53:00 | 00,055,296 | ---- | M] () -- C:\Users\Wilma\AppData\Roaming\taskeng.exe
[2009/08/12 13:15:30 | 21,971,599 | ---- | M] () -- C:\Users\Wilma\Desktop\02-dustin_zahn-stranger_to_stability__len_faki_podium_mix.mp3
[2009/08/12 12:27:28 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2009/08/11 12:24:34 | 09,403,723 | ---- | M] () -- C:\Users\Wilma\Desktop\Faithless - God is a DJ (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/11 12:18:11 | 14,903,483 | ---- | M] () -- C:\Users\Wilma\Desktop\Jorgensen vs BSD - I Don't Care (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/06 19:00:44 | 30,378,2145 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/08/06 13:14:20 | 00,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2009/08/06 13:13:51 | 09,199,660 | ---- | M] () -- C:\Users\Wilma\Desktop\GREEN DAY 21 GUNS.wav
[2009/08/06 13:09:58 | 02,568,809 | ---- | M] () -- C:\Users\Wilma\Desktop\catchyoutube_com.mp3
[2009/08/05 14:30:38 | 16,963,036 | ---- | M] () -- C:\Users\Wilma\Desktop\Benny-My_Ten_Points_-_Federico_Milani_Rmx-Whist_Records.mp3
[2009/08/05 13:20:05 | 16,982,811 | ---- | M] () -- C:\Users\Wilma\Desktop\03-rehab-purple_lightsaber_(ahmet_sendil_remix)-(www.4clubbers.pl up by B-Max).mp3
[2009/08/05 12:59:35 | 12,821,462 | ---- | M] () -- C:\Users\Wilma\Desktop\Deadmau5 aka BSOD - Game Over (Original Mix)www.4clubbers.pl.mp3
[2009/08/05 12:46:55 | 18,384,048 | ---- | M] () -- C:\Users\Wilma\Desktop\Terry Grant - Chinese Laundry (Sonny Wharton Remix) www.4clubbers.pl.mp3
[2009/08/05 12:40:44 | 15,838,160 | ---- | M] () -- C:\Users\Wilma\Desktop\Incognet-Imagine - Arty Remix [4clubbers.pl].mp3
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== LOP Check ==========
[2009/08/12 13:53:01 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming
[2009/03/03 18:46:41 | 00,000,000 | -HSD | M] -- C:\Users\Wilma\AppData\Roaming\.#
[2008/11/10 14:40:13 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Ableton
[2008/03/13 18:56:26 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Acer GameZone Console
[2009/06/18 14:00:48 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Ahead
[2009/06/22 17:15:16 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\AVS4YOU
[2009/03/02 11:23:39 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\CyberLink
[2006/11/02 13:37:34 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Media Center Programs
[2008/12/23 10:21:21 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Musicmatch
[2008/12/12 13:14:38 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\NCH Software
[2008/12/11 16:18:21 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\NCH Swift Sound
[2009/01/14 12:39:19 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Samsung
[2009/04/19 21:14:26 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Sports Interactive
[2009/03/15 23:04:08 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Spotify
[2009/08/12 13:57:30 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\uTorrent
[2009/08/29 11:09:42 | 00,000,212 | ---- | M] () -- C:\Windows\Tasks\PAV.job
[2009/08/29 11:09:32 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/08/28 23:05:09 | 00,032,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/08/29 17:00:03 | 00,000,262 | -H-- | M] () -- C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
========== Purity Check ==========
< End of report >
Extras.Txt
OTL Extras logfile created on: 29/08/2009 17:19:23 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Wilma\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.11% Memory free
4.00 Gb Paging File | 2.70 Gb Available in Paging File | 67.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.19 Gb Total Space | 40.13 Gb Free Space | 36.09% Space Free | Partition Type: NTFS
Drive D: | 107.69 Gb Total Space | 106.52 Gb Free Space | 98.92% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 788.21 Gb Free Space | 84.62% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: WILMA-PC
Current User Name: Wilma
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{232B701D-F39C-4D39-8068-70D21A1E5762}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{76BD4457-7E05-48A0-ACA7-8063E0B6FE3C}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12E58308-B6BD-4243-B022-18399429E8C8}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{33A26CA1-D20E-48B1-8009-39DBF7D59ADC}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe |
"{3B0FBD81-099D-4314-AD7A-3F4A3957A3B9}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3BB9AFE6-95EA-4D2B-8FC9-B4E0E6138F20}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{419F4AE7-FEA0-457C-A110-0CCF57166A2E}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{438A3B57-AA82-4577-8BDD-496D3EB6BD6B}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{51AE317D-CA38-483D-AC9E-4BDDE83DDAF8}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe |
"{53D0BA7B-8240-4EDE-B9E1-62410154F484}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{5580FFBB-01B1-4315-9A42-74B51FA8FE86}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{5B0C8067-2596-492B-AFE2-79CEA967C244}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe |
"{61CA596A-02B9-4C2B-A4BF-53F183C71403}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{62E8D9AB-4409-40D1-B915-276A833F63C2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2009\fm.exe |
"{72123FFE-BB08-48F2-B7AF-257B2DDBCA8D}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{73D854ED-9D9B-403C-8F4C-68EA9E1538B2}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{900F6399-E975-4771-B915-24FAC99E7C60}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{9B6B1539-83A2-4A16-A434-3BE5BD7E6009}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A94AC1A7-A736-4399-AF28-087EABD7918E}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe |
"{AB3AC95F-DF44-457F-B6B0-647E5D87B776}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{ACD90F08-CDEF-40D6-ACC6-94562BA9FA54}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B2C8E215-A27F-4B0C-B2AE-E5100277EF96}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B2DA1A9C-DC76-41CC-85FB-E5E37A78DCD9}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{B948D066-090D-4853-B422-CA46B337C418}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D38193DB-D842-4DE6-BEA9-C45F0C000040}" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"{DC1DFDD6-BAC7-4A85-AC43-941722A5846F}" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"{DF47BFB4-8272-4FDB-81D3-6917A96DA10F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2009\fm.exe |
"{E47BB8AF-CC1C-43AE-A5FF-1F405554A95E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F805E485-580F-400C-A0F5-1F4ECC075017}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0BF78E88-A7C9-4406-89CF-0BA473BA7821}" = Orion
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 15
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye webcam
"{41CE9D26-2DF7-498D-8E16-314507EDEE21}" = Samsung PC Studio 3
"{427967BF-09F8-46D5-9275-37001CCBBA5D}" = Winbond CIR Drivers
"{4BCE366F-A0E0-4869-A6E2-A77CD82C8FFD}" = TubeTilla Free
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{57B18739-7A22-44D7-A263-6E2A2180D3BC}" = Philips SA19XX Device Manager
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}" = Flip Words 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = MusicmatchŪ Jukebox
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = IntelŪ Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9C3C151F-75E5-4375-AD85-76645A1A001F}" = TubeTillaFree
"{A14C24F6-615B-415E-84B0-610FDAD19B68}" = MobileMe Control Panel
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"7-Zip" = 7-Zip 4.64
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG8Uninstall" = AVG Free 8.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"COMODO Firewall Pro" = COMODO Firewall Pro
"GridVista" = Acer GridVista
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live & Sponsor (CiD)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Party-- Look for another playground --" = Party-- Look for another playground --
"Party** Game for big ones **" = Party** Game for big ones **
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"ShortKeys 2" = ShortKeys 2
"Spotify" = Spotify
"Steam App 10540" = Football Manager 2009
"Switch" = Switch Sound File Converter
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = ĩTorrent
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinRAR" = WinRAR
"WinZip" = WinZip
"Yahoo! Messenger" = Yahoo! Messenger
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Checkup.Txt
Results of screen317's Security Check version 0.98.9
Windows Vista Service Pack 1
Out of date service pack!!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
AVG Free 8.5
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner
COMODO Firewall Pro
Antivirus up to date!
``````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
HijackThis 2.0.2
CCleaner (remove only)
Java™ 6 Update 15
Adobe Flash Player 10
Adobe Reader 9
``````````````````````````````
Process Check:
objlist.exe by Laurent
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgnsx.exe
Comodo Firewall cmdagent.exe
Comodo Firewall cfp.exe
Empowering Technology eSettings Service capuserv.exe
``````````````````````````````
DNS Vulnerability Check:
Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)
`````````End of Log```````````
Below are the details you require.
MBAM - Will not run for me at all.
OTL.Txt
OTL logfile created on: 29/08/2009 17:19:23 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Wilma\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.11% Memory free
4.00 Gb Paging File | 2.70 Gb Available in Paging File | 67.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.19 Gb Total Space | 40.13 Gb Free Space | 36.09% Space Free | Partition Type: NTFS
Drive D: | 107.69 Gb Total Space | 106.52 Gb Free Space | 98.92% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 788.21 Gb Free Space | 84.62% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: WILMA-PC
Current User Name: Wilma
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2008/10/29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2009/08/12 13:51:11 | 00,152,068 | ---- | M] () -- C:\Windows\temp\499854612.tmp
PRC - [2008/01/24 03:28:00 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2008/02/25 09:53:24 | 00,518,656 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2007/10/10 14:41:54 | 01,286,144 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2007/11/22 09:01:00 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/01/24 03:29:00 | 04,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/02 14:17:28 | 00,707,080 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2008/01/22 19:14:24 | 00,200,704 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
PRC - [2008/02/11 21:13:12 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008/02/11 21:13:02 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008/02/11 21:13:08 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2007/09/19 22:41:50 | 00,051,200 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe
PRC - [2005/07/15 22:48:33 | 00,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe
PRC - [2009/08/29 11:22:03 | 02,007,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2008/11/08 11:09:38 | 01,481,984 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cfp.exe
PRC - [2005/05/10 17:04:52 | 00,110,592 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
PRC - [2008/11/20 14:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007/06/27 20:03:40 | 00,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2005/05/10 17:04:50 | 00,102,400 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
PRC - [2008/02/11 21:13:10 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/01/24 03:28:00 | 01,021,224 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2009/06/14 13:15:48 | 01,217,784 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam.exe
PRC - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/08 11:10:25 | 00,544,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cmdagent.exe
PRC - [2009/05/06 19:03:45 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/01/21 03:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/02/25 09:50:10 | 00,491,008 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/02/11 21:13:06 | 00,170,520 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2008/10/25 08:18:50 | 00,098,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2007/10/02 00:42:36 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2009/08/12 13:53:00 | 00,055,296 | ---- | M] () -- C:\Users\Wilma\AppData\Roaming\taskeng.exe
PRC - [2008/05/30 19:18:14 | 01,512,960 | ---- | M] (Koninklijke Philips Electronics N.V.) -- C:\Program Files\Philips\SA19XX\Philips Device Manager\bin\DeviceManager.exe
PRC - [2007/12/20 19:32:04 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007/12/20 19:33:14 | 00,761,856 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
PRC - [2005/05/10 17:04:50 | 00,403,456 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
PRC - [2008/03/25 02:37:18 | 00,462,848 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
PRC - [2007/11/22 09:01:00 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2007/01/17 19:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/01/10 02:43:28 | 00,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
PRC - [2007/11/28 02:54:36 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2008/10/06 17:54:22 | 00,037,888 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Services\netservices.exe
PRC - [2007/09/06 20:02:04 | 00,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
PRC - [2007/12/04 03:58:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2008/01/24 03:29:00 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe
PRC - [2007/09/10 23:28:18 | 00,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/12/20 02:09:22 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/09/20 21:57:28 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2009/03/03 03:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/03/03 03:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2008/01/21 03:23:52 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2007/06/27 20:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2008/01/21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2007/06/27 20:04:00 | 01,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/03/18 18:50:30 | 00,079,088 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
PRC - [2009/08/29 11:11:14 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2009/08/29 11:22:00 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/08/29 11:21:20 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/29 16:49:41 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2007/09/19 22:41:50 | 00,051,200 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService [Auto | Running])
SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/08/29 11:21:15 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Stopped])
SRV - [2009/08/29 11:22:00 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/07/27 19:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/11/08 11:10:25 | 00,544,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cmdagent.exe -- (cmdAgent [Auto | Running])
SRV - [2008/02/25 09:50:10 | 00,491,008 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service [Auto | Running])
SRV - [2008/01/21 03:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2007/10/02 00:42:36 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService [Auto | Running])
SRV - [2007/12/20 19:32:04 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service [Auto | Running])
SRV - [2007/09/10 23:28:18 | 00,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService [Auto | Running])
SRV - [2007/12/20 02:09:22 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService [Auto | Running])
SRV - [2008/01/21 03:23:49 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2008/06/20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/08/29 11:00:30 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper [On_Demand | Stopped])
SRV - [2009/05/06 19:03:44 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2007/11/22 09:01:00 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running])
SRV - [2008/06/20 02:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2007/01/17 19:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2007/11/28 02:54:36 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService [Auto | Running])
SRV - [2007/06/29 20:16:56 | 00,800,040 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2008/10/06 17:54:22 | 00,037,888 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Services\netservices.exe -- (NetService [Auto | Running])
SRV - [2008/06/20 02:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007/06/27 20:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 22:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/12/04 03:58:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2009/08/29 11:11:14 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service [On_Demand | Running])
SRV - [2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2008/01/21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped])
SRV - [2007/10/25 16:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
SRV - [2007/09/20 21:57:28 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService [Auto | Running])
SRV - [2008/01/21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
SRV - [2008/01/24 03:29:00 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Running])
========== Driver Services (SafeList) ==========
DRV - [2008/01/21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008/01/21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2008/01/21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008/01/21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2009/08/29 11:21:21 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Stopped])
DRV - [2009/08/29 11:21:21 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Stopped])
DRV - [2009/05/09 10:52:39 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2008/01/24 03:29:00 | 00,179,712 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\DRIVERS\b57nd60x.sys -- (b57nd60x [On_Demand | Stopped])
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2008/11/08 11:10:22 | 00,076,280 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\cmdguard.sys -- (cmdGuard [System | Running])
DRV - [2008/11/08 11:10:22 | 00,024,568 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\cmdhlp.sys -- (cmdHlp [System | Running])
DRV - [2008/01/21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/11/02 14:29:38 | 00,021,264 | ---- | M] (Dritek System Inc.) -- C:\Windows\System32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2008/01/21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008/01/21 03:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2008/04/17 14:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/01/21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008/01/21 03:23:22 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV - [2008/01/24 03:29:00 | 00,984,064 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2008/01/24 03:29:00 | 00,208,384 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
DRV - [2007/11/22 09:05:00 | 00,308,248 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2008/01/21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2008/02/11 20:36:10 | 02,302,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (igfx [On_Demand | Running])
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2008/11/08 11:10:23 | 00,066,552 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\inspect.sys -- (Inspect [On_Demand | Running])
DRV - [2007/07/03 18:05:20 | 00,015,392 | ---- | M] (Acer, Inc.) -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15 [Auto | Running])
DRV - [2008/01/24 03:29:00 | 01,950,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/10/09 16:42:42 | 00,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\DRIVERS\KMWDFILTER.sys -- (KMWDFILTER [On_Demand | Stopped])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2008/01/24 03:29:00 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2008/01/21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2008/01/21 03:23:20 | 02,225,664 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw3v32.sys -- (NETw3v32 [On_Demand | Stopped])
DRV - [2007/10/31 03:36:32 | 02,252,800 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw4v32.sys -- (NETw4v32 [On_Demand | Running])
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2008/03/13 19:06:41 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2008/03/11 03:11:00 | 08,240,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Stopped])
DRV - [2008/01/21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2008/01/03 12:07:24 | 00,018,480 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter [Boot | Running])
DRV - [2008/01/03 12:07:24 | 00,016,432 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\DRIVERS\PSDNServ.sys -- (PSDNServ [Auto | Running])
DRV - [2008/01/03 12:07:26 | 00,059,952 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\DRIVERS\PSDVdisk.sys -- (psdvdisk [Auto | Running])
DRV - [2005/05/10 16:04:10 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008/01/21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2008/02/16 01:42:42 | 00,046,592 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007/07/30 18:42:58 | 00,043,008 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007/07/30 19:54:02 | 00,038,400 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2008/01/21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2007/06/12 18:38:26 | 01,729,152 | ---- | M] () -- C:\Windows\System32\DRIVERS\snp2uvc.sys -- (SNP2UVC [On_Demand | Running])
DRV - [2007/05/02 12:12:34 | 00,083,592 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\DRIVERS\ssm_bus.sys -- (ssm_bus [On_Demand | Stopped])
DRV - [2007/05/02 12:12:36 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\DRIVERS\ssm_mdfl.sys -- (ssm_mdfl [On_Demand | Stopped])
DRV - [2007/05/02 12:12:36 | 00,109,704 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\DRIVERS\ssm_mdm.sys -- (ssm_mdm [On_Demand | Stopped])
DRV - [2006/07/24 17:05:00 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2008/01/24 03:28:00 | 00,192,816 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2008/01/21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/10/01 14:01:28 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
DRV - [2008/01/21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2008/01/24 03:29:00 | 00,660,480 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2008/01/24 03:29:00 | 00,043,008 | ---- | M] (Winbond Electronics Corporation) -- C:\Windows\System32\DRIVERS\winbondcir.sys -- (winbondcir [On_Demand | Running])
DRV - [2008/01/24 03:29:00 | 00,008,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.sys -- (XAudio [Auto | Running])
DRV - [2008/01/05 01:15:08 | 00,041,456 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796} [Auto | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/03/02 00:44:06 | 00,000,000 | ---D | M]
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [clock drv coal bird] C:\ProgramData\Once bib else.j8r File not found
O4 - HKLM..\Run: [COMODO Firewall Pro] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO)
O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [heckinternet] C:\ProgramData\sect soap soap.9bm File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [mssysfs] C:\Windows\System32\e.exe File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PhilipsDM\SA1916] C:\Program Files\Philips\SA19XX\Philips Device Manager\Bin\LaunchDM.exe (Koninklijke Philips Electronics N.V.)
O4 - HKLM..\Run: [PKR Pal] C:\Program Files\PKR\pkrpal.exe File not found
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PLFSet] C:\Windows\PLFSet.DLL ( )
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [MicrosoftUpdate] C:\Users\Wilma\AppData\Roaming\taskeng.exe ()
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Wilma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Wilma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winsys.exe.lnk = C:\Windows\System32\winsys.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Party-- Look for another playground -- - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\Party-- Look for another playground --\RunApp.exe ()
O9 - Extra 'Tools' menuitem : Party-- Look for another playground -- - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\Party-- Look for another playground --\RunApp.exe ()
O9 - Extra Button: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\Party** Game for big ones **\RunApp.exe ()
O9 - Extra 'Tools' menuitem : Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\Party** Game for big ones **\RunApp.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: premierleague.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: top100djs.net ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.136,85.255.112.145
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (nvrtm) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-1391942858-3662076656-424549341-6232\rundll32.exe) - C:\RECYCLER\S-1-5-21-1391942858-3662076656-424549341-6232\.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk E:\
O33 - MountPoints2\{b125bd88-6adb-11de-b032-f9925058d96e}\Shell\AutoRun\command - "" = RECYCLER\usbassist.exe
O33 - MountPoints2\{b125bd88-6adb-11de-b032-f9925058d96e}\Shell\opEN\CoMmanD - "" = RECYCLER\usbassist.exe
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/08/29 17:04:20 | 00,050,688 | ---- | C] (Atribune.org) -- C:\Users\Wilma\Desktop\ATF-Cleaner.exe
[2009/08/29 17:04:11 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
[2009/08/29 17:04:00 | 00,838,360 | ---- | C] () -- C:\Users\Wilma\Desktop\SecurityCheck.exe
[2009/08/29 12:26:20 | 00,001,878 | ---- | C] () -- C:\Users\Wilma\Desktop\HijackThis.lnk
[2009/08/29 12:26:15 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/29 12:23:12 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/08/29 12:23:12 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/08/29 12:23:12 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/08/29 12:13:50 | 00,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/29 12:13:32 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/29 12:13:26 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/08/29 12:13:24 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/08/29 12:13:11 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/29 12:12:17 | 03,942,048 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Wilma\Desktop\mbam-setup.exe
[2009/08/28 21:29:43 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/08/17 19:55:27 | 13,195,7136 | ---- | C] () -- C:\Users\Wilma\Desktop\HannahWild_Electro_Sessions.mp3
[2009/08/13 12:51:48 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2009/08/13 11:02:26 | 00,144,384 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\cooper.mine
[2009/08/12 13:53:01 | 00,055,296 | ---- | C] () -- C:\Users\Wilma\AppData\Roaming\taskeng.exe
[2009/08/12 13:51:16 | 00,000,262 | -H-- | C] () -- C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/08/12 13:50:39 | 00,000,000 | RHSD | C] -- C:\RECYCLER
[2009/08/12 13:15:25 | 21,971,599 | ---- | C] () -- C:\Users\Wilma\Desktop\02-dustin_zahn-stranger_to_stability__len_faki_podium_mix.mp3
[2009/08/06 13:12:58 | 09,199,660 | ---- | C] () -- C:\Users\Wilma\Desktop\GREEN DAY 21 GUNS.wav
[2009/08/06 13:09:45 | 02,568,809 | ---- | C] () -- C:\Users\Wilma\Desktop\catchyoutube_com.mp3
[2009/08/06 12:52:59 | 00,000,000 | ---D | C] -- C:\Users\Wilma\Documents\TubeTilla
[2009/08/06 12:47:30 | 00,000,000 | ---D | C] -- C:\Program Files\TubeTilla
[2009/08/05 14:30:37 | 16,963,036 | ---- | C] () -- C:\Users\Wilma\Desktop\Benny-My_Ten_Points_-_Federico_Milani_Rmx-Whist_Records.mp3
[2009/08/05 13:20:04 | 16,982,811 | ---- | C] () -- C:\Users\Wilma\Desktop\03-rehab-purple_lightsaber_(ahmet_sendil_remix)-(www.4clubbers.pl up by B-Max).mp3
[2009/08/05 13:07:56 | 14,903,483 | ---- | C] () -- C:\Users\Wilma\Desktop\Jorgensen vs BSD - I Don't Care (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/05 13:05:25 | 09,403,723 | ---- | C] () -- C:\Users\Wilma\Desktop\Faithless - God is a DJ (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/05 12:59:34 | 12,821,462 | ---- | C] () -- C:\Users\Wilma\Desktop\Deadmau5 aka BSOD - Game Over (Original Mix)www.4clubbers.pl.mp3
[2009/08/05 12:46:53 | 18,384,048 | ---- | C] () -- C:\Users\Wilma\Desktop\Terry Grant - Chinese Laundry (Sonny Wharton Remix) www.4clubbers.pl.mp3
[2009/08/05 12:40:42 | 15,838,160 | ---- | C] () -- C:\Users\Wilma\Desktop\Incognet-Imagine - Arty Remix [4clubbers.pl].mp3
[2009/04/25 16:02:43 | 00,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2009/04/12 13:09:34 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/01/14 12:31:30 | 00,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008/10/28 22:48:15 | 00,139,008 | ---- | C] () -- C:\Windows\System32\guard32.dll
[2008/10/28 16:25:10 | 00,000,000 | ---- | C] () -- C:\Windows\winfile.ini
[2008/10/16 10:07:36 | 00,001,627 | ---- | C] () -- C:\Windows\System32\Load.ini
[2008/06/29 14:24:32 | 00,311,128 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2008/06/29 14:24:32 | 00,168,960 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/06/29 14:24:31 | 01,526,468 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2008/06/21 10:41:57 | 00,000,030 | ---- | C] () -- C:\Windows\SetPanel.ini
[2008/06/21 10:41:28 | 00,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2008/06/21 10:12:31 | 00,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2008/06/21 10:12:31 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2008/06/21 09:50:25 | 00,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/04/28 13:55:27 | 00,162,816 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2008/03/13 21:28:22 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008/03/13 19:23:17 | 00,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008/03/13 19:22:37 | 00,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2008/03/13 18:04:11 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/03/13 18:04:11 | 00,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/03/13 18:04:10 | 01,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/03/13 18:04:10 | 01,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/03/13 18:04:02 | 01,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008/03/13 18:04:02 | 00,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll
[2008/03/13 18:03:46 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/02/11 20:55:18 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:23:31 | 00,000,459 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 11:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 23:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 06:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 23:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 05:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== Files - Modified Within 30 Days ==========
[2009/08/29 17:09:36 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 17:09:36 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 17:00:03 | 00,000,262 | -H-- | M] () -- C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/08/29 16:50:17 | 00,838,360 | ---- | M] () -- C:\Users\Wilma\Desktop\SecurityCheck.exe
[2009/08/29 16:49:41 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
[2009/08/29 16:48:54 | 00,050,688 | ---- | M] (Atribune.org) -- C:\Users\Wilma\Desktop\ATF-Cleaner.exe
[2009/08/29 12:26:20 | 00,001,878 | ---- | M] () -- C:\Users\Wilma\Desktop\HijackThis.lnk
[2009/08/29 12:13:50 | 00,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/29 11:21:58 | 40,257,360 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/08/29 11:21:58 | 00,073,369 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/08/29 11:21:21 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/08/29 11:21:21 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/08/29 11:21:21 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2009/08/29 11:18:28 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/08/29 11:18:28 | 00,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/08/29 11:18:28 | 00,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/08/29 11:09:42 | 00,000,212 | ---- | M] () -- C:\Windows\tasks\PAV.job
[2009/08/29 11:09:32 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/29 11:09:24 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/29 11:09:14 | 21,353,84064 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/28 23:04:41 | 02,925,853 | -H-- | M] () -- C:\Users\Wilma\AppData\Local\IconCache.db
[2009/08/28 22:57:27 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/08/21 12:48:00 | 00,000,504 | ---- | M] () -- C:\Users\Wilma\Documents\My Sharing Folders.lnk
[2009/08/17 19:55:33 | 13,195,7136 | ---- | M] () -- C:\Users\Wilma\Desktop\HannahWild_Electro_Sessions.mp3
[2009/08/16 09:04:54 | 03,942,048 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Wilma\Desktop\mbam-setup.exe
[2009/08/13 11:02:12 | 00,144,384 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\cooper.mine
[2009/08/12 23:25:25 | 00,297,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/08/12 13:53:00 | 00,055,296 | ---- | M] () -- C:\Users\Wilma\AppData\Roaming\taskeng.exe
[2009/08/12 13:15:30 | 21,971,599 | ---- | M] () -- C:\Users\Wilma\Desktop\02-dustin_zahn-stranger_to_stability__len_faki_podium_mix.mp3
[2009/08/12 12:27:28 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2009/08/11 12:24:34 | 09,403,723 | ---- | M] () -- C:\Users\Wilma\Desktop\Faithless - God is a DJ (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/11 12:18:11 | 14,903,483 | ---- | M] () -- C:\Users\Wilma\Desktop\Jorgensen vs BSD - I Don't Care (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/06 19:00:44 | 30,378,2145 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/08/06 13:14:20 | 00,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2009/08/06 13:13:51 | 09,199,660 | ---- | M] () -- C:\Users\Wilma\Desktop\GREEN DAY 21 GUNS.wav
[2009/08/06 13:09:58 | 02,568,809 | ---- | M] () -- C:\Users\Wilma\Desktop\catchyoutube_com.mp3
[2009/08/05 14:30:38 | 16,963,036 | ---- | M] () -- C:\Users\Wilma\Desktop\Benny-My_Ten_Points_-_Federico_Milani_Rmx-Whist_Records.mp3
[2009/08/05 13:20:05 | 16,982,811 | ---- | M] () -- C:\Users\Wilma\Desktop\03-rehab-purple_lightsaber_(ahmet_sendil_remix)-(www.4clubbers.pl up by B-Max).mp3
[2009/08/05 12:59:35 | 12,821,462 | ---- | M] () -- C:\Users\Wilma\Desktop\Deadmau5 aka BSOD - Game Over (Original Mix)www.4clubbers.pl.mp3
[2009/08/05 12:46:55 | 18,384,048 | ---- | M] () -- C:\Users\Wilma\Desktop\Terry Grant - Chinese Laundry (Sonny Wharton Remix) www.4clubbers.pl.mp3
[2009/08/05 12:40:44 | 15,838,160 | ---- | M] () -- C:\Users\Wilma\Desktop\Incognet-Imagine - Arty Remix [4clubbers.pl].mp3
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== LOP Check ==========
[2009/08/12 13:53:01 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming
[2009/03/03 18:46:41 | 00,000,000 | -HSD | M] -- C:\Users\Wilma\AppData\Roaming\.#
[2008/11/10 14:40:13 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Ableton
[2008/03/13 18:56:26 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Acer GameZone Console
[2009/06/18 14:00:48 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Ahead
[2009/06/22 17:15:16 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\AVS4YOU
[2009/03/02 11:23:39 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\CyberLink
[2006/11/02 13:37:34 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Media Center Programs
[2008/12/23 10:21:21 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Musicmatch
[2008/12/12 13:14:38 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\NCH Software
[2008/12/11 16:18:21 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\NCH Swift Sound
[2009/01/14 12:39:19 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Samsung
[2009/04/19 21:14:26 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Sports Interactive
[2009/03/15 23:04:08 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Spotify
[2009/08/12 13:57:30 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\uTorrent
[2009/08/29 11:09:42 | 00,000,212 | ---- | M] () -- C:\Windows\Tasks\PAV.job
[2009/08/29 11:09:32 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/08/28 23:05:09 | 00,032,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/08/29 17:00:03 | 00,000,262 | -H-- | M] () -- C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
========== Purity Check ==========
< End of report >
Extras.Txt
OTL Extras logfile created on: 29/08/2009 17:19:23 - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Wilma\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.11% Memory free
4.00 Gb Paging File | 2.70 Gb Available in Paging File | 67.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.19 Gb Total Space | 40.13 Gb Free Space | 36.09% Space Free | Partition Type: NTFS
Drive D: | 107.69 Gb Total Space | 106.52 Gb Free Space | 98.92% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 788.21 Gb Free Space | 84.62% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: WILMA-PC
Current User Name: Wilma
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{232B701D-F39C-4D39-8068-70D21A1E5762}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{76BD4457-7E05-48A0-ACA7-8063E0B6FE3C}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12E58308-B6BD-4243-B022-18399429E8C8}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{33A26CA1-D20E-48B1-8009-39DBF7D59ADC}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe |
"{3B0FBD81-099D-4314-AD7A-3F4A3957A3B9}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3BB9AFE6-95EA-4D2B-8FC9-B4E0E6138F20}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{419F4AE7-FEA0-457C-A110-0CCF57166A2E}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{438A3B57-AA82-4577-8BDD-496D3EB6BD6B}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{51AE317D-CA38-483D-AC9E-4BDDE83DDAF8}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe |
"{53D0BA7B-8240-4EDE-B9E1-62410154F484}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{5580FFBB-01B1-4315-9A42-74B51FA8FE86}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{5B0C8067-2596-492B-AFE2-79CEA967C244}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe |
"{61CA596A-02B9-4C2B-A4BF-53F183C71403}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{62E8D9AB-4409-40D1-B915-276A833F63C2}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2009\fm.exe |
"{72123FFE-BB08-48F2-B7AF-257B2DDBCA8D}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{73D854ED-9D9B-403C-8F4C-68EA9E1538B2}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{900F6399-E975-4771-B915-24FAC99E7C60}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{9B6B1539-83A2-4A16-A434-3BE5BD7E6009}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A94AC1A7-A736-4399-AF28-087EABD7918E}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe |
"{AB3AC95F-DF44-457F-B6B0-647E5D87B776}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{ACD90F08-CDEF-40D6-ACC6-94562BA9FA54}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B2C8E215-A27F-4B0C-B2AE-E5100277EF96}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B2DA1A9C-DC76-41CC-85FB-E5E37A78DCD9}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{B948D066-090D-4853-B422-CA46B337C418}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D38193DB-D842-4DE6-BEA9-C45F0C000040}" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"{DC1DFDD6-BAC7-4A85-AC43-941722A5846F}" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"{DF47BFB4-8272-4FDB-81D3-6917A96DA10F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2009\fm.exe |
"{E47BB8AF-CC1C-43AE-A5FF-1F405554A95E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F805E485-580F-400C-A0F5-1F4ECC075017}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0BF78E88-A7C9-4406-89CF-0BA473BA7821}" = Orion
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 15
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye webcam
"{41CE9D26-2DF7-498D-8E16-314507EDEE21}" = Samsung PC Studio 3
"{427967BF-09F8-46D5-9275-37001CCBBA5D}" = Winbond CIR Drivers
"{4BCE366F-A0E0-4869-A6E2-A77CD82C8FFD}" = TubeTilla Free
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{57B18739-7A22-44D7-A263-6E2A2180D3BC}" = Philips SA19XX Device Manager
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}" = Flip Words 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = MusicmatchŪ Jukebox
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = IntelŪ Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9C3C151F-75E5-4375-AD85-76645A1A001F}" = TubeTillaFree
"{A14C24F6-615B-415E-84B0-610FDAD19B68}" = MobileMe Control Panel
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"7-Zip" = 7-Zip 4.64
"Acer GameZone Console_is1" = Acer GameZone Console 2.0.1.1
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG8Uninstall" = AVG Free 8.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"COMODO Firewall Pro" = COMODO Firewall Pro
"GridVista" = Acer GridVista
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live & Sponsor (CiD)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Party-- Look for another playground --" = Party-- Look for another playground --
"Party** Game for big ones **" = Party** Game for big ones **
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"ShortKeys 2" = ShortKeys 2
"Spotify" = Spotify
"Steam App 10540" = Football Manager 2009
"Switch" = Switch Sound File Converter
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = ĩTorrent
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinRAR" = WinRAR
"WinZip" = WinZip
"Yahoo! Messenger" = Yahoo! Messenger
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Checkup.Txt
Results of screen317's Security Check version 0.98.9
Windows Vista Service Pack 1
Out of date service pack!!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
AVG Free 8.5
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner
COMODO Firewall Pro
Antivirus up to date!
``````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
HijackThis 2.0.2
CCleaner (remove only)
Java™ 6 Update 15
Adobe Flash Player 10
Adobe Reader 9
``````````````````````````````
Process Check:
objlist.exe by Laurent
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgnsx.exe
Comodo Firewall cmdagent.exe
Comodo Firewall cfp.exe
Empowering Technology eSettings Service capuserv.exe
``````````````````````````````
DNS Vulnerability Check:
Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)
`````````End of Log```````````
First:
Run OTL.exe
Second:
Rename the MBAM executable to a name of youre choosing, then see if it will run.
Run OTL.exe
- Under the Custom Scans/Fixes box at the bottom, paste in the followingCODE:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - HKLM..\Run: [clock drv coal bird] C:\ProgramData\Once bib else.j8r File not found
O4 - HKLM..\Run: [mssysfs] C:\Windows\System32\e.exe File not found
:Services
:Reg
:Files
C:\Windows\temp\499854612.tmp
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot] - Then click the Run Fix button at the top
- Let the program run unhindered, reboot when it is done
- Then post a new OTL2 log
Second:
Rename the MBAM executable to a name of youre choosing, then see if it will run.
I done as you requested and new log is below.
I uninstalled MBAM and renamed it. It installs but wont run.
OTL logfile created on: 29/08/2009 21:24:34 - Run 2
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Wilma\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 52.04% Memory free
4.00 Gb Paging File | 2.90 Gb Available in Paging File | 72.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.19 Gb Total Space | 40.15 Gb Free Space | 36.11% Space Free | Partition Type: NTFS
Drive D: | 107.69 Gb Total Space | 106.52 Gb Free Space | 98.92% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: WILMA-PC
Current User Name: Wilma
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2008/10/29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2008/01/24 03:28:00 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2008/02/25 09:53:24 | 00,518,656 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2007/10/10 14:41:54 | 01,286,144 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2007/11/22 09:01:00 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/01/24 03:29:00 | 04,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/02 14:17:28 | 00,707,080 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2008/01/22 19:14:24 | 00,200,704 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
PRC - [2008/02/11 21:13:12 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008/02/11 21:13:02 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008/02/11 21:13:08 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2005/07/15 22:48:33 | 00,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe
PRC - [2009/08/29 11:22:03 | 02,007,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2005/05/10 17:04:52 | 00,110,592 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
PRC - [2008/11/20 14:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2007/06/27 20:03:40 | 00,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2009/05/06 19:03:45 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/01/21 03:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/10/25 08:18:50 | 00,098,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008/01/24 03:28:00 | 01,021,224 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2005/05/10 17:04:50 | 00,102,400 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
PRC - [2007/09/19 22:41:50 | 00,051,200 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe
PRC - [2008/02/11 21:13:10 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2009/08/12 13:53:00 | 00,055,296 | ---- | M] () -- C:\Users\Wilma\AppData\Roaming\taskeng.exe
PRC - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/29 11:22:00 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009/08/29 11:21:21 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/29 11:21:20 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2008/11/08 11:10:25 | 00,544,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cmdagent.exe
PRC - [2008/02/25 09:50:10 | 00,491,008 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2007/10/02 00:42:36 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007/12/20 19:32:04 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2008/02/11 21:13:06 | 00,170,520 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2007/12/20 19:33:14 | 00,761,856 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
PRC - [2008/03/25 02:37:18 | 00,462,848 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
PRC - [2008/01/10 02:43:28 | 00,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
PRC - [2008/05/30 19:18:14 | 01,512,960 | ---- | M] (Koninklijke Philips Electronics N.V.) -- C:\Program Files\Philips\SA19XX\Philips Device Manager\bin\DeviceManager.exe
PRC - [2007/11/22 09:01:00 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2007/01/17 19:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007/09/06 20:02:04 | 00,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
PRC - [2007/11/28 02:54:36 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2008/10/06 17:54:22 | 00,037,888 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Services\netservices.exe
PRC - [2005/05/10 17:04:50 | 00,403,456 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
PRC - [2007/12/04 03:58:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2008/01/24 03:29:00 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe
PRC - [2009/08/29 11:21:15 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2007/09/10 23:28:18 | 00,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/12/20 02:09:22 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2009/08/29 11:22:08 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2007/09/20 21:57:28 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2009/03/03 03:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/03/03 03:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2008/01/21 03:23:52 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2008/01/21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2007/06/27 20:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2007/06/27 20:04:00 | 01,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2009/08/29 21:10:07 | 00,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Wilma\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2009/03/18 18:50:30 | 00,079,088 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
PRC - [2008/01/21 03:23:52 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/08/29 16:49:41 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2007/09/19 22:41:50 | 00,051,200 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService [Auto | Running])
SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/08/29 11:21:15 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/08/29 11:22:00 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/07/27 19:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/11/08 11:10:25 | 00,544,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cmdagent.exe -- (cmdAgent [Auto | Running])
SRV - [2008/02/25 09:50:10 | 00,491,008 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service [Auto | Running])
SRV - [2008/01/21 03:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2007/10/02 00:42:36 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService [Auto | Running])
SRV - [2007/12/20 19:32:04 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service [Auto | Running])
SRV - [2007/09/10 23:28:18 | 00,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService [Auto | Running])
SRV - [2007/12/20 02:09:22 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService [Auto | Running])
SRV - [2008/01/21 03:23:49 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2008/06/20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/08/29 11:00:30 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper [On_Demand | Stopped])
SRV - [2009/05/06 19:03:44 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2007/11/22 09:01:00 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running])
SRV - [2008/06/20 02:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2007/01/17 19:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2007/11/28 02:54:36 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService [Auto | Running])
SRV - [2007/06/29 20:16:56 | 00,800,040 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2008/10/06 17:54:22 | 00,037,888 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Services\netservices.exe -- (NetService [Auto | Running])
SRV - [2008/06/20 02:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007/06/27 20:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 22:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/12/04 03:58:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2009/08/29 20:49:48 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service [On_Demand | Stopped])
SRV - [2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2008/01/21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped])
SRV - [2007/10/25 16:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
SRV - [2007/09/20 21:57:28 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService [Auto | Running])
SRV - [2008/01/21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
SRV - [2008/01/24 03:29:00 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Running])
========== Driver Services (SafeList) ==========
DRV - [2008/01/21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008/01/21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2008/01/21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008/01/21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2009/08/29 11:21:21 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009/08/29 11:21:21 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009/05/09 10:52:39 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2008/01/24 03:29:00 | 00,179,712 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\DRIVERS\b57nd60x.sys -- (b57nd60x [On_Demand | Stopped])
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2008/11/08 11:10:22 | 00,076,280 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\cmdguard.sys -- (cmdGuard [System | Running])
DRV - [2008/11/08 11:10:22 | 00,024,568 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\cmdhlp.sys -- (cmdHlp [System | Running])
DRV - [2008/01/21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/11/02 14:29:38 | 00,021,264 | ---- | M] (Dritek System Inc.) -- C:\Windows\System32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2008/01/21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008/01/21 03:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2008/04/17 14:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/01/21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008/01/21 03:23:22 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV - [2008/01/24 03:29:00 | 00,984,064 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2008/01/24 03:29:00 | 00,208,384 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
DRV - [2007/11/22 09:05:00 | 00,308,248 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2008/01/21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2008/02/11 20:36:10 | 02,302,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (igfx [On_Demand | Running])
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2008/11/08 11:10:23 | 00,066,552 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\inspect.sys -- (Inspect [On_Demand | Running])
DRV - [2007/07/03 18:05:20 | 00,015,392 | ---- | M] (Acer, Inc.) -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15 [Auto | Running])
DRV - [2008/01/24 03:29:00 | 01,950,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/10/09 16:42:42 | 00,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\DRIVERS\KMWDFILTER.sys -- (KMWDFILTER [On_Demand | Stopped])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2008/01/24 03:29:00 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2008/01/21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2008/01/21 03:23:20 | 02,225,664 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw3v32.sys -- (NETw3v32 [On_Demand | Stopped])
DRV - [2007/10/31 03:36:32 | 02,252,800 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw4v32.sys -- (NETw4v32 [On_Demand | Running])
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2008/03/13 19:06:41 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2008/03/11 03:11:00 | 08,240,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Stopped])
DRV - [2008/01/21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2008/01/03 12:07:24 | 00,018,480 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter [Boot | Running])
DRV - [2008/01/03 12:07:24 | 00,016,432 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\DRIVERS\PSDNServ.sys -- (PSDNServ [Auto | Running])
DRV - [2008/01/03 12:07:26 | 00,059,952 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\DRIVERS\PSDVdisk.sys -- (psdvdisk [Auto | Running])
DRV - [2005/05/10 16:04:10 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008/01/21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2008/02/16 01:42:42 | 00,046,592 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007/07/30 18:42:58 | 00,043,008 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007/07/30 19:54:02 | 00,038,400 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2008/01/21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2007/06/12 18:38:26 | 01,729,152 | ---- | M] () -- C:\Windows\System32\DRIVERS\snp2uvc.sys -- (SNP2UVC [On_Demand | Running])
DRV - [2007/05/02 12:12:34 | 00,083,592 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\DRIVERS\ssm_bus.sys -- (ssm_bus [On_Demand | Stopped])
DRV - [2007/05/02 12:12:36 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\DRIVERS\ssm_mdfl.sys -- (ssm_mdfl [On_Demand | Stopped])
DRV - [2007/05/02 12:12:36 | 00,109,704 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\DRIVERS\ssm_mdm.sys -- (ssm_mdm [On_Demand | Stopped])
DRV - [2006/07/24 17:05:00 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2008/01/24 03:28:00 | 00,192,816 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2008/01/21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/10/01 14:01:28 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
DRV - [2008/01/21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2008/01/24 03:29:00 | 00,660,480 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2008/01/24 03:29:00 | 00,043,008 | ---- | M] (Winbond Electronics Corporation) -- C:\Windows\System32\DRIVERS\winbondcir.sys -- (winbondcir [On_Demand | Running])
DRV - [2008/01/24 03:29:00 | 00,008,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.sys -- (XAudio [Auto | Running])
DRV - [2008/01/05 01:15:08 | 00,041,456 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796} [Auto | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/03/02 00:44:06 | 00,000,000 | ---D | M]
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [COMODO Firewall Pro] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO)
O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [heckinternet] C:\ProgramData\sect soap soap.9bm File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PhilipsDM\SA1916] C:\Program Files\Philips\SA19XX\Philips Device Manager\Bin\LaunchDM.exe (Koninklijke Philips Electronics N.V.)
O4 - HKLM..\Run: [PKR Pal] C:\Program Files\PKR\pkrpal.exe File not found
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PLFSet] C:\Windows\PLFSet.DLL ( )
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [MicrosoftUpdate] C:\Users\Wilma\AppData\Roaming\taskeng.exe ()
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Wilma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Wilma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winsys.exe.lnk = C:\Windows\System32\winsys.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Party-- Look for another playground -- - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\Party-- Look for another playground --\RunApp.exe ()
O9 - Extra 'Tools' menuitem : Party-- Look for another playground -- - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\Party-- Look for another playground --\RunApp.exe ()
O9 - Extra Button: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\Party** Game for big ones **\RunApp.exe ()
O9 - Extra 'Tools' menuitem : Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\Party** Game for big ones **\RunApp.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: premierleague.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: top100djs.net ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.136,85.255.112.145
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (nvrtm) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-1391942858-3662076656-424549341-6232\rundll32.exe) - C:\RECYCLER\S-1-5-21-1391942858-3662076656-424549341-6232\.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{b125bd88-6adb-11de-b032-f9925058d96e}\Shell\AutoRun\command - "" = E:\RECYCLER\usbassist.exe -- File not found
O33 - MountPoints2\{b125bd88-6adb-11de-b032-f9925058d96e}\Shell\opEN\CoMmanD - "" = E:\RECYCLER\usbassist.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/08/29 21:23:14 | 00,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/29 21:23:11 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/29 21:23:08 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/08/29 21:23:08 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/08/29 21:23:08 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/29 20:55:33 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/08/29 20:49:02 | 00,000,000 | -H-D | C] -- C:\Users\Wilma\AppData\Local\acer eNM
[2009/08/29 17:17:50 | 00,000,230 | ---- | C] () -- C:\Users\Wilma\Desktop\Gladiator Security Forum - HELP! Think you are Infected.url
[2009/08/29 17:04:20 | 00,050,688 | ---- | C] (Atribune.org) -- C:\Users\Wilma\Desktop\ATF-Cleaner.exe
[2009/08/29 17:04:11 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
[2009/08/29 17:04:00 | 00,838,360 | ---- | C] () -- C:\Users\Wilma\Desktop\SecurityCheck.exe
[2009/08/29 12:26:20 | 00,001,878 | ---- | C] () -- C:\Users\Wilma\Desktop\HijackThis.lnk
[2009/08/29 12:26:15 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/29 12:23:12 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/08/29 12:23:12 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/08/29 12:23:12 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/08/29 12:12:17 | 03,942,048 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Wilma\Desktop\mally.exe
[2009/08/28 21:29:43 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/08/17 19:55:27 | 13,195,7136 | ---- | C] () -- C:\Users\Wilma\Desktop\HannahWild_Electro_Sessions.mp3
[2009/08/13 12:51:48 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2009/08/13 11:02:26 | 00,144,384 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\cooper.mine
[2009/08/12 13:53:01 | 00,055,296 | ---- | C] () -- C:\Users\Wilma\AppData\Roaming\taskeng.exe
[2009/08/12 13:51:16 | 00,000,262 | -H-- | C] () -- C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/08/12 13:50:39 | 00,000,000 | RHSD | C] -- C:\RECYCLER
[2009/08/12 13:15:25 | 21,971,599 | ---- | C] () -- C:\Users\Wilma\Desktop\02-dustin_zahn-stranger_to_stability__len_faki_podium_mix.mp3
[2009/08/06 13:12:58 | 09,199,660 | ---- | C] () -- C:\Users\Wilma\Desktop\GREEN DAY 21 GUNS.wav
[2009/08/06 13:09:45 | 02,568,809 | ---- | C] () -- C:\Users\Wilma\Desktop\catchyoutube_com.mp3
[2009/08/06 12:52:59 | 00,000,000 | ---D | C] -- C:\Users\Wilma\Documents\TubeTilla
[2009/08/06 12:47:30 | 00,000,000 | ---D | C] -- C:\Program Files\TubeTilla
[2009/08/05 14:30:37 | 16,963,036 | ---- | C] () -- C:\Users\Wilma\Desktop\Benny-My_Ten_Points_-_Federico_Milani_Rmx-Whist_Records.mp3
[2009/08/05 13:20:04 | 16,982,811 | ---- | C] () -- C:\Users\Wilma\Desktop\03-rehab-purple_lightsaber_(ahmet_sendil_remix)-(www.4clubbers.pl up by B-Max).mp3
[2009/08/05 13:07:56 | 14,903,483 | ---- | C] () -- C:\Users\Wilma\Desktop\Jorgensen vs BSD - I Don't Care (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/05 13:05:25 | 09,403,723 | ---- | C] () -- C:\Users\Wilma\Desktop\Faithless - God is a DJ (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/05 12:59:34 | 12,821,462 | ---- | C] () -- C:\Users\Wilma\Desktop\Deadmau5 aka BSOD - Game Over (Original Mix)www.4clubbers.pl.mp3
[2009/08/05 12:46:53 | 18,384,048 | ---- | C] () -- C:\Users\Wilma\Desktop\Terry Grant - Chinese Laundry (Sonny Wharton Remix) www.4clubbers.pl.mp3
[2009/08/05 12:40:42 | 15,838,160 | ---- | C] () -- C:\Users\Wilma\Desktop\Incognet-Imagine - Arty Remix [4clubbers.pl].mp3
[2009/04/25 16:02:43 | 00,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2009/04/12 13:09:34 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/01/14 12:31:30 | 00,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008/10/28 22:48:15 | 00,139,008 | ---- | C] () -- C:\Windows\System32\guard32.dll
[2008/10/28 16:25:10 | 00,000,000 | ---- | C] () -- C:\Windows\winfile.ini
[2008/10/16 10:07:36 | 00,001,627 | ---- | C] () -- C:\Windows\System32\Load.ini
[2008/06/29 14:24:32 | 00,311,128 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2008/06/29 14:24:32 | 00,168,960 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/06/29 14:24:31 | 01,526,468 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2008/06/21 10:41:57 | 00,000,030 | ---- | C] () -- C:\Windows\SetPanel.ini
[2008/06/21 10:41:28 | 00,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2008/06/21 10:12:31 | 00,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2008/06/21 10:12:31 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2008/06/21 09:50:25 | 00,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/04/28 13:55:27 | 00,162,816 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2008/03/13 21:28:22 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008/03/13 19:23:17 | 00,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008/03/13 19:22:37 | 00,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2008/03/13 18:04:11 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/03/13 18:04:11 | 00,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/03/13 18:04:10 | 01,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/03/13 18:04:10 | 01,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/03/13 18:04:02 | 01,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008/03/13 18:04:02 | 00,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll
[2008/03/13 18:03:46 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/02/11 20:55:18 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:23:31 | 00,000,459 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 11:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 23:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 06:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 23:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 05:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== Files - Modified Within 30 Days ==========
[2009/08/29 21:24:34 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/08/29 21:24:34 | 00,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/08/29 21:24:34 | 00,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/08/29 21:23:14 | 00,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/29 21:16:02 | 00,000,262 | -H-- | M] () -- C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/08/29 21:16:02 | 00,000,212 | ---- | M] () -- C:\Windows\tasks\PAV.job
[2009/08/29 21:16:01 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 21:16:01 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 21:15:49 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/29 21:15:42 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/29 21:15:40 | 21,374,48448 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/29 21:14:51 | 02,863,121 | -H-- | M] () -- C:\Users\Wilma\AppData\Local\IconCache.db
[2009/08/29 17:37:06 | 00,000,230 | ---- | M] () -- C:\Users\Wilma\Desktop\Gladiator Security Forum - HELP! Think you are Infected.url
[2009/08/29 16:50:17 | 00,838,360 | ---- | M] () -- C:\Users\Wilma\Desktop\SecurityCheck.exe
[2009/08/29 16:49:41 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
[2009/08/29 16:48:54 | 00,050,688 | ---- | M] (Atribune.org) -- C:\Users\Wilma\Desktop\ATF-Cleaner.exe
[2009/08/29 12:26:20 | 00,001,878 | ---- | M] () -- C:\Users\Wilma\Desktop\HijackThis.lnk
[2009/08/29 11:21:58 | 40,257,360 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/08/29 11:21:58 | 00,073,369 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/08/29 11:21:21 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/08/29 11:21:21 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/08/29 11:21:21 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2009/08/28 22:57:27 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/08/21 12:48:00 | 00,000,504 | ---- | M] () -- C:\Users\Wilma\Documents\My Sharing Folders.lnk
[2009/08/17 19:55:33 | 13,195,7136 | ---- | M] () -- C:\Users\Wilma\Desktop\HannahWild_Electro_Sessions.mp3
[2009/08/16 09:04:54 | 03,942,048 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Wilma\Desktop\mally.exe
[2009/08/13 11:02:12 | 00,144,384 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\cooper.mine
[2009/08/12 23:25:25 | 00,297,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/08/12 13:53:00 | 00,055,296 | ---- | M] () -- C:\Users\Wilma\AppData\Roaming\taskeng.exe
[2009/08/12 13:15:30 | 21,971,599 | ---- | M] () -- C:\Users\Wilma\Desktop\02-dustin_zahn-stranger_to_stability__len_faki_podium_mix.mp3
[2009/08/12 12:27:28 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2009/08/11 12:24:34 | 09,403,723 | ---- | M] () -- C:\Users\Wilma\Desktop\Faithless - God is a DJ (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/11 12:18:11 | 14,903,483 | ---- | M] () -- C:\Users\Wilma\Desktop\Jorgensen vs BSD - I Don't Care (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/06 19:00:44 | 30,378,2145 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/08/06 13:14:20 | 00,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2009/08/06 13:13:51 | 09,199,660 | ---- | M] () -- C:\Users\Wilma\Desktop\GREEN DAY 21 GUNS.wav
[2009/08/06 13:09:58 | 02,568,809 | ---- | M] () -- C:\Users\Wilma\Desktop\catchyoutube_com.mp3
[2009/08/05 14:30:38 | 16,963,036 | ---- | M] () -- C:\Users\Wilma\Desktop\Benny-My_Ten_Points_-_Federico_Milani_Rmx-Whist_Records.mp3
[2009/08/05 13:20:05 | 16,982,811 | ---- | M] () -- C:\Users\Wilma\Desktop\03-rehab-purple_lightsaber_(ahmet_sendil_remix)-(www.4clubbers.pl up by B-Max).mp3
[2009/08/05 12:59:35 | 12,821,462 | ---- | M] () -- C:\Users\Wilma\Desktop\Deadmau5 aka BSOD - Game Over (Original Mix)www.4clubbers.pl.mp3
[2009/08/05 12:46:55 | 18,384,048 | ---- | M] () -- C:\Users\Wilma\Desktop\Terry Grant - Chinese Laundry (Sonny Wharton Remix) www.4clubbers.pl.mp3
[2009/08/05 12:40:44 | 15,838,160 | ---- | M] () -- C:\Users\Wilma\Desktop\Incognet-Imagine - Arty Remix [4clubbers.pl].mp3
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== LOP Check ==========
[2009/08/12 13:53:01 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming
[2009/03/03 18:46:41 | 00,000,000 | -HSD | M] -- C:\Users\Wilma\AppData\Roaming\.#
[2008/11/10 14:40:13 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Ableton
[2008/03/13 18:56:26 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Acer GameZone Console
[2009/06/18 14:00:48 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Ahead
[2009/06/22 17:15:16 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\AVS4YOU
[2009/03/02 11:23:39 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\CyberLink
[2006/11/02 13:37:34 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Media Center Programs
[2008/12/23 10:21:21 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Musicmatch
[2008/12/12 13:14:38 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\NCH Software
[2008/12/11 16:18:21 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\NCH Swift Sound
[2009/01/14 12:39:19 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Samsung
[2009/04/19 21:14:26 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Sports Interactive
[2009/03/15 23:04:08 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Spotify
[2009/08/12 13:57:30 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\uTorrent
[2009/08/29 21:16:02 | 00,000,212 | ---- | M] () -- C:\Windows\Tasks\PAV.job
[2009/08/29 21:15:49 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/08/29 21:14:56 | 00,032,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/08/29 21:16:02 | 00,000,262 | -H-- | M] () -- C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
========== Purity Check ==========
< End of report >
I uninstalled MBAM and renamed it. It installs but wont run.
OTL logfile created on: 29/08/2009 21:24:34 - Run 2
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Wilma\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 52.04% Memory free
4.00 Gb Paging File | 2.90 Gb Available in Paging File | 72.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.19 Gb Total Space | 40.15 Gb Free Space | 36.11% Space Free | Partition Type: NTFS
Drive D: | 107.69 Gb Total Space | 106.52 Gb Free Space | 98.92% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: WILMA-PC
Current User Name: Wilma
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2008/10/29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2008/01/24 03:28:00 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2008/02/25 09:53:24 | 00,518,656 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2007/10/10 14:41:54 | 01,286,144 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2007/11/22 09:01:00 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/01/24 03:29:00 | 04,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/02 14:17:28 | 00,707,080 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2008/01/22 19:14:24 | 00,200,704 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
PRC - [2008/02/11 21:13:12 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008/02/11 21:13:02 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008/02/11 21:13:08 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2005/07/15 22:48:33 | 00,479,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe
PRC - [2009/08/29 11:22:03 | 02,007,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2005/05/10 17:04:52 | 00,110,592 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
PRC - [2008/11/20 14:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2007/06/27 20:03:40 | 00,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2009/05/06 19:03:45 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/01/21 03:25:33 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/10/25 08:18:50 | 00,098,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008/01/24 03:28:00 | 01,021,224 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2005/05/10 17:04:50 | 00,102,400 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
PRC - [2007/09/19 22:41:50 | 00,051,200 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe
PRC - [2008/02/11 21:13:10 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2009/08/12 13:53:00 | 00,055,296 | ---- | M] () -- C:\Users\Wilma\AppData\Roaming\taskeng.exe
PRC - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/29 11:22:00 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009/08/29 11:21:21 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/29 11:21:20 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2008/11/08 11:10:25 | 00,544,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cmdagent.exe
PRC - [2008/02/25 09:50:10 | 00,491,008 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2007/10/02 00:42:36 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007/12/20 19:32:04 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2008/02/11 21:13:06 | 00,170,520 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2007/12/20 19:33:14 | 00,761,856 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
PRC - [2008/03/25 02:37:18 | 00,462,848 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
PRC - [2008/01/10 02:43:28 | 00,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
PRC - [2008/05/30 19:18:14 | 01,512,960 | ---- | M] (Koninklijke Philips Electronics N.V.) -- C:\Program Files\Philips\SA19XX\Philips Device Manager\bin\DeviceManager.exe
PRC - [2007/11/22 09:01:00 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2007/01/17 19:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007/09/06 20:02:04 | 00,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
PRC - [2007/11/28 02:54:36 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2008/10/06 17:54:22 | 00,037,888 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Services\netservices.exe
PRC - [2005/05/10 17:04:50 | 00,403,456 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
PRC - [2007/12/04 03:58:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2008/01/24 03:29:00 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe
PRC - [2009/08/29 11:21:15 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2007/09/10 23:28:18 | 00,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/12/20 02:09:22 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2009/08/29 11:22:08 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2007/09/20 21:57:28 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2009/03/03 03:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/03/03 03:16:04 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2008/01/21 03:23:52 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2008/01/21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2007/06/27 20:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2007/06/27 20:04:00 | 01,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2009/08/29 21:10:07 | 00,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Wilma\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2009/03/18 18:50:30 | 00,079,088 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
PRC - [2008/01/21 03:23:52 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/08/29 16:49:41 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2007/09/19 22:41:50 | 00,051,200 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService [Auto | Running])
SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/08/29 11:21:15 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])
SRV - [2009/08/29 11:22:00 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2008/12/12 12:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/07/27 19:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/11/08 11:10:25 | 00,544,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Firewall\cmdagent.exe -- (cmdAgent [Auto | Running])
SRV - [2008/02/25 09:50:10 | 00,491,008 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service [Auto | Running])
SRV - [2008/01/21 03:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2007/10/02 00:42:36 | 00,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService [Auto | Running])
SRV - [2007/12/20 19:32:04 | 00,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service [Auto | Running])
SRV - [2007/09/10 23:28:18 | 00,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService [Auto | Running])
SRV - [2007/12/20 02:09:22 | 00,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService [Auto | Running])
SRV - [2008/01/21 03:23:49 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2008/06/20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/08/29 11:00:30 | 00,033,752 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper [On_Demand | Stopped])
SRV - [2009/05/06 19:03:44 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2007/11/22 09:01:00 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running])
SRV - [2008/06/20 02:14:31 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2007/01/17 19:20:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2007/11/28 02:54:36 | 00,110,592 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService [Auto | Running])
SRV - [2007/06/29 20:16:56 | 00,800,040 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2008/10/06 17:54:22 | 00,037,888 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Services\netservices.exe -- (NetService [Auto | Running])
SRV - [2008/06/20 02:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007/06/27 20:04:00 | 00,279,848 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 22:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/12/04 03:58:12 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
SRV - [2009/08/29 20:49:48 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service [On_Demand | Stopped])
SRV - [2007/10/18 12:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2008/01/21 03:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped])
SRV - [2007/10/25 16:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])
SRV - [2007/09/20 21:57:28 | 00,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService [Auto | Running])
SRV - [2008/01/21 03:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
SRV - [2008/01/24 03:29:00 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Running])
========== Driver Services (SafeList) ==========
DRV - [2008/01/21 03:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2008/01/21 03:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2008/01/21 03:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2008/01/21 03:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2009/08/29 11:21:21 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86 [System | Running])
DRV - [2009/08/29 11:21:21 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [System | Running])
DRV - [2009/05/09 10:52:39 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX [System | Running])
DRV - [2008/01/24 03:29:00 | 00,179,712 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\DRIVERS\b57nd60x.sys -- (b57nd60x [On_Demand | Stopped])
DRV - [2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2008/11/08 11:10:22 | 00,076,280 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\cmdguard.sys -- (cmdGuard [System | Running])
DRV - [2008/11/08 11:10:22 | 00,024,568 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\cmdhlp.sys -- (cmdHlp [System | Running])
DRV - [2008/01/21 03:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/11/02 14:29:38 | 00,021,264 | ---- | M] (Dritek System Inc.) -- C:\Windows\System32\DRIVERS\DKbFltr.sys -- (DKbFltr [On_Demand | Running])
DRV - [2008/01/21 03:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2008/01/21 03:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2008/04/17 14:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2008/01/21 03:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2008/01/21 03:23:22 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV - [2008/01/24 03:29:00 | 00,984,064 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])
DRV - [2008/01/24 03:29:00 | 00,208,384 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])
DRV - [2007/11/22 09:05:00 | 00,308,248 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
DRV - [2008/01/21 03:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2008/02/11 20:36:10 | 02,302,976 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (igfx [On_Demand | Running])
DRV - [2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2008/11/08 11:10:23 | 00,066,552 | ---- | M] (COMODO) -- C:\Windows\System32\DRIVERS\inspect.sys -- (Inspect [On_Demand | Running])
DRV - [2007/07/03 18:05:20 | 00,015,392 | ---- | M] (Acer, Inc.) -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15 [Auto | Running])
DRV - [2008/01/24 03:29:00 | 01,950,552 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])
DRV - [2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2008/10/09 16:42:42 | 00,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\DRIVERS\KMWDFILTER.sys -- (KMWDFILTER [On_Demand | Stopped])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2008/01/21 03:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2008/01/24 03:29:00 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
DRV - [2008/01/21 03:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2008/01/21 03:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])
DRV - [2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2008/01/21 03:23:20 | 02,225,664 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw3v32.sys -- (NETw3v32 [On_Demand | Stopped])
DRV - [2007/10/31 03:36:32 | 02,252,800 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw4v32.sys -- (NETw4v32 [On_Demand | Running])
DRV - [2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2008/03/13 19:06:41 | 00,006,144 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Windows\System32\DRIVERS\NTIDrvr.sys -- (NTIDrvr [On_Demand | Running])
DRV - [2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2008/03/11 03:11:00 | 08,240,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Stopped])
DRV - [2008/01/21 03:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2008/01/21 03:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2008/01/03 12:07:24 | 00,018,480 | ---- | M] (Egis Incorporated) -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter [Boot | Running])
DRV - [2008/01/03 12:07:24 | 00,016,432 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\DRIVERS\PSDNServ.sys -- (PSDNServ [Auto | Running])
DRV - [2008/01/03 12:07:26 | 00,059,952 | ---- | M] (Egis Incorporated) -- C:\Windows\System32\DRIVERS\PSDVdisk.sys -- (psdvdisk [Auto | Running])
DRV - [2005/05/10 16:04:10 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2008/01/21 03:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2008/02/16 01:42:42 | 00,046,592 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2007/07/30 18:42:58 | 00,043,008 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007/07/30 19:54:02 | 00,038,400 | ---- | M] (REDC) -- C:\Windows\System32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
DRV - [2008/01/21 03:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2007/06/12 18:38:26 | 01,729,152 | ---- | M] () -- C:\Windows\System32\DRIVERS\snp2uvc.sys -- (SNP2UVC [On_Demand | Running])
DRV - [2007/05/02 12:12:34 | 00,083,592 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\DRIVERS\ssm_bus.sys -- (ssm_bus [On_Demand | Stopped])
DRV - [2007/05/02 12:12:36 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\DRIVERS\ssm_mdfl.sys -- (ssm_mdfl [On_Demand | Stopped])
DRV - [2007/05/02 12:12:36 | 00,109,704 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\DRIVERS\ssm_mdm.sys -- (ssm_mdm [On_Demand | Stopped])
DRV - [2006/07/24 17:05:00 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
DRV - [2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2008/01/24 03:28:00 | 00,192,816 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2008/01/21 03:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2008/10/01 14:01:28 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\Drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
DRV - [2008/01/21 03:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2008/01/21 03:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2008/01/24 03:29:00 | 00,660,480 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_CNXT.sys -- (winachsf [On_Demand | Running])
DRV - [2008/01/24 03:29:00 | 00,043,008 | ---- | M] (Winbond Electronics Corporation) -- C:\Windows\System32\DRIVERS\winbondcir.sys -- (winbondcir [On_Demand | Running])
DRV - [2008/01/24 03:29:00 | 00,008,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.sys -- (XAudio [Auto | Running])
DRV - [2008/01/05 01:15:08 | 00,041,456 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796} [Auto | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/03/02 00:44:06 | 00,000,000 | ---D | M]
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [COMODO Firewall Pro] C:\Program Files\COMODO\Firewall\cfp.exe (COMODO)
O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [heckinternet] C:\ProgramData\sect soap soap.9bm File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [PhilipsDM\SA1916] C:\Program Files\Philips\SA19XX\Philips Device Manager\Bin\LaunchDM.exe (Koninklijke Philips Electronics N.V.)
O4 - HKLM..\Run: [PKR Pal] C:\Program Files\PKR\pkrpal.exe File not found
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PLFSet] C:\Windows\PLFSet.DLL ( )
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [MicrosoftUpdate] C:\Users\Wilma\AppData\Roaming\taskeng.exe ()
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Wilma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Wilma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winsys.exe.lnk = C:\Windows\System32\winsys.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Party-- Look for another playground -- - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\Party-- Look for another playground --\RunApp.exe ()
O9 - Extra 'Tools' menuitem : Party-- Look for another playground -- - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\Party-- Look for another playground --\RunApp.exe ()
O9 - Extra Button: Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\Party** Game for big ones **\RunApp.exe ()
O9 - Extra 'Tools' menuitem : Party** Game for big ones **.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\Party** Game for big ones **\RunApp.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: premierleague.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: top100djs.net ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 2 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.136,85.255.112.145
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - AppInit_DLLs: (nvrtm) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-1391942858-3662076656-424549341-6232\rundll32.exe) - C:\RECYCLER\S-1-5-21-1391942858-3662076656-424549341-6232\.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{b125bd88-6adb-11de-b032-f9925058d96e}\Shell\AutoRun\command - "" = E:\RECYCLER\usbassist.exe -- File not found
O33 - MountPoints2\{b125bd88-6adb-11de-b032-f9925058d96e}\Shell\opEN\CoMmanD - "" = E:\RECYCLER\usbassist.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/08/29 21:23:14 | 00,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/29 21:23:11 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/29 21:23:08 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/08/29 21:23:08 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/08/29 21:23:08 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/29 20:55:33 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/08/29 20:49:02 | 00,000,000 | -H-D | C] -- C:\Users\Wilma\AppData\Local\acer eNM
[2009/08/29 17:17:50 | 00,000,230 | ---- | C] () -- C:\Users\Wilma\Desktop\Gladiator Security Forum - HELP! Think you are Infected.url
[2009/08/29 17:04:20 | 00,050,688 | ---- | C] (Atribune.org) -- C:\Users\Wilma\Desktop\ATF-Cleaner.exe
[2009/08/29 17:04:11 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
[2009/08/29 17:04:00 | 00,838,360 | ---- | C] () -- C:\Users\Wilma\Desktop\SecurityCheck.exe
[2009/08/29 12:26:20 | 00,001,878 | ---- | C] () -- C:\Users\Wilma\Desktop\HijackThis.lnk
[2009/08/29 12:26:15 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/29 12:23:12 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/08/29 12:23:12 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/08/29 12:23:12 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/08/29 12:12:17 | 03,942,048 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Wilma\Desktop\mally.exe
[2009/08/28 21:29:43 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/08/17 19:55:27 | 13,195,7136 | ---- | C] () -- C:\Users\Wilma\Desktop\HannahWild_Electro_Sessions.mp3
[2009/08/13 12:51:48 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2009/08/13 11:02:26 | 00,144,384 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\cooper.mine
[2009/08/12 13:53:01 | 00,055,296 | ---- | C] () -- C:\Users\Wilma\AppData\Roaming\taskeng.exe
[2009/08/12 13:51:16 | 00,000,262 | -H-- | C] () -- C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/08/12 13:50:39 | 00,000,000 | RHSD | C] -- C:\RECYCLER
[2009/08/12 13:15:25 | 21,971,599 | ---- | C] () -- C:\Users\Wilma\Desktop\02-dustin_zahn-stranger_to_stability__len_faki_podium_mix.mp3
[2009/08/06 13:12:58 | 09,199,660 | ---- | C] () -- C:\Users\Wilma\Desktop\GREEN DAY 21 GUNS.wav
[2009/08/06 13:09:45 | 02,568,809 | ---- | C] () -- C:\Users\Wilma\Desktop\catchyoutube_com.mp3
[2009/08/06 12:52:59 | 00,000,000 | ---D | C] -- C:\Users\Wilma\Documents\TubeTilla
[2009/08/06 12:47:30 | 00,000,000 | ---D | C] -- C:\Program Files\TubeTilla
[2009/08/05 14:30:37 | 16,963,036 | ---- | C] () -- C:\Users\Wilma\Desktop\Benny-My_Ten_Points_-_Federico_Milani_Rmx-Whist_Records.mp3
[2009/08/05 13:20:04 | 16,982,811 | ---- | C] () -- C:\Users\Wilma\Desktop\03-rehab-purple_lightsaber_(ahmet_sendil_remix)-(www.4clubbers.pl up by B-Max).mp3
[2009/08/05 13:07:56 | 14,903,483 | ---- | C] () -- C:\Users\Wilma\Desktop\Jorgensen vs BSD - I Don't Care (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/05 13:05:25 | 09,403,723 | ---- | C] () -- C:\Users\Wilma\Desktop\Faithless - God is a DJ (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/05 12:59:34 | 12,821,462 | ---- | C] () -- C:\Users\Wilma\Desktop\Deadmau5 aka BSOD - Game Over (Original Mix)www.4clubbers.pl.mp3
[2009/08/05 12:46:53 | 18,384,048 | ---- | C] () -- C:\Users\Wilma\Desktop\Terry Grant - Chinese Laundry (Sonny Wharton Remix) www.4clubbers.pl.mp3
[2009/08/05 12:40:42 | 15,838,160 | ---- | C] () -- C:\Users\Wilma\Desktop\Incognet-Imagine - Arty Remix [4clubbers.pl].mp3
[2009/04/25 16:02:43 | 00,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2009/04/12 13:09:34 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/01/14 12:31:30 | 00,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008/10/28 22:48:15 | 00,139,008 | ---- | C] () -- C:\Windows\System32\guard32.dll
[2008/10/28 16:25:10 | 00,000,000 | ---- | C] () -- C:\Windows\winfile.ini
[2008/10/16 10:07:36 | 00,001,627 | ---- | C] () -- C:\Windows\System32\Load.ini
[2008/06/29 14:24:32 | 00,311,128 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2008/06/29 14:24:32 | 00,168,960 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/06/29 14:24:31 | 01,526,468 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2008/06/21 10:41:57 | 00,000,030 | ---- | C] () -- C:\Windows\SetPanel.ini
[2008/06/21 10:41:28 | 00,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2008/06/21 10:12:31 | 00,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2008/06/21 10:12:31 | 00,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2008/06/21 09:50:25 | 00,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/04/28 13:55:27 | 00,162,816 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2008/03/13 21:28:22 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008/03/13 19:23:17 | 00,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008/03/13 19:22:37 | 00,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2008/03/13 18:04:11 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/03/13 18:04:11 | 00,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/03/13 18:04:10 | 01,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/03/13 18:04:10 | 01,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/03/13 18:04:02 | 01,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008/03/13 18:04:02 | 00,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll
[2008/03/13 18:03:46 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/02/11 20:55:18 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:23:31 | 00,000,459 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 11:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 23:12:30 | 00,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 06:46:38 | 00,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 23:33:56 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 05:04:36 | 00,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== Files - Modified Within 30 Days ==========
[2009/08/29 21:24:34 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/08/29 21:24:34 | 00,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/08/29 21:24:34 | 00,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/08/29 21:23:14 | 00,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/29 21:16:02 | 00,000,262 | -H-- | M] () -- C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
[2009/08/29 21:16:02 | 00,000,212 | ---- | M] () -- C:\Windows\tasks\PAV.job
[2009/08/29 21:16:01 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 21:16:01 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/08/29 21:15:49 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/08/29 21:15:42 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/08/29 21:15:40 | 21,374,48448 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/29 21:14:51 | 02,863,121 | -H-- | M] () -- C:\Users\Wilma\AppData\Local\IconCache.db
[2009/08/29 17:37:06 | 00,000,230 | ---- | M] () -- C:\Users\Wilma\Desktop\Gladiator Security Forum - HELP! Think you are Infected.url
[2009/08/29 16:50:17 | 00,838,360 | ---- | M] () -- C:\Users\Wilma\Desktop\SecurityCheck.exe
[2009/08/29 16:49:41 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Wilma\Desktop\OTL.exe
[2009/08/29 16:48:54 | 00,050,688 | ---- | M] (Atribune.org) -- C:\Users\Wilma\Desktop\ATF-Cleaner.exe
[2009/08/29 12:26:20 | 00,001,878 | ---- | M] () -- C:\Users\Wilma\Desktop\HijackThis.lnk
[2009/08/29 11:21:58 | 40,257,360 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/08/29 11:21:58 | 00,073,369 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/08/29 11:21:21 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/08/29 11:21:21 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/08/29 11:21:21 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2009/08/28 22:57:27 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/08/21 12:48:00 | 00,000,504 | ---- | M] () -- C:\Users\Wilma\Documents\My Sharing Folders.lnk
[2009/08/17 19:55:33 | 13,195,7136 | ---- | M] () -- C:\Users\Wilma\Desktop\HannahWild_Electro_Sessions.mp3
[2009/08/16 09:04:54 | 03,942,048 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Wilma\Desktop\mally.exe
[2009/08/13 11:02:12 | 00,144,384 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\cooper.mine
[2009/08/12 23:25:25 | 00,297,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/08/12 13:53:00 | 00,055,296 | ---- | M] () -- C:\Users\Wilma\AppData\Roaming\taskeng.exe
[2009/08/12 13:15:30 | 21,971,599 | ---- | M] () -- C:\Users\Wilma\Desktop\02-dustin_zahn-stranger_to_stability__len_faki_podium_mix.mp3
[2009/08/12 12:27:28 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2009/08/11 12:24:34 | 09,403,723 | ---- | M] () -- C:\Users\Wilma\Desktop\Faithless - God is a DJ (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/11 12:18:11 | 14,903,483 | ---- | M] () -- C:\Users\Wilma\Desktop\Jorgensen vs BSD - I Don't Care (Deadmau5 Remix) www.4clubbers.com.pl.mp3
[2009/08/06 19:00:44 | 30,378,2145 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/08/06 13:14:20 | 00,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2009/08/06 13:13:51 | 09,199,660 | ---- | M] () -- C:\Users\Wilma\Desktop\GREEN DAY 21 GUNS.wav
[2009/08/06 13:09:58 | 02,568,809 | ---- | M] () -- C:\Users\Wilma\Desktop\catchyoutube_com.mp3
[2009/08/05 14:30:38 | 16,963,036 | ---- | M] () -- C:\Users\Wilma\Desktop\Benny-My_Ten_Points_-_Federico_Milani_Rmx-Whist_Records.mp3
[2009/08/05 13:20:05 | 16,982,811 | ---- | M] () -- C:\Users\Wilma\Desktop\03-rehab-purple_lightsaber_(ahmet_sendil_remix)-(www.4clubbers.pl up by B-Max).mp3
[2009/08/05 12:59:35 | 12,821,462 | ---- | M] () -- C:\Users\Wilma\Desktop\Deadmau5 aka BSOD - Game Over (Original Mix)www.4clubbers.pl.mp3
[2009/08/05 12:46:55 | 18,384,048 | ---- | M] () -- C:\Users\Wilma\Desktop\Terry Grant - Chinese Laundry (Sonny Wharton Remix) www.4clubbers.pl.mp3
[2009/08/05 12:40:44 | 15,838,160 | ---- | M] () -- C:\Users\Wilma\Desktop\Incognet-Imagine - Arty Remix [4clubbers.pl].mp3
[2009/08/03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/03 13:36:06 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== LOP Check ==========
[2009/08/12 13:53:01 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming
[2009/03/03 18:46:41 | 00,000,000 | -HSD | M] -- C:\Users\Wilma\AppData\Roaming\.#
[2008/11/10 14:40:13 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Ableton
[2008/03/13 18:56:26 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Acer GameZone Console
[2009/06/18 14:00:48 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Ahead
[2009/06/22 17:15:16 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\AVS4YOU
[2009/03/02 11:23:39 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\CyberLink
[2006/11/02 13:37:34 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Media Center Programs
[2008/12/23 10:21:21 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Musicmatch
[2008/12/12 13:14:38 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\NCH Software
[2008/12/11 16:18:21 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\NCH Swift Sound
[2009/01/14 12:39:19 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Samsung
[2009/04/19 21:14:26 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Sports Interactive
[2009/03/15 23:04:08 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\Spotify
[2009/08/12 13:57:30 | 00,000,000 | ---D | M] -- C:\Users\Wilma\AppData\Roaming\uTorrent
[2009/08/29 21:16:02 | 00,000,212 | ---- | M] () -- C:\Windows\Tasks\PAV.job
[2009/08/29 21:15:49 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/08/29 21:14:56 | 00,032,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/08/29 21:16:02 | 00,000,262 | -H-- | M] () -- C:\Windows\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
========== Purity Check ==========
< End of report >
First:
Go ahead and uninstall MBAM for now.
Second:
Note: If necessary, rename combofix.exe to george.exe (or any other random name)
Download ComboFix from one of these locations:
Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Give it at least 20-30 minutes to finish if needed.
Go ahead and uninstall MBAM for now.
Second:
Note: If necessary, rename combofix.exe to george.exe (or any other random name)
Download ComboFix from one of these locations:
Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
- Double click on ComboFix.exe & follow the prompts.
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Give it at least 20-30 minutes to finish if needed.
I uninstalled MBAM
Ran combofix it prompted me for a yes to reboot as it found something in the root ????
When it rebooted all im getting is blank screen with flashing small line in top left hand corner of screen.
It lets me into the F2 menu but wont let me get into safe mode.
Your assistance would be greatly appreciated.
Ran combofix it prompted me for a yes to reboot as it found something in the root ????
When it rebooted all im getting is blank screen with flashing small line in top left hand corner of screen.
It lets me into the F2 menu but wont let me get into safe mode.
Your assistance would be greatly appreciated.
If you power down completely and then start up, can you get into Safe Mode?
lso, did you install the MS Recovery Console?
Its normal for COmbofix to reboot to delete files so that is not unusual. But not starting in normal or safe mode is not usual and this is the first time I have seen this behavior.
lso, did you install the MS Recovery Console?
Its normal for COmbofix to reboot to delete files so that is not unusual. But not starting in normal or safe mode is not usual and this is the first time I have seen this behavior.
Hi,
Nope it wont let me into safe mode at all. I can only get into the f2 menu.
Combofix didnt notify me that MS Recovery Console needed installed so i assumed it was already there.
Nope it wont let me into safe mode at all. I can only get into the f2 menu.
Combofix didnt notify me that MS Recovery Console needed installed so i assumed it was already there.
Do you have a WIndows cd??
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.