View Full Version : Something got me, Not sure what, but have all the classic signs
DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by acer at 18:22:51.20 on Sat 01/01/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3002.1609 [GMT -8:00]
AV: Norton AntiVirus *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
============== Running Processes ===============
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\PLFSetI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe
C:\Program Files (x86)\Lexmark 2600 Series\lxdnMsdMon.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\windows\system32\igfxext.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\windows\system32\lxdncoms.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Clearwire\Connection Manager\ClearwireCM.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Clearwire\Connection Manager\RcAppSvc.exe
C:\Program Files (x86)\Clearwire\Connection Manager\ConAppsSvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\wuauclt.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\17.6.0.32\ccSvcHst.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\17.6.0.32\ccSvcHst.exe
C:\ProgramData\Norton\NUA.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Users\acer\Desktop\dds.scr
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = https://ctx.centurylink.com/Citrix/MetaFrame/auth/login.aspx
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a425l0354z1l5t48k2x849
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a425l0354z1l5t48k2x849
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a425l0354z1l5t48k2x849
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton AntiVirus\Engine\17.6.0.32\IPSBHO.DLL
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Google Update] "C:\Users\acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
uRun: [NortonUpdateAgent] C:\ProgramData\Norton\NUA.exe
mRun: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
mRun: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
mRun: [FaxCenterServer] "C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe" /s
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Clearwire Connection Manager] "C:\Program Files (x86)\Clearwire\Connection Manager\ClearwireCM.exe" -a
StartupFolder: C:\Users\acer\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: RoboForm Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {03A89EFD-E023-A200-A22D-45F77558EB4C} - hxxps://content10.ilinc.com/download/AXCltInstall.dll
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files%20(x86)/Annabel/Images/stg_drm.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files%20(x86)/Agatha%20Christie/Images/armhelper.ocx
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB-X64: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
mRun-x64: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
mRun-x64: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
mRun-x64: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [PLFSetI] C:\windows\PLFSetI.exe
mRun-x64: [IgfxTray] C:\windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\windows\system32\igfxpers.exe
mRun-x64: [lxdnmon.exe] "C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe"
mRun-x64: [lxdnamon] "C:\Program Files (x86)\Lexmark 2600 Series\lxdnamon.exe"
================= FIREFOX ===================
FF - ProfilePath - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/webhp?client=firefox-a&rls=org.mozilla:en-US:official&channel=s&hl=en&source=hp&btnG=Google+Search
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.5.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - component: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\acer\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Users\acer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\acer\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\acer\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: LastPass: support@lastpass.com - %profile%\extensions\support@lastpass.com
FF - Ext: TinEye Reverse Image Search: tineye@ideeinc.com - %profile%\extensions\tineye@ideeinc.com
FF - Ext: Screengrab: {02450954-cdd9-410f-b1da-db804e18c671} - %profile%\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: My-Translator: My-Translator@eugenche.com - %profile%\extensions\My-Translator@eugenche.com
FF - Ext: gTranslate: {aff87fa2-a58e-4edd-b852-0a20203c1e17} - %profile%\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
FF - Ext: Read It Later: isreaditlater@ideashower.com - %profile%\extensions\isreaditlater@ideashower.com
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.5.0.127\IPSFFPlgn
============= SERVICES / DRIVERS ===============
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NAVx64\1106000.020\symds64.sys [2011-1-1 433200]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NAVx64\1106000.020\symefa64.sys [2011-1-1 221232]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.5.0.127\Definitions\BASHDefs\20101123.003\BHDrvx64.sys [2010-11-23 953904]
R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\NAVx64\1106000.020\cchpx64.sys [2011-1-1 615040]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.5.0.127\Definitions\IPSDefs\20101231.001\IDSviA64.sys [2011-1-1 476792]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NAVx64\1106000.020\ironx64.sys [2011-1-1 149552]
R1 SYMTDIV;Symantec Vista Network Dispatch Driver;C:\Windows\System32\drivers\NAVx64\1106000.020\symtdiv.sys [2011-1-1 451120]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-8-21 844320]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-6-4 1150496]
R2 lxdn_device;lxdn_device;C:\windows\system32\lxdncoms.exe -service --> C:\windows\system32\lxdncoms.exe -service [?]
R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-8-6 311592]
R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\17.6.0.32\ccsvchst.exe [2011-1-1 126392]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-11-10 1153368]
R2 SMSI Device Launch Service;Clearwire Device Launch Service;C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe [2009-11-9 107856]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-8-21 240160]
R3 CACLEARWIRE;Clearwire Con App Svc;C:\Program Files (x86)\Clearwire\Connection Manager\ConAppsSvc.exe [2009-11-9 124240]
R3 CLEARWIRERcAppSvc;Clearwire RcAppSvc;C:\Program Files (x86)\Clearwire\Connection Manager\RcAppSvc.exe [2009-11-9 120144]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-8-21 58880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxdnserv.exe [2008-2-27 33960]
S3 bcm;WiMAX Network Adapter;C:\Windows\System32\drivers\drxvi314_64.sys [2009-11-3 318336]
S3 bcmbusctr;WiMAX Bus Driver;C:\Windows\System32\drivers\BcmBusCtr_64.sys [2009-11-3 62976]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432]
S3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;C:\Windows\System32\PCTINDIS5X64.sys [2009-11-9 43032]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-11 1255736]
=============== Created Last 30 ================
2011-01-02 02:03:22 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2011-01-02 00:27:53 -------- d-----w- C:\Users\acer\AppData\Roaming\Tific
2011-01-01 23:34:40 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2011-01-01 12:44:46 -------- d-----w- C:\Users\acer\AppData\Local\ElevatedDiagnostics
2011-01-01 03:49:00 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{618199B6-0807-4A79-AF48-EA8ADE987699}\mpengine.dll
2010-12-29 11:37:47 -------- d-----w- C:\Program Files (x86)\WildTangent Games
2010-12-29 02:50:56 -------- d-----w- C:\Users\acer\AppData\Local\Clearwire
2010-12-29 02:50:55 -------- d-----w- C:\Program Files (x86)\Skyhook Wireless
2010-12-29 02:50:04 -------- d-----w- C:\Program Files (x86)\Common Files\PctelEapPeer Authentication
2010-12-29 02:50:03 -------- d-----w- C:\Program Files (x86)\Clearwire
2010-12-29 02:50:03 -------- d-----w- C:\PROGRA~3\Clearwire
2010-12-22 04:18:52 -------- d-----w- C:\Users\acer\AppData\Roaming\Unity
2010-12-22 03:58:34 -------- d-----w- C:\Users\acer\AppData\Local\Unity
2010-12-20 00:28:35 -------- d-----w- C:\Users\acer\AppData\Roaming\Anabel
2010-12-16 02:23:03 -------- d-----w- C:\Users\acer\AppData\Roaming\Big Fish Games
2010-12-15 11:01:51 -------- d-sh--w- C:\windows\SysWow64\%APPDATA%
2010-12-14 21:54:01 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2010-12-14 21:54:01 2048 ----a-w- C:\windows\System32\tzres.dll
2010-12-13 18:46:14 -------- d-----w- C:\Users\acer\AppData\Roaming\Lexmark Productivity Studio
2010-12-10 08:40:11 -------- d-----w- C:\Users\acer\AppData\Roaming\SpinTop Games
2010-12-09 08:15:47 -------- d-----w- C:\Users\acer\AppData\Local\STARGAZE_IMAGE_CACHE
2010-12-08 00:11:32 -------- d-----w- C:\windows\SysWow64\Adobe
2010-12-07 02:53:41 -------- d-----w- C:\Users\acer\AppData\Roaming\Floodlight Games
2010-12-07 02:53:41 -------- d-----w- C:\PROGRA~3\Floodlight Games
2010-12-06 05:32:15 -------- d-----w- C:\Users\acer\AppData\Roaming\FloodLightGames
2010-12-06 05:32:15 -------- d-----w- C:\PROGRA~3\FloodLightGames
2010-12-06 05:29:52 -------- d-----w- C:\Users\acer\AppData\Roaming\SpinTop
2010-12-03 22:51:06 -------- d-----w- C:\Temp
==================== Find3M ====================
2011-01-02 02:07:52 173104 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS
2010-12-24 22:24:30 472808 ----a-w- C:\windows\SysWow64\deployJava1.dll
2010-11-29 00:29:01 204172 ----a-w- C:\windows\Photo Pos Pro Uninstaller.exe
2010-11-04 06:35:53 1194496 ----a-w- C:\windows\System32\wininet.dll
2010-11-04 06:31:34 57856 ----a-w- C:\windows\System32\licmgr10.dll
2010-11-04 05:52:17 978944 ----a-w- C:\windows\SysWow64\wininet.dll
2010-11-04 05:48:36 44544 ----a-w- C:\windows\SysWow64\licmgr10.dll
2010-11-04 05:16:14 482816 ----a-w- C:\windows\System32\html.iec
2010-11-04 04:41:26 386048 ----a-w- C:\windows\SysWow64\html.iec
2010-11-04 04:35:37 1638912 ----a-w- C:\windows\System32\mshtml.tlb
2010-11-04 04:08:54 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb
2010-11-02 05:18:17 524288 ----a-w- C:\windows\System32\wmicmiplugin.dll
2010-11-02 05:17:38 473600 ----a-w- C:\windows\System32\taskcomp.dll
2010-11-02 05:17:38 1169408 ----a-w- C:\windows\System32\taskschd.dll
2010-11-02 05:16:53 1114624 ----a-w- C:\windows\System32\schedsvc.dll
2010-11-02 05:10:47 464384 ----a-w- C:\windows\System32\taskeng.exe
2010-11-02 05:10:32 285696 ----a-w- C:\windows\System32\schtasks.exe
2010-11-02 04:40:36 496128 ----a-w- C:\windows\SysWow64\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- C:\windows\SysWow64\taskcomp.dll
2010-11-02 04:34:44 192000 ----a-w- C:\windows\SysWow64\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- C:\windows\SysWow64\schtasks.exe
2010-10-20 05:20:01 46080 ----a-w- C:\windows\System32\atmlib.dll
2010-10-20 04:54:18 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2010-10-20 03:09:15 3124224 ----a-w- C:\windows\System32\win32k.sys
2010-10-20 03:05:46 367104 ----a-w- C:\windows\System32\atmfd.dll
2010-10-20 02:58:41 294400 ----a-w- C:\windows\SysWow64\atmfd.dll
2010-10-19 18:41:44 270720 ------w- C:\windows\System32\MpSigStub.exe
2010-10-16 05:23:13 112000 ----a-w- C:\windows\System32\consent.exe
2010-10-16 05:19:41 395776 ----a-w- C:\windows\System32\webio.dll
2010-10-16 04:36:10 314368 ----a-w- C:\windows\SysWow64\webio.dll
============= FINISH: 18:23:56.25 ===============
:snwelcome:
Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.
Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.
When you say you have all the classic signs, what exactly are you experiencing ?
Please download ATF Cleaner (http://www.atribune.org/ccount/click.php?id=1) by Atribune to your desktop.
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.Your system may start up slower after running ATF Cleaner, this is expected but will be back to normal after the first or second boot up
Please note: If you use online banking or are registered online with any other organizations, ensure you have memorized password and other personal information as removing cookies will temporarily disable the auto-login facility.
Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)
Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://i24.photobucket.com/albums/c30/ken545/MBAMCapture.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please
Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
Hello, Thanks for helping me, as for the signs: slow start up, slow browsing.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5469
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
1/6/2011 4:18:36 AM
mbam-log-2011-01-06 (04-18-36).txt
Scan type: Quick scan
Objects scanned: 154355
Time elapsed: 2 minute(s), 35 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I will post The rest in a few minutes
OTL logfile created on: 1/6/2011 4:20:53 AM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\acer\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 220.78 Gb Total Space | 180.85 Gb Free Space | 81.91% Space Free | Partition Type: NTFS
Computer Name: ACER-PC | User Name: acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\acer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\Clearwire\Connection Manager\ClearwireCM.exe (ClearwireCM)
PRC - C:\Program Files (x86)\Clearwire\Connection Manager\RcAppSvc.exe (SmithMicro Inc.)
PRC - C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe ()
PRC - C:\Program Files (x86)\Clearwire\Connection Manager\ConAppsSvc.exe (SmithMicro Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe ()
PRC - C:\Program Files (x86)\Lexmark 2600 Series\lxdnmsdmon.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Windows\PLFSetI.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\acer\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:[b]64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV:64bit: - (lxdn_device) -- C:\windows\SysNative\lxdncoms.exe ( )
SRV:64bit: - (lxdnCATSCustConnectService) -- C:\windows\SysNative\spool\DRIVERS\x64\3\\lxdnserv.exe ()
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (vsmon) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (CLEARWIRERcAppSvc) -- C:\Program Files (x86)\Clearwire\Connection Manager\RcAppSvc.exe (SmithMicro Inc.)
SRV - (SMSI Device Launch Service) -- C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe ()
SRV - (CACLEARWIRE) -- C:\Program Files (x86)\Clearwire\Connection Manager\ConAppsSvc.exe (SmithMicro Inc.)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (NTISchedulerSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)
SRV - (NTIBackupSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (lxdn_device) -- C:\windows\SysWow64\lxdncoms.exe ( )
========== Driver Services (SafeList) ==========
DRV:64bit: - (USBCCID) -- C:\windows\SysNative\DRIVERS\RtsUCcid.sys File not found
DRV:64bit: - (RtsUIR) -- C:\windows\SysNative\DRIVERS\Rts516xIR.sys File not found
DRV:64bit: - (RSUSBSTOR) -- C:\windows\SysNative\Drivers\RtsUStor.sys File not found
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Vsdatant) -- C:\Windows\SysNative\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV:64bit: - (PCTINDIS5X64) -- C:\Windows\SysNative\PCTINDIS5X64.sys (Smith Micro Inc.)
DRV:64bit: - (bcmbusctr) -- C:\Windows\SysNative\drivers\BcmBusCtr_64.sys (Beceem communications pvt ltd.)
DRV:64bit: - (bcm) -- C:\Windows\SysNative\drivers\drxvi314_64.sys (Beceem communications pvt ltd.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (DKbFltr) Dritek Keyboard Filter Driver (64-bit) -- C:\windows\SysWOW64\Drivers\DKbFltr.sys (Dritek System Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a425l0354z1l5t48k2x849
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a425l0354z1l5t48k2x849
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a425l0354z1l5t48k2x849
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a425l0354z1l5t48k2x849
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a425l0354z1l5t48k2x849
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://ctx.centurylink.com/Citrix/MetaFrame/auth/login.aspx
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?client=firefox-a&rls=org.mozilla:en-US:official&channel=s&hl=en&source=hp&btnG=Google+Search"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: My-Translator@eugenche.com:0.2.3
FF - prefs.js..extensions.enabledItems: {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.70.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2011/01/01 23:53:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/01/03 23:58:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/01/03 23:58:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/01/01 12:41:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/01/04 19:08:22 | 000,000,000 | ---D | M]
[2010/11/10 12:41:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\Mozilla\Extensions
[2011/01/05 20:41:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions
[2010/11/10 12:47:02 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/11/27 19:16:29 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010/11/26 18:39:13 | 000,000,000 | ---D | M] (gTranslate) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
[2010/12/23 20:02:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/01/03 04:39:49 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/11/10 12:47:02 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/11/16 21:53:32 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/12/26 13:12:04 | 000,000,000 | ---D | M] (Read It Later) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\isreaditlater@ideashower.com
[2010/11/26 18:39:13 | 000,000,000 | ---D | M] (My-Translator) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\My-Translator@eugenche.com
[2011/01/05 20:41:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\staged-xpis
[2011/01/01 23:19:59 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\support@lastpass.com
[2010/11/10 12:47:01 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\tineye@ideeinc.com
[2010/12/24 14:24:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/24 14:24:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/01/01 23:53:48 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX
[2011/01/03 23:58:20 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011/01/03 23:58:21 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2010/12/24 14:24:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2011/01/01 16:30:19 | 000,443,237 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxdnamon] C:\Program Files (x86)\Lexmark 2600 Series\lxdnamon.exe ()
O4:64bit: - HKLM..\Run: [lxdnmon.exe] C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe ()
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Clearwire Connection Manager] C:\Program Files (x86)\Clearwire\Connection Manager\ClearwireCM.exe (ClearwireCM)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {03A89EFD-E023-A200-A22D-45F77558EB4C} https://content10.ilinc.com/download/AXCltInstall.dll (Reg Error: Key error.)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Annabel/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Agatha%20Christie/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.233.169.12 64.13.115.12
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2e6d5d3c-ef32-11de-b4ef-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Start.exe -- File not found
O33 - MountPoints2\{2e6d5d3c-ef32-11de-b4ef-806e6f6e6963}\Shell\Install\Command - "" = D:\Start.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/01/06 04:14:42 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Malwarebytes
[2011/01/06 04:14:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\acer\Desktop\OTL.exe
[2011/01/06 04:14:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2011/01/06 04:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/01/06 04:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/01/06 04:14:18 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2011/01/06 04:14:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/01/06 04:13:08 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\acer\Desktop\mbam-setup-1.50.1.1100.exe
[2011/01/06 04:12:02 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\acer\Desktop\ATF-Cleaner.exe
[2011/01/05 17:32:20 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Delta
[2011/01/05 17:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delta
[2011/01/05 17:32:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta
[2011/01/05 16:52:50 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\CrashDumps
[2011/01/05 04:02:03 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazing Adventures Special Edition Bundle
[2011/01/05 04:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazing Adventures Special Edition Bundle
[2011/01/04 19:56:58 | 000,000,000 | ---D | C] -- C:\Users\acer\Documents\fceux-2.0.0.win32
[2011/01/04 19:40:58 | 000,000,000 | ---D | C] -- C:\Users\acer\Documents\snes9x-1.52-win32
[2011/01/03 23:58:23 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Local
[2011/01/03 23:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
[2011/01/03 23:40:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AC3Filter
[2011/01/03 23:38:16 | 002,661,254 | ---- | C] (Alexander Vigovsky ) -- C:\Users\acer\Desktop\ac3filter_1_63b.exe
[2011/01/03 19:59:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Robot
[2011/01/02 00:21:42 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/01/01 23:55:37 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\AVG10
[2011/01/01 23:54:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/01/01 23:54:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011/01/01 23:54:07 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\drivers\AVG
[2011/01/01 23:53:45 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/01/01 23:53:45 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\AVG
[2011/01/01 23:53:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2011/01/01 23:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/01/01 23:30:07 | 004,622,344 | ---- | C] (AVG Technologies) -- C:\Users\acer\Desktop\avg_free_stb_all_2011_1191_cnet.exe
[2011/01/01 18:20:35 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2011/01/01 18:16:34 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\acer\Desktop\erunt-setup.exe
[2011/01/01 16:27:53 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Tific
[2011/01/01 15:34:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011/01/01 13:03:08 | 000,000,000 | ---D | C] -- C:\Users\acer\Documents\Symantec
[2011/01/01 04:44:46 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\ElevatedDiagnostics
[2010/12/30 22:50:22 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2010/12/29 19:41:59 | 000,000,000 | ---D | C] -- C:\Users\acer\Desktop\7picturesforyou
[2010/12/29 03:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildTangent Games
[2010/12/28 18:50:56 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\Clearwire
[2010/12/28 18:50:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Skyhook Wireless
[2010/12/28 18:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clearwire
[2010/12/28 18:50:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PctelEapPeer Authentication
[2010/12/28 18:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Clearwire
[2010/12/28 18:50:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Clearwire
[2010/12/24 14:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/12/24 14:24:47 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe
[2010/12/24 14:24:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe
[2010/12/24 14:24:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe
[2010/12/24 14:24:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010/12/21 20:18:52 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Unity
[2010/12/21 19:58:34 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\Unity
[2010/12/19 16:28:35 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Anabel
[2010/12/19 16:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Annabel
[2010/12/15 18:23:03 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Big Fish Games
[2010/12/15 18:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Azada
[2010/12/15 14:09:04 | 000,000,000 | ---D | C] -- C:\Users\acer\Desktop\New folder
[2010/12/15 03:01:51 | 000,000,000 | -HSD | C] -- C:\windows\SysWow64\%APPDATA%
[2010/12/14 13:53:48 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll
[2010/12/14 13:53:48 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmicmiplugin.dll
[2010/12/14 13:53:48 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll
[2010/12/14 13:53:48 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll
[2010/12/14 13:53:48 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe
[2010/12/14 13:53:48 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskcomp.dll
[2010/12/14 13:53:48 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe
[2010/12/14 13:53:48 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schtasks.exe
[2010/12/14 13:53:46 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2010/12/14 13:53:46 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2010/12/14 13:53:46 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2010/12/14 13:53:46 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2010/12/14 13:53:44 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2010/12/14 13:53:44 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2010/12/14 13:53:42 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2010/12/14 13:53:33 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2010/12/14 13:53:32 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeeds.dll
[2010/12/14 13:53:32 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2010/12/14 13:53:32 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2010/12/14 13:53:32 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2010/12/14 13:53:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2010/12/14 13:53:31 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2010/12/14 13:53:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2010/12/14 13:53:30 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2010/12/14 13:53:30 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2010/12/14 13:53:30 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2010/12/14 13:53:30 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2010/12/14 13:53:30 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2010/12/14 13:53:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2010/12/13 10:46:14 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Lexmark Productivity Studio
[2010/12/10 00:40:11 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\SpinTop Games
[2010/12/09 00:15:47 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\STARGAZE_IMAGE_CACHE
[2010/12/09 00:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alabama Smith in Escape from Pompeii
[2010/12/08 04:12:36 | 000,308,304 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys
[2010/12/07 16:11:32 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Adobe
[2010/11/16 13:01:06 | 000,364,544 | ---- | C] ( ) -- C:\windows\SysWow64\lxdninpa.dll
[2010/11/16 13:01:06 | 000,339,968 | ---- | C] ( ) -- C:\windows\SysWow64\lxdniesc.dll
[2010/11/16 13:01:05 | 000,647,168 | ---- | C] ( ) -- C:\windows\SysWow64\lxdnpmui.dll
[2010/11/16 13:01:04 | 000,843,776 | ---- | C] ( ) -- C:\windows\SysWow64\lxdnusb1.dll
[2010/11/16 13:01:03 | 001,101,824 | ---- | C] ( ) -- C:\windows\SysWow64\lxdnserv.dll
[2010/11/16 13:01:03 | 000,569,344 | ---- | C] ( ) -- C:\windows\SysWow64\lxdnlmpm.dll
[2010/11/16 13:01:03 | 000,053,248 | ---- | C] ( ) -- C:\windows\SysWow64\lxdnprox.dll
[2010/11/16 13:01:02 | 000,851,968 | ---- | C] ( ) -- C:\windows\SysWow64\lxdncomc.dll
[2010/11/16 13:01:02 | 000,663,552 | ---- | C] ( ) -- C:\windows\SysWow64\lxdnhbn3.dll
[2010/11/16 13:01:02 | 000,376,832 | ---- | C] ( ) -- C:\windows\SysWow64\lxdncomm.dll
[36 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]
[1 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/01/06 04:14:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\acer\Desktop\OTL.exe
[2011/01/06 04:14:23 | 000,001,097 | ---- | M] () -- C:\Users\acer\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/01/06 04:14:23 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/06 04:13:32 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\acer\Desktop\mbam-setup-1.50.1.1100.exe
[2011/01/06 04:12:02 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\acer\Desktop\ATF-Cleaner.exe
[2011/01/06 04:06:01 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2606953984-242665712-442593332-1000UA.job
[2011/01/05 17:56:33 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/05 17:56:33 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/05 17:52:32 | 103,523,498 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
[2011/01/05 17:48:54 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/01/05 17:48:48 | 2360,848,384 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/05 17:31:34 | 001,755,372 | ---- | M] () -- C:\Users\acer\Desktop\delta201Setup.exe
[2011/01/05 13:06:00 | 000,000,852 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2606953984-242665712-442593332-1000Core.job
[2011/01/05 04:02:03 | 000,001,277 | ---- | M] () -- C:\Users\acer\Desktop\Amazing Adventures Special Edition Bundle.lnk
[2011/01/05 04:02:03 | 000,000,162 | ---- | M] () -- C:\Users\acer\Desktop\More SpinTop Games.url
[2011/01/05 00:37:05 | 000,547,019 | ---- | M] () -- C:\Users\acer\Desktop\data
[2011/01/04 12:58:14 | 000,000,366 | ---- | M] () -- C:\windows\tasks\Driver Robot.job
[2011/01/03 23:58:23 | 000,001,611 | ---- | M] () -- C:\Users\acer\Desktop\DivX Movies.lnk
[2011/01/03 23:40:21 | 002,661,254 | ---- | M] (Alexander Vigovsky ) -- C:\Users\acer\Desktop\ac3filter_1_63b.exe
[2011/01/01 23:54:09 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/01/01 23:54:07 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\drivers\AVG\incavi.avm
[2011/01/01 23:54:07 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/01/01 23:31:04 | 004,622,344 | ---- | M] (AVG Technologies) -- C:\Users\acer\Desktop\avg_free_stb_all_2011_1191_cnet.exe
[2011/01/01 21:22:28 | 000,001,940 | ---- | M] () -- C:\Users\acer\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/01/01 18:16:34 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\acer\Desktop\erunt-setup.exe
[2011/01/01 16:30:19 | 000,443,237 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2010/12/31 05:59:02 | 000,026,196 | ---- | M] () -- C:\Users\acer\Desktop\bookmarks-2010-12-31.json
[2010/12/30 22:56:19 | 000,002,310 | ---- | M] () -- C:\Users\acer\Desktop\Google Chrome.lnk
[2010/12/29 12:20:28 | 000,726,316 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2010/12/29 12:20:28 | 000,624,178 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2010/12/29 12:20:28 | 000,106,522 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2010/12/29 03:38:33 | 000,002,388 | ---- | M] () -- C:\Users\acer\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - acer.lnk
[2010/12/29 03:38:33 | 000,002,356 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - acer.lnk
[2010/12/28 18:50:11 | 000,002,078 | ---- | M] () -- C:\Users\Public\Desktop\CLEAR Connection Manager.lnk
[2010/12/27 23:54:07 | 000,168,738 | ---- | M] () -- C:\Users\acer\Desktop\99prblms
[2010/12/24 14:24:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\deployJava1.dll
[2010/12/24 14:24:30 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe
[2010/12/24 14:24:30 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe
[2010/12/24 14:24:30 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe
[2010/12/23 11:09:10 | 000,428,403 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20110101-055459.backup
[2010/12/22 15:45:54 | 000,315,334 | ---- | M] () -- C:\Users\acer\Desktop\7picturesforyou.zip
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2010/12/20 02:35:04 | 000,083,655 | ---- | M] () -- C:\Users\acer\Desktop\turtle.jpg
[2010/12/20 02:33:21 | 000,519,205 | ---- | M] () -- C:\Users\acer\Desktop\turtle
[2010/12/19 17:31:49 | 000,427,737 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20101223-110910.backup
[2010/12/18 19:06:44 | 000,330,818 | ---- | M] () -- C:\Users\acer\Desktop\ragefix.jpg
[2010/12/15 03:09:26 | 000,343,576 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2010/12/15 03:03:04 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010/12/12 21:58:55 | 000,275,312 | ---- | M] () -- C:\Users\acer\Desktop\rage.jpg
[2010/12/08 21:37:40 | 000,426,993 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20101219-173149.backup
[2010/12/08 04:12:36 | 000,308,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys
[36 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]
[1 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/01/06 04:14:23 | 000,001,097 | ---- | C] () -- C:\Users\acer\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/01/06 04:14:23 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/05 17:52:32 | 103,523,498 | ---- | C] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
[2011/01/05 17:31:22 | 001,755,372 | ---- | C] () -- C:\Users\acer\Desktop\delta201Setup.exe
[2011/01/05 04:02:03 | 000,001,277 | ---- | C] () -- C:\Users\acer\Desktop\Amazing Adventures Special Edition Bundle.lnk
[2011/01/05 00:37:04 | 000,547,019 | ---- | C] () -- C:\Users\acer\Desktop\data
[2011/01/03 23:40:56 | 000,580,096 | ---- | C] () -- C:\windows\SysNative\ac3filter64.acm
[2011/01/03 23:40:56 | 000,497,664 | ---- | C] () -- C:\windows\SysWow64\ac3filter.acm
[2011/01/03 19:59:50 | 000,000,366 | ---- | C] () -- C:\windows\tasks\Driver Robot.job
[2011/01/01 23:54:09 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/01/01 23:54:07 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\drivers\AVG\incavi.avm
[2011/01/01 23:54:07 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/01/01 17:51:56 | 000,001,940 | ---- | C] () -- C:\Users\acer\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/12/31 05:59:02 | 000,026,196 | ---- | C] () -- C:\Users\acer\Desktop\bookmarks-2010-12-31.json
[2010/12/30 22:50:26 | 000,002,310 | ---- | C] () -- C:\Users\acer\Desktop\Google Chrome.lnk
[2010/12/29 03:38:33 | 000,002,388 | ---- | C] () -- C:\Users\acer\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - acer.lnk
[2010/12/29 03:38:32 | 000,002,356 | ---- | C] () -- C:\Users\Public\Desktop\WildTangent Games App - acer.lnk
[2010/12/28 18:50:22 | 000,000,144 | ---- | C] () -- C:\windows\SysNative\drivers\macxvi.cfg
[2010/12/28 18:50:11 | 000,002,078 | ---- | C] () -- C:\Users\Public\Desktop\CLEAR Connection Manager.lnk
[2010/12/27 23:54:04 | 000,168,738 | ---- | C] () -- C:\Users\acer\Desktop\99prblms
[2010/12/22 15:45:54 | 000,315,334 | ---- | C] () -- C:\Users\acer\Desktop\7picturesforyou.zip
[2010/12/20 02:35:02 | 000,083,655 | ---- | C] () -- C:\Users\acer\Desktop\turtle.jpg
[2010/12/20 02:33:18 | 000,519,205 | ---- | C] () -- C:\Users\acer\Desktop\turtle
[2010/12/15 14:26:14 | 000,330,818 | ---- | C] () -- C:\Users\acer\Desktop\ragefix.jpg
[2010/12/12 21:58:53 | 000,275,312 | ---- | C] () -- C:\Users\acer\Desktop\rage.jpg
[2010/11/28 16:30:44 | 000,000,096 | -HS- | C] () -- C:\windows\WSYS049.SYS
[2010/11/21 03:58:59 | 000,007,602 | ---- | C] () -- C:\Users\acer\AppData\Local\Resmon.ResmonCfg
[2010/11/16 13:01:07 | 000,348,160 | ---- | C] () -- C:\windows\SysWow64\LXDNinst.dll
[2010/11/16 13:01:07 | 000,335,872 | ---- | C] () -- C:\windows\SysWow64\lxdncomx.dll
[2010/06/14 06:23:18 | 000,626,688 | ---- | C] () -- C:\windows\Image.dll
[2010/06/14 06:23:18 | 000,000,323 | ---- | C] () -- C:\windows\PidList.ini
[2010/04/06 02:10:15 | 000,225,411 | ---- | C] () -- C:\windows\SysWow64\PosPrKpLib.dll
[2010/04/06 02:10:07 | 000,020,480 | ---- | C] () -- C:\windows\SysWow64\PosTickerLib.dll
[2009/12/22 12:07:06 | 000,007,902 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2007/11/20 16:02:39 | 000,782,336 | ---- | C] () -- C:\windows\SysWow64\lxdndrs.dll
[2007/11/20 15:44:48 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\lxdncaps.dll
[2007/10/02 14:51:09 | 000,069,632 | ---- | C] () -- C:\windows\SysWow64\lxdncnv4.dll
[2005/09/23 03:52:14 | 000,078,848 | ---- | C] () -- C:\windows\SysWow64\OneWay.dll
[2002/06/02 06:05:40 | 000,038,912 | ---- | C] () -- C:\windows\SysWow64\1Way.dll
========== LOP Check ==========
[2010/11/10 13:28:10 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Acer
[2010/12/19 16:28:35 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Anabel
[2011/01/01 23:55:37 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\AVG10
[2010/12/15 18:23:03 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Big Fish Games
[2010/11/11 18:08:39 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\eSobi
[2010/12/06 18:53:41 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Floodlight Games
[2010/12/05 21:32:15 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\FloodLightGames
[2010/11/10 13:40:15 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\ICAClient
[2010/11/10 13:28:09 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Leadertech
[2010/12/13 10:46:14 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Lexmark Productivity Studio
[2011/01/03 23:58:23 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Local
[2010/12/06 17:16:16 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\PlayFirst
[2010/12/05 21:29:52 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\SpinTop
[2011/01/05 04:02:35 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\SpinTop Games
[2011/01/01 16:27:53 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Tific
[2010/12/21 20:18:52 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Unity
[2011/01/04 12:58:14 | 000,000,366 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2009/07/13 21:08:49 | 000,023,996 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:F7DFDC37
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:169621D9
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:CDBFA5BD
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:8ADA53F6
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:F568DD7B
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:9B27D3A9
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:14859C24
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:F4F4A435
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:3325D6E9
< End of report >
OTL Extras logfile created on: 1/6/2011 4:20:53 AM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\acer\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 220.78 Gb Total Space | 180.85 Gb Free Space | 81.91% Space Free | Partition Type: NTFS
Computer Name: ACER-PC | User Name: acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[b]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{077AA014-B568-4FF8-B360-9ACE1A1F4571}" = CLEAR Connection Manager
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{544974E3-D015-401C-900C-E5D137BC930E}" = AVG 2011
"{5DDF6B75-2369-4D52-9867-10EFD8878185}" = AVG 2011
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2011
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Lexmark 2600 Series" = Lexmark 2600 Series
"Lexmark Fax Solutions" = Lexmark Fax Solutions
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3C79DC59-6099-323B-B27B-90B45542B270}" = Google Talk Plugin
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Video Web Camera
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AAF89271-2594-468D-B578-96B2E30C41C4}" = eBay Worldwide
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"AC3Filter_is1" = AC3Filter 1.63b
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazing Adventures Special Edition Bundle" = Amazing Adventures Special Edition Bundle
"DivX Setup.divx.com" = DivX Setup
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Photo Pos Pro" = Photo Pos Pro
"WildTangent acer Master Uninstall" = Acer Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZoneAlarm" = ZoneAlarm
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Connect Add-in" = Adobe Connect Add-in
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/27/2010 3:19:15 PM | Computer Name = acer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/27/2010 3:19:15 PM | Computer Name = acer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/27/2010 3:19:15 PM | Computer Name = acer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/27/2010 3:19:15 PM | Computer Name = acer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/28/2010 11:01:05 AM | Computer Name = acer-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
Error - 12/28/2010 11:02:16 AM | Computer Name = acer-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 12/28/2010 11:02:20 AM | Computer Name = acer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/28/2010 11:02:20 AM | Computer Name = acer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/28/2010 11:02:20 AM | Computer Name = acer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/28/2010 11:02:20 AM | Computer Name = acer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
[ System Events ]
Error - 1/1/2011 9:59:18 PM | Computer Name = acer-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxdnCATSCustConnectService
service to connect.
Error - 1/1/2011 9:59:18 PM | Computer Name = acer-PC | Source = Service Control Manager | ID = 7000
Description = The lxdnCATSCustConnectService service failed to start due to the
following error: %%1053
Error - 1/2/2011 1:05:39 AM | Computer Name = acer-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxdnCATSCustConnectService
service to connect.
Error - 1/2/2011 1:05:39 AM | Computer Name = acer-PC | Source = Service Control Manager | ID = 7000
Description = The lxdnCATSCustConnectService service failed to start due to the
following error: %%1053
Error - 1/2/2011 2:46:21 AM | Computer Name = acer-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxdnCATSCustConnectService
service to connect.
Error - 1/2/2011 2:46:21 AM | Computer Name = acer-PC | Source = Service Control Manager | ID = 7000
Description = The lxdnCATSCustConnectService service failed to start due to the
following error: %%1053
Error - 1/2/2011 3:21:18 AM | Computer Name = acer-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxdnCATSCustConnectService
service to connect.
Error - 1/2/2011 3:21:18 AM | Computer Name = acer-PC | Source = Service Control Manager | ID = 7000
Description = The lxdnCATSCustConnectService service failed to start due to the
following error: %%1053
Error - 1/2/2011 3:26:27 AM | Computer Name = acer-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxdnCATSCustConnectService
service to connect.
Error - 1/2/2011 3:26:27 AM | Computer Name = acer-PC | Source = Service Control Manager | ID = 7000
Description = The lxdnCATSCustConnectService service failed to start due to the
following error: %%1053
< End of report >
Not looking at anything bad on your logs.
Please run this free online virus scanner from ESET (http://www.eset.com/onlinescan/)
Note: You will need to use Internet explorer for this scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is ticked, and the option Scan unwanted applications is checked
Click Scan
Wait for the scan to finish
Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic
I ran ESET abd there was 1 problem that was fixed but It did not create a log file, I even ran it again to see if there was an option I missed but I did not see anything, I tried note pad but found nothing. Also I did not see and option for Scan unwanted applications the only options where delete and scan archives, I did check each of them.
Hi,
Run OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
[2010/12/23 11:09:10 | 000,428,403 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20110101-055459.backup
[2010/12/19 17:31:49 | 000,427,737 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20101223-110910.backup
[2010/12/08 21:37:40 | 000,426,993 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20101219-173149.backup
:Services
:Reg
:Files
:Commands
[purity]
[emptytemp]
[RESETHOSTS]
[start explorer]
[Reboot]
Then click the Run Fix button at the top ( Not Run Scan )
Let the program run unhindered, reboot when it is done
Then post the results of the log if produces.
Run a new scan and post the new log please
Let me know if this helped
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
C:\Windows\SysNative\drivers\etc\hosts.20110101-055459.backup moved successfully.
C:\Windows\SysNative\drivers\etc\hosts.20101223-110910.backup moved successfully.
C:\Windows\SysNative\drivers\etc\hosts.20101219-173149.backup moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: acer
->Temp folder emptied: 8302415 bytes
->Temporary Internet Files folder emptied: 14663900 bytes
->Java cache emptied: 243914 bytes
->FireFox cache emptied: 54892452 bytes
->Google Chrome cache emptied: 33062701 bytes
->Flash cache emptied: 8026541 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 11222016 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3317520 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67630 bytes
RecycleBin emptied: 11464 bytes
Total Files Cleaned = 128.00 mb
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.20.1 log created on 01062011_175117
Files\Folders moved on Reboot...
C:\Users\acer\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\acer\AppData\Local\Temp\~DF4BDB6D35DDB490B0.TMP moved successfully.
File\Folder C:\windows\temp\ZLT01b39.TMP not found!
Registry entries deleted on Reboot...
Run a new scan and post the new log please
Please run this free online virus scanner from ESET (http://www.eset.com/onlinescan/)
Note: You will need to use Internet explorer for this scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is ticked, and the option Scan unwanted applications is checked
Click Scan
Wait for the scan to finish
Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic
It seems to be running smoother, I guess it was just that one problem. Here is the new scan results
OTL logfile created on: 1/6/2011 5:58:05 PM - Run 2
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\acer\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 220.78 Gb Total Space | 181.06 Gb Free Space | 82.01% Space Free | Partition Type: NTFS
Computer Name: ACER-PC | User Name: acer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\acer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\Clearwire\Connection Manager\ClearwireCM.exe (ClearwireCM)
PRC - C:\Program Files (x86)\Clearwire\Connection Manager\RcAppSvc.exe (SmithMicro Inc.)
PRC - C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe ()
PRC - C:\Program Files (x86)\Clearwire\Connection Manager\ConAppsSvc.exe (SmithMicro Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe ()
PRC - C:\Program Files (x86)\Lexmark 2600 Series\lxdnmsdmon.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Windows\PLFSetI.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\acer\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:[b]64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (Updater Service) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV:64bit: - (lxdn_device) -- C:\windows\SysNative\lxdncoms.exe ( )
SRV:64bit: - (lxdnCATSCustConnectService) -- C:\windows\SysNative\spool\DRIVERS\x64\3\\lxdnserv.exe ()
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (vsmon) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (CLEARWIRERcAppSvc) -- C:\Program Files (x86)\Clearwire\Connection Manager\RcAppSvc.exe (SmithMicro Inc.)
SRV - (SMSI Device Launch Service) -- C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe ()
SRV - (CACLEARWIRE) -- C:\Program Files (x86)\Clearwire\Connection Manager\ConAppsSvc.exe (SmithMicro Inc.)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (NTISchedulerSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (NewTech Infosystems, Inc.)
SRV - (NTIBackupSvc) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (lxdn_device) -- C:\windows\SysWow64\lxdncoms.exe ( )
========== Driver Services (SafeList) ==========
DRV:64bit: - (USBCCID) -- C:\windows\SysNative\DRIVERS\RtsUCcid.sys File not found
DRV:64bit: - (RtsUIR) -- C:\windows\SysNative\DRIVERS\Rts516xIR.sys File not found
DRV:64bit: - (RSUSBSTOR) -- C:\windows\SysNative\Drivers\RtsUStor.sys File not found
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Vsdatant) -- C:\Windows\SysNative\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV:64bit: - (PCTINDIS5X64) -- C:\Windows\SysNative\PCTINDIS5X64.sys (Smith Micro Inc.)
DRV:64bit: - (bcmbusctr) -- C:\Windows\SysNative\drivers\BcmBusCtr_64.sys (Beceem communications pvt ltd.)
DRV:64bit: - (bcm) -- C:\Windows\SysNative\drivers\drxvi314_64.sys (Beceem communications pvt ltd.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (DKbFltr) Dritek Keyboard Filter Driver (64-bit) -- C:\windows\SysWOW64\Drivers\DKbFltr.sys (Dritek System Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a425l0354z1l5t48k2x849
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a425l0354z1l5t48k2x849
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a425l0354z1l5t48k2x849
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a425l0354z1l5t48k2x849
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a425l0354z1l5t48k2x849
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://ctx.centurylink.com/Citrix/MetaFrame/auth/login.aspx
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?client=firefox-a&rls=org.mozilla:en-US:official&channel=s&hl=en&source=hp&btnG=Google+Search"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.0
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: My-Translator@eugenche.com:0.2.3
FF - prefs.js..extensions.enabledItems: {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: isreaditlater@ideashower.com:2.1.1
FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.70.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2011/01/01 23:53:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/01/03 23:58:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/01/03 23:58:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/01/01 12:41:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/01/04 19:08:22 | 000,000,000 | ---D | M]
[2010/11/10 12:41:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\Mozilla\Extensions
[2011/01/06 06:28:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions
[2010/11/10 12:47:02 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010/11/27 19:16:29 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010/11/26 18:39:13 | 000,000,000 | ---D | M] (gTranslate) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
[2010/12/23 20:02:42 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/01/03 04:39:49 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010/11/10 12:47:02 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/11/16 21:53:32 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2011/01/06 06:28:52 | 000,000,000 | ---D | M] (Read It Later) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\isreaditlater@ideashower.com
[2010/11/26 18:39:13 | 000,000,000 | ---D | M] (My-Translator) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\My-Translator@eugenche.com
[2011/01/01 23:19:59 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\support@lastpass.com
[2010/11/10 12:47:01 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\dde4ziro.default\extensions\tineye@ideeinc.com
[2010/12/24 14:24:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/24 14:24:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/01/01 23:53:48 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX
[2011/01/03 23:58:20 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011/01/03 23:58:21 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2010/12/24 14:24:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2011/01/06 17:52:14 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxdnamon] C:\Program Files (x86)\Lexmark 2600 Series\lxdnamon.exe ()
O4:64bit: - HKLM..\Run: [lxdnmon.exe] C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe ()
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Clearwire Connection Manager] C:\Program Files (x86)\Clearwire\Connection Manager\ClearwireCM.exe (ClearwireCM)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {03A89EFD-E023-A200-A22D-45F77558EB4C} https://content10.ilinc.com/download/AXCltInstall.dll (Reg Error: Key error.)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Annabel/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Agatha%20Christie/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.233.169.12 64.13.115.12
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2e6d5d3c-ef32-11de-b4ef-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Start.exe -- File not found
O33 - MountPoints2\{2e6d5d3c-ef32-11de-b4ef-806e6f6e6963}\Shell\Install\Command - "" = D:\Start.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/01/06 17:51:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/01/06 04:14:42 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Malwarebytes
[2011/01/06 04:14:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\acer\Desktop\OTL.exe
[2011/01/06 04:14:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2011/01/06 04:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/01/06 04:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/01/06 04:14:18 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2011/01/06 04:14:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/01/06 04:13:08 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\acer\Desktop\mbam-setup-1.50.1.1100.exe
[2011/01/06 04:12:02 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\acer\Desktop\ATF-Cleaner.exe
[2011/01/05 17:32:20 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Delta
[2011/01/05 17:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delta
[2011/01/05 17:32:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta
[2011/01/05 16:52:50 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\CrashDumps
[2011/01/05 04:02:03 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazing Adventures Special Edition Bundle
[2011/01/05 04:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazing Adventures Special Edition Bundle
[2011/01/04 19:56:58 | 000,000,000 | ---D | C] -- C:\Users\acer\Documents\fceux-2.0.0.win32
[2011/01/04 19:40:58 | 000,000,000 | ---D | C] -- C:\Users\acer\Documents\snes9x-1.52-win32
[2011/01/03 23:58:23 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Local
[2011/01/03 23:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
[2011/01/03 23:40:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AC3Filter
[2011/01/03 23:38:16 | 002,661,254 | ---- | C] (Alexander Vigovsky ) -- C:\Users\acer\Desktop\ac3filter_1_63b.exe
[2011/01/03 19:59:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Robot
[2011/01/02 00:21:42 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/01/01 23:55:37 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\AVG10
[2011/01/01 23:54:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/01/01 23:54:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011/01/01 23:54:07 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\drivers\AVG
[2011/01/01 23:53:45 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011/01/01 23:53:45 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\AVG
[2011/01/01 23:53:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2011/01/01 23:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/01/01 23:30:07 | 004,622,344 | ---- | C] (AVG Technologies) -- C:\Users\acer\Desktop\avg_free_stb_all_2011_1191_cnet.exe
[2011/01/01 18:20:35 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2011/01/01 18:16:34 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\acer\Desktop\erunt-setup.exe
[2011/01/01 16:27:53 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Tific
[2011/01/01 15:34:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011/01/01 13:03:08 | 000,000,000 | ---D | C] -- C:\Users\acer\Documents\Symantec
[2011/01/01 04:44:46 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\ElevatedDiagnostics
[2010/12/30 22:50:22 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2010/12/29 19:41:59 | 000,000,000 | ---D | C] -- C:\Users\acer\Desktop\7picturesforyou
[2010/12/29 03:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WildTangent Games
[2010/12/28 18:50:56 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\Clearwire
[2010/12/28 18:50:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Skyhook Wireless
[2010/12/28 18:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clearwire
[2010/12/28 18:50:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PctelEapPeer Authentication
[2010/12/28 18:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Clearwire
[2010/12/28 18:50:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Clearwire
[2010/12/24 14:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/12/24 14:24:47 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe
[2010/12/24 14:24:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe
[2010/12/24 14:24:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe
[2010/12/24 14:24:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010/12/21 20:18:52 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Unity
[2010/12/21 19:58:34 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\Unity
[2010/12/19 16:28:35 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Anabel
[2010/12/19 16:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Annabel
[2010/12/15 18:23:03 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Big Fish Games
[2010/12/15 18:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Azada
[2010/12/15 14:09:04 | 000,000,000 | ---D | C] -- C:\Users\acer\Desktop\New folder
[2010/12/15 03:01:51 | 000,000,000 | -HSD | C] -- C:\windows\SysWow64\%APPDATA%
[2010/12/14 13:53:48 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll
[2010/12/14 13:53:48 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmicmiplugin.dll
[2010/12/14 13:53:48 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll
[2010/12/14 13:53:48 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll
[2010/12/14 13:53:48 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe
[2010/12/14 13:53:48 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskcomp.dll
[2010/12/14 13:53:48 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe
[2010/12/14 13:53:48 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schtasks.exe
[2010/12/14 13:53:46 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2010/12/14 13:53:46 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2010/12/14 13:53:46 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2010/12/14 13:53:46 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2010/12/14 13:53:44 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2010/12/14 13:53:44 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2010/12/14 13:53:42 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2010/12/14 13:53:33 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2010/12/14 13:53:32 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeeds.dll
[2010/12/14 13:53:32 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2010/12/14 13:53:32 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2010/12/14 13:53:32 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2010/12/14 13:53:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2010/12/14 13:53:31 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2010/12/14 13:53:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2010/12/14 13:53:30 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2010/12/14 13:53:30 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2010/12/14 13:53:30 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2010/12/14 13:53:30 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2010/12/14 13:53:30 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2010/12/14 13:53:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2010/12/13 10:46:14 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\Lexmark Productivity Studio
[2010/12/10 00:40:11 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Roaming\SpinTop Games
[2010/12/09 00:15:47 | 000,000,000 | ---D | C] -- C:\Users\acer\AppData\Local\STARGAZE_IMAGE_CACHE
[2010/12/09 00:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alabama Smith in Escape from Pompeii
[2010/12/08 04:12:36 | 000,308,304 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys
[2010/11/16 13:01:06 | 000,364,544 | ---- | C] ( ) -- C:\windows\SysWow64\lxdninpa.dll
[2010/11/16 13:01:06 | 000,339,968 | ---- | C] ( ) -- C:\windows\SysWow64\lxdniesc.dll
[2010/11/16 13:01:05 | 000,647,168 | ---- | C] ( ) -- C:\windows\SysWow64\lxdnpmui.dll
[2010/11/16 13:01:04 | 000,843,776 | ---- | C] ( ) -- C:\windows\SysWow64\lxdnusb1.dll
[2010/11/16 13:01:03 | 001,101,824 | ---- | C] ( ) -- C:\windows\SysWow64\lxdnserv.dll
[2010/11/16 13:01:03 | 000,569,344 | ---- | C] ( ) -- C:\windows\SysWow64\lxdnlmpm.dll
[2010/11/16 13:01:03 | 000,053,248 | ---- | C] ( ) -- C:\windows\SysWow64\lxdnprox.dll
[2010/11/16 13:01:02 | 000,851,968 | ---- | C] ( ) -- C:\windows\SysWow64\lxdncomc.dll
[2010/11/16 13:01:02 | 000,663,552 | ---- | C] ( ) -- C:\windows\SysWow64\lxdnhbn3.dll
[2010/11/16 13:01:02 | 000,376,832 | ---- | C] ( ) -- C:\windows\SysWow64\lxdncomm.dll
[1 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/01/06 18:01:21 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/06 18:01:21 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/06 17:53:16 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/01/06 17:53:06 | 2360,848,384 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/06 17:52:14 | 000,000,098 | ---- | M] () -- C:\windows\SysNative\drivers\etc\Hosts
[2011/01/06 17:13:51 | 103,631,880 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
[2011/01/06 17:06:00 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2606953984-242665712-442593332-1000UA.job
[2011/01/06 13:06:00 | 000,000,852 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2606953984-242665712-442593332-1000Core.job
[2011/01/06 06:35:47 | 000,529,265 | ---- | M] () -- C:\Users\acer\Desktop\epsxe170.zip
[2011/01/06 04:14:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\acer\Desktop\OTL.exe
[2011/01/06 04:14:23 | 000,001,097 | ---- | M] () -- C:\Users\acer\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/01/06 04:14:23 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/06 04:13:32 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\acer\Desktop\mbam-setup-1.50.1.1100.exe
[2011/01/06 04:12:02 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\acer\Desktop\ATF-Cleaner.exe
[2011/01/05 17:31:34 | 001,755,372 | ---- | M] () -- C:\Users\acer\Desktop\delta201Setup.exe
[2011/01/05 04:02:03 | 000,001,277 | ---- | M] () -- C:\Users\acer\Desktop\Amazing Adventures Special Edition Bundle.lnk
[2011/01/05 04:02:03 | 000,000,162 | ---- | M] () -- C:\Users\acer\Desktop\More SpinTop Games.url
[2011/01/05 00:37:05 | 000,547,019 | ---- | M] () -- C:\Users\acer\Desktop\data
[2011/01/04 12:58:14 | 000,000,366 | ---- | M] () -- C:\windows\tasks\Driver Robot.job
[2011/01/03 23:58:23 | 000,001,611 | ---- | M] () -- C:\Users\acer\Desktop\DivX Movies.lnk
[2011/01/03 23:40:21 | 002,661,254 | ---- | M] (Alexander Vigovsky ) -- C:\Users\acer\Desktop\ac3filter_1_63b.exe
[2011/01/01 23:54:09 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/01/01 23:54:07 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\drivers\AVG\incavi.avm
[2011/01/01 23:54:07 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/01/01 23:31:04 | 004,622,344 | ---- | M] (AVG Technologies) -- C:\Users\acer\Desktop\avg_free_stb_all_2011_1191_cnet.exe
[2011/01/01 21:22:28 | 000,001,940 | ---- | M] () -- C:\Users\acer\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/01/01 18:16:34 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\acer\Desktop\erunt-setup.exe
[2010/12/31 05:59:02 | 000,026,196 | ---- | M] () -- C:\Users\acer\Desktop\bookmarks-2010-12-31.json
[2010/12/30 22:56:19 | 000,002,310 | ---- | M] () -- C:\Users\acer\Desktop\Google Chrome.lnk
[2010/12/29 12:20:28 | 000,726,316 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2010/12/29 12:20:28 | 000,624,178 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2010/12/29 12:20:28 | 000,106,522 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2010/12/29 03:38:33 | 000,002,388 | ---- | M] () -- C:\Users\acer\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - acer.lnk
[2010/12/29 03:38:33 | 000,002,356 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - acer.lnk
[2010/12/28 18:50:11 | 000,002,078 | ---- | M] () -- C:\Users\Public\Desktop\CLEAR Connection Manager.lnk
[2010/12/27 23:54:07 | 000,168,738 | ---- | M] () -- C:\Users\acer\Desktop\99prblms
[2010/12/24 14:24:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\deployJava1.dll
[2010/12/24 14:24:30 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe
[2010/12/24 14:24:30 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe
[2010/12/24 14:24:30 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe
[2010/12/22 15:45:54 | 000,315,334 | ---- | M] () -- C:\Users\acer\Desktop\7picturesforyou.zip
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2010/12/20 02:35:04 | 000,083,655 | ---- | M] () -- C:\Users\acer\Desktop\turtle.jpg
[2010/12/20 02:33:21 | 000,519,205 | ---- | M] () -- C:\Users\acer\Desktop\turtle
[2010/12/18 19:06:44 | 000,330,818 | ---- | M] () -- C:\Users\acer\Desktop\ragefix.jpg
[2010/12/15 03:09:26 | 000,343,576 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2010/12/15 03:03:04 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Works.lnk
[2010/12/12 21:58:55 | 000,275,312 | ---- | M] () -- C:\Users\acer\Desktop\rage.jpg
[2010/12/08 04:12:36 | 000,308,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys
[1 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/01/06 17:13:51 | 103,631,880 | ---- | C] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
[2011/01/06 06:35:45 | 000,529,265 | ---- | C] () -- C:\Users\acer\Desktop\epsxe170.zip
[2011/01/06 04:14:23 | 000,001,097 | ---- | C] () -- C:\Users\acer\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/01/06 04:14:23 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/05 17:31:22 | 001,755,372 | ---- | C] () -- C:\Users\acer\Desktop\delta201Setup.exe
[2011/01/05 04:02:03 | 000,001,277 | ---- | C] () -- C:\Users\acer\Desktop\Amazing Adventures Special Edition Bundle.lnk
[2011/01/05 00:37:04 | 000,547,019 | ---- | C] () -- C:\Users\acer\Desktop\data
[2011/01/03 23:40:56 | 000,580,096 | ---- | C] () -- C:\windows\SysNative\ac3filter64.acm
[2011/01/03 23:40:56 | 000,497,664 | ---- | C] () -- C:\windows\SysWow64\ac3filter.acm
[2011/01/03 19:59:50 | 000,000,366 | ---- | C] () -- C:\windows\tasks\Driver Robot.job
[2011/01/01 23:54:09 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/01/01 23:54:07 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\drivers\AVG\incavi.avm
[2011/01/01 23:54:07 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/01/01 17:51:56 | 000,001,940 | ---- | C] () -- C:\Users\acer\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/12/31 05:59:02 | 000,026,196 | ---- | C] () -- C:\Users\acer\Desktop\bookmarks-2010-12-31.json
[2010/12/30 22:50:26 | 000,002,310 | ---- | C] () -- C:\Users\acer\Desktop\Google Chrome.lnk
[2010/12/29 03:38:33 | 000,002,388 | ---- | C] () -- C:\Users\acer\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - acer.lnk
[2010/12/29 03:38:32 | 000,002,356 | ---- | C] () -- C:\Users\Public\Desktop\WildTangent Games App - acer.lnk
[2010/12/28 18:50:22 | 000,000,144 | ---- | C] () -- C:\windows\SysNative\drivers\macxvi.cfg
[2010/12/28 18:50:11 | 000,002,078 | ---- | C] () -- C:\Users\Public\Desktop\CLEAR Connection Manager.lnk
[2010/12/27 23:54:04 | 000,168,738 | ---- | C] () -- C:\Users\acer\Desktop\99prblms
[2010/12/22 15:45:54 | 000,315,334 | ---- | C] () -- C:\Users\acer\Desktop\7picturesforyou.zip
[2010/12/20 02:35:02 | 000,083,655 | ---- | C] () -- C:\Users\acer\Desktop\turtle.jpg
[2010/12/20 02:33:18 | 000,519,205 | ---- | C] () -- C:\Users\acer\Desktop\turtle
[2010/12/15 14:26:14 | 000,330,818 | ---- | C] () -- C:\Users\acer\Desktop\ragefix.jpg
[2010/12/12 21:58:53 | 000,275,312 | ---- | C] () -- C:\Users\acer\Desktop\rage.jpg
[2010/11/28 16:30:44 | 000,000,096 | -HS- | C] () -- C:\windows\WSYS049.SYS
[2010/11/21 03:58:59 | 000,007,602 | ---- | C] () -- C:\Users\acer\AppData\Local\Resmon.ResmonCfg
[2010/11/16 13:01:07 | 000,348,160 | ---- | C] () -- C:\windows\SysWow64\LXDNinst.dll
[2010/11/16 13:01:07 | 000,335,872 | ---- | C] () -- C:\windows\SysWow64\lxdncomx.dll
[2010/06/14 06:23:18 | 000,626,688 | ---- | C] () -- C:\windows\Image.dll
[2010/06/14 06:23:18 | 000,000,323 | ---- | C] () -- C:\windows\PidList.ini
[2010/04/06 02:10:15 | 000,225,411 | ---- | C] () -- C:\windows\SysWow64\PosPrKpLib.dll
[2010/04/06 02:10:07 | 000,020,480 | ---- | C] () -- C:\windows\SysWow64\PosTickerLib.dll
[2009/12/22 12:07:06 | 000,007,902 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2007/11/20 16:02:39 | 000,782,336 | ---- | C] () -- C:\windows\SysWow64\lxdndrs.dll
[2007/11/20 15:44:48 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\lxdncaps.dll
[2007/10/02 14:51:09 | 000,069,632 | ---- | C] () -- C:\windows\SysWow64\lxdncnv4.dll
[2005/09/23 03:52:14 | 000,078,848 | ---- | C] () -- C:\windows\SysWow64\OneWay.dll
[2002/06/02 06:05:40 | 000,038,912 | ---- | C] () -- C:\windows\SysWow64\1Way.dll
========== LOP Check ==========
[2010/11/10 13:28:10 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Acer
[2010/12/19 16:28:35 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Anabel
[2011/01/01 23:55:37 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\AVG10
[2010/12/15 18:23:03 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Big Fish Games
[2010/11/11 18:08:39 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\eSobi
[2010/12/06 18:53:41 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Floodlight Games
[2010/12/05 21:32:15 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\FloodLightGames
[2010/11/10 13:40:15 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\ICAClient
[2010/11/10 13:28:09 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Leadertech
[2010/12/13 10:46:14 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Lexmark Productivity Studio
[2011/01/03 23:58:23 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Local
[2010/12/06 17:16:16 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\PlayFirst
[2010/12/05 21:29:52 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\SpinTop
[2011/01/05 04:02:35 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\SpinTop Games
[2011/01/01 16:27:53 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Tific
[2010/12/21 20:18:52 | 000,000,000 | ---D | M] -- C:\Users\acer\AppData\Roaming\Unity
[2011/01/04 12:58:14 | 000,000,366 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2009/07/13 21:08:49 | 000,024,742 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:F7DFDC37
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:169621D9
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:CDBFA5BD
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:8ADA53F6
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:F568DD7B
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:9B27D3A9
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:14859C24
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:F4F4A435
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:3325D6E9
< End of report >
Looking Good,
Open OTL and click on Cleanup and it will remove the tools we used to clean your system.
How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore (http://www.bleepingcomputer.com/tutorials/tutorial56.html) <-- Do this first to prevent yourself from being reinfected.
WhattheTech (http://forums.whatthetech.com/So_how_did_I_get_infected_in_the_first_place_t57817.html)
Grinler BleepingComputer (http://www.bleepingcomputer.com/forums/topic2520.html)
GeeksTo Go (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Dslreports (http://www.dslreports.com/faq/10002)
Safe Surfn
Ken
OK, Done. Thank You for your help.
Your very welcome,
Take care,
Ken :)
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.