Jump to content

Recommended Posts

Please help my dads computer was recently infected with trojans.

I've manged to remove them but i think its left something behind malwarebytes comes back as no malware found but i'm getting redireced when i use google to various other sites.

Malwarebytes protection module keeps popping up that these i.p's have been blocked:

IP-BLOCK 188.40.164.210

22:07:51 Gerald IP-BLOCK 188.40.164.210

22:08:01 Gerald IP-BLOCK 188.40.164.210

22:08:21 Gerald IP-BLOCK 188.40.164.211

22:08:21 Gerald IP-BLOCK 188.40.164.211

22:08:31 Gerald IP-BLOCK 188.40.164.211

22:09:01 Gerald IP-BLOCK 91.212.226.33

22:09:01 Gerald IP-BLOCK 91.212.226.33

22:09:12 Gerald IP-BLOCK 91.212.226.33

22:09:22 Gerald IP-BLOCK 91.212.226.33

22:09:32 Gerald IP-BLOCK 91.212.226.33

22:09:32 Gerald IP-BLOCK 188.40.164.210

22:09:32 Gerald IP-BLOCK 188.40.164.210

22:09:32 Gerald IP-BLOCK 91.212.226.33

22:09:42 Gerald IP-BLOCK 188.40.164.210

22:09:52 Gerald IP-BLOCK 188.40.164.211

22:09:52 Gerald IP-BLOCK 188.40.164.211

22:10:02 Gerald IP-BLOCK 188.40.164.211

22:11:33 Gerald IP-BLOCK 94.228.209.171

22:11:33 Gerald IP-BLOCK 94.228.209.171

22:11:43 Gerald IP-BLOCK 94.228.209.171

22:14:43 Gerald IP-BLOCK 91.212.226.33

22:14:53 Gerald IP-BLOCK 91.212.226.33

22:14:53 Gerald IP-BLOCK 91.212.226.33

22:15:03 Gerald IP-BLOCK 91.212.226.33

22:15:13 Gerald IP-BLOCK 91.212.226.33

22:15:13 Gerald IP-BLOCK 91.212.226.33

22:16:14 Gerald IP-BLOCK 188.40.164.210

22:16:14 Gerald IP-BLOCK 188.40.164.210

22:16:24 Gerald IP-BLOCK 188.40.164.210

22:16:34 Gerald IP-BLOCK 188.40.164.211

22:16:34 Gerald IP-BLOCK 188.40.164.211

22:16:44 Gerald IP-BLOCK 188.40.164.211

22:20:25 Gerald IP-BLOCK 91.212.226.33

22:20:35 Gerald IP-BLOCK 91.212.226.33

22:20:35 Gerald IP-BLOCK 91.212.226.33

22:20:45 Gerald IP-BLOCK 91.212.226.33

22:20:55 Gerald IP-BLOCK 91.212.226.33

22:20:55 Gerald IP-BLOCK 91.212.226.33

22:22:46 Gerald IP-BLOCK 94.228.209.171

22:22:56 Gerald IP-BLOCK 94.228.209.171

22:22:56 Gerald IP-BLOCK 94.228.209.171

22:26:07 Gerald IP-BLOCK 91.212.226.33

22:26:17 Gerald IP-BLOCK 91.212.226.33

22:26:17 Gerald IP-BLOCK 91.212.226.33

22:26:37 Gerald IP-BLOCK 91.212.226.33

22:26:37 Gerald IP-BLOCK 91.212.226.33

22:26:37 Gerald IP-BLOCK 91.212.226.33

22:31:58 Gerald IP-BLOCK 91.212.226.33

22:31:58 Gerald IP-BLOCK 91.212.226.33

22:31:58 Gerald IP-BLOCK 91.212.226.33

22:32:18 Gerald IP-BLOCK 91.212.226.33

22:32:18 Gerald IP-BLOCK 91.212.226.33

22:32:18 Gerald IP-BLOCK 91.212.226.33

please help ive tried everything i'm a novice at this so the simpler the instructions the better.

thanks in advance

mick

Link to post
Share on other sites

Here are my OTL results i think the problem is similar to the redirect issues been suffered by other members.

OTL logfile created on: 15/02/2010 11:30:16 - Run 1

OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\Gerald\Desktop

Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free

6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 139.15 Gb Total Space | 94.99 Gb Free Space | 68.27% Space Free | Partition Type: NTFS

Drive D: | 142.94 Gb Total Space | 130.98 Gb Free Space | 91.63% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: GERALD-PC-HOME

Current User Name: Gerald

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Gerald\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe (Symantec Corporation)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)

PRC - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)

PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)

PRC - C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)

PRC - C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe (Nokia)

PRC - C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe ()

PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)

PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()

PRC - C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()

PRC - C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe ()

PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)

PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)

PRC - C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()

PRC - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)

PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)

PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()

PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()

PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)

PRC - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe ()

PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)

PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

PRC - C:\BHROOT\BIN\DBMANG.EXE (Bell & Howell)

PRC - C:\BHROOT\BIN\PORTMAP.EXE (Bell & Howell)

PRC - C:\BHROOT\BIN\NT611SVC.EXE (Bell& Howell)

PRC - C:\BHROOT\BIN\MONITOR.EXE (Bell & Howell)

PRC - C:\Program Files\cosids\bin\tbmux32.exe (TransAction Software, D 81737 Munich)

========== Modules (SafeList) ==========

MOD - C:\Users\Gerald\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)

MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)

MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (N360) -- C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe (Symantec Corporation)

SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()

SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)

SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)

SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)

SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)

SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)

SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)

SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)

SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)

SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)

SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)

SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)

SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)

SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)

SRV - (gupdate1c9e7a49d6cbc4e) Google Update Service (gupdate1c9e7a49d6cbc4e) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)

SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)

SRV - (odserv) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)

SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)

SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)

SRV - (RichVideo) Cyberlink RichVideo Service(CRVS) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()

SRV - (Acer HomeMedia Connect Service) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)

SRV - (NTIBackupSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)

SRV - (NTISchedulerSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()

SRV - (BUNAgentSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)

SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)

SRV - (LightScribeService) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (dbmang) -- C:\BHROOT\BIN\DBMANG.EXE (Bell & Howell)

SRV - (portmapper) -- C:\BHROOT\BIN\PORTMAP.EXE (Bell & Howell)

SRV - (bh611) -- C:\BHROOT\BIN\NT611SVC.EXE (Bell& Howell)

SRV - (BHMonitorService) -- C:\BHROOT\BIN\MONITOR.EXE (Bell & Howell)

SRV - (COSIDS_TB) -- C:\Program Files\cosids\bin\tbmux32.exe (TransAction Software, D 81737 Munich)

SRV - (SuperProServer) -- C:\Windows\System32\spnsrvnt.exe (Rainbow Technologies)

SRV - (TIS 2000 Apache Web Server) -- C:\Program Files\cosids\Apache Group\Apache\ApchT2kW.exe ()

========== Driver Services (SafeList) ==========

DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)

DRV - (ccHP) -- C:\Windows\System32\Drivers\N360\0308000.029\ccHPx86.sys (Symantec Corporation)

DRV - (SymEFA) -- C:\Windows\system32\drivers\N360\0308000.029\SYMEFA.SYS (Symantec Corporation)

DRV - (SRTSP) -- C:\Windows\System32\Drivers\N360\0308000.029\SRTSP.SYS (Symantec Corporation)

DRV - (BHDrvx86) -- C:\Windows\System32\Drivers\N360\0308000.029\BHDrvx86.sys (Symantec Corporation)

DRV - (SYMTDI) -- C:\Windows\System32\Drivers\N360\0308000.029\SYMTDI.SYS (Symantec Corporation)

DRV - (SYMFW) -- C:\Windows\System32\Drivers\N360\0308000.029\SYMFW.SYS (Symantec Corporation)

DRV - (SYMNDISV) -- C:\Windows\System32\Drivers\N360\0308000.029\SYMNDISV.SYS (Symantec Corporation)

DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\N360\0308000.029\SRTSPX.SYS (Symantec Corporation)

DRV - (GEARAspiWDM) -- C:\Windows\System32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV - (SymIM) -- C:\Windows\System32\drivers\SymIMV.sys (Symantec Corporation)

DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100214.021\NAVEX15.SYS (Symantec Corporation)

DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100214.021\NAVENG.SYS (Symantec Corporation)

DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)

DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100210.001\IDSvix86.sys (Symantec Corporation)

DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)

DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)

DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)

DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)

DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)

DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)

DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)

DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)

DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)

DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)

DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)

DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)

DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)

DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)

DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)

DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)

DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)

DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)

DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)

DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)

DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)

DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)

DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)

DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)

DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)

DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)

DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)

DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)

DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)

DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)

DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)

DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)

DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)

DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)

DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)

DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)

DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)

DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)

DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)

DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)

DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)

DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)

DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)

DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)

DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)

DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)

DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)

DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)

DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)

DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)

DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)

DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)

DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)

DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)

DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)

DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)

DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)

DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)

DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)

DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)

DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)

DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)

DRV - (VBoxUSBMon) -- C:\Windows\System32\drivers\VBoxUSBMon.sys (Sun Microsystems, Inc.)

DRV - (VBoxDrv) -- C:\Windows\System32\drivers\VBoxDrv.sys ()

DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)

DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)

DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)

DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)

DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)

DRV - (tvicport) -- C:\Windows\System32\drivers\TVicPort.sys (EnTech Taiwan)

DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio)

DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)

DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)

DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)

DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)

DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...;m=aspire_x1700

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://o2.co.uk/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 04 3B 4B 54 AB CA 01 [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/11/27 15:18:08 | 000,000,000 | ---D | M]

[2009/11/27 15:24:48 | 000,000,000 | ---D | M] -- C:\Users\Gerald\AppData\Roaming\Mozilla\Extensions

[2009/08/18 10:12:34 | 000,000,000 | ---D | M] -- C:\Users\Gerald\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com

O1 HOSTS File: ([2010/02/11 19:11:13 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [bkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()

O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)

O4 - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Lau File not found

O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)

O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)

O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)

O4 - HKCU..\Run: [] File not found

O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)

O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)

O4 - HKCU..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)

O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0...heckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {4E62C4DE-627D-4604-B157-4B7D6B09F02E} https://moneymanager.egg.com/Pinsafe/accounttracking.cab (Egg Money Manager Digital Safe)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3.1/...all-131-win.cab (Java Plug-in 1.3.1)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img33.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img33.jpg

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 21:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{b5440e8f-58c3-11db-b4d0-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{b5440e8f-58c3-11db-b4d0-806e6f6e6963}\Shell\AutoRun\command - "" = F:\SmartAccess\bcont.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] -- "%1" %*

O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/02/15 11:27:45 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Users\Gerald\Desktop\OTL.exe

[2010/02/15 09:37:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2010/02/14 19:00:48 | 000,000,000 | ---D | C] -- C:\Users\Gerald\AppData\Local\Symantec

[2010/02/14 17:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec

[2010/02/13 20:24:25 | 000,217,136 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symtdi.sys

[2010/02/13 20:24:25 | 000,048,688 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symndisv.sys

[2010/02/13 20:24:25 | 000,036,400 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symndis.sys

[2010/02/13 20:24:25 | 000,033,072 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symids.sys

[2010/02/13 20:24:24 | 000,482,432 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\cchpx86.sys

[2010/02/13 20:24:24 | 000,310,320 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\SymEFA.sys

[2010/02/13 20:24:24 | 000,308,272 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\srtsp.sys

[2010/02/13 20:24:24 | 000,259,632 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\BHDrvx86.sys

[2010/02/13 20:24:24 | 000,089,904 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symfw.sys

[2010/02/13 20:24:24 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\srtspx.sys

[2010/02/13 20:23:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0308000.029

[2010/02/13 18:45:09 | 000,000,000 | ---D | C] -- C:\Users\Gerald\Documents\Symantec

[2010/02/13 18:37:14 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll

[2010/02/13 18:37:14 | 000,026,600 | R--- | C] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys

[2010/02/13 18:37:12 | 000,025,648 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SymIMV.sys

[2010/02/13 18:37:08 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS

[2010/02/13 18:37:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared

[2010/02/13 18:37:07 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec

[2010/02/13 18:36:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360

[2010/02/13 18:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360

[2010/02/13 18:36:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2010/02/13 18:36:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller

[2010/02/13 18:36:22 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller

[2010/02/13 15:50:46 | 000,000,000 | ---D | C] -- C:\Users\Gerald\Desktop\OPCOM

[2010/02/13 12:16:33 | 000,000,000 | ---D | C] -- C:\PowerCinema

[2010/02/12 19:30:12 | 000,000,000 | ---D | C] -- C:\Users\Gerald\AppData\Roaming\SUPERAntiSpyware.com

[2010/02/12 19:17:53 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2010/02/12 19:17:31 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2010/02/12 08:24:39 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2010/02/11 19:10:18 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group

[2010/02/11 18:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2010/02/11 09:09:39 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll

[2010/02/11 09:09:39 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll

[2010/02/11 09:09:39 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll

[2010/02/11 09:09:26 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll

[2010/02/11 09:09:26 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll

[2010/02/11 09:09:26 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe

[2010/02/11 09:09:26 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe

[2010/02/11 09:09:26 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe

[2010/02/11 09:09:26 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll

[2010/02/11 09:09:26 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll

[2010/02/11 09:09:25 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe

[2010/02/01 16:59:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero

[2010/01/31 17:10:55 | 000,000,000 | -HSD | C] -- C:\Users\Gerald\AppData\Roaming\lowsec

[2010/01/31 17:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\O2_Installer

[2010/01/27 13:21:41 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2010/01/25 16:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage

[2010/01/25 16:21:57 | 000,000,000 | ---D | C] -- C:\Users\Gerald\Office Genuine Advantage

[2010/01/22 11:16:59 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010/01/22 11:16:58 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010/01/17 16:30:45 | 000,000,000 | R--D | C] -- C:\Users\Gerald\Documents\Scanned Documents

[2008/08/17 09:03:54 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 30 Days ==========

[2010/02/15 11:32:09 | 004,456,448 | -HS- | M] () -- C:\Users\Gerald\ntuser.dat

[2010/02/15 11:27:49 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Gerald\Desktop\OTL.exe

[2010/02/15 11:20:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/02/15 10:44:11 | 000,010,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/02/15 10:44:11 | 000,010,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/02/15 10:37:42 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/02/15 10:37:01 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010/02/15 10:36:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/02/15 10:36:41 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys

[2010/02/15 10:27:35 | 001,788,262 | -H-- | M] () -- C:\Users\Gerald\AppData\Local\IconCache.db

[2010/02/15 09:20:46 | 000,940,456 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\Cat.DB

[2010/02/13 20:49:28 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk

[2010/02/13 20:23:51 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\isolate.ini

[2010/02/13 18:37:08 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS

[2010/02/13 18:37:08 | 000,007,456 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT

[2010/02/13 18:37:08 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF

[2010/02/13 18:36:47 | 000,482,432 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\cchpx86.sys

[2010/02/13 18:36:47 | 000,310,320 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\SymEFA.sys

[2010/02/13 18:36:47 | 000,308,272 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\srtsp.sys

[2010/02/13 18:36:47 | 000,259,632 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\BHDrvx86.sys

[2010/02/13 18:36:47 | 000,217,136 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symtdi.sys

[2010/02/13 18:36:47 | 000,089,904 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symfw.sys

[2010/02/13 18:36:47 | 000,048,688 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symndisv.sys

[2010/02/13 18:36:47 | 000,043,696 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\srtspx.sys

[2010/02/13 18:36:47 | 000,036,400 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symndis.sys

[2010/02/13 18:36:47 | 000,033,072 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0308000.029\symids.sys

[2010/02/13 18:36:47 | 000,026,600 | R--- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys

[2010/02/13 18:36:47 | 000,025,648 | R--- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SymIMV.sys

[2010/02/13 18:36:43 | 000,107,368 | R--- | M] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll

[2010/02/13 18:36:38 | 000,003,373 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\SymEFA.inf

[2010/02/13 18:36:38 | 000,001,752 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\ccHPx86.inf

[2010/02/13 18:36:38 | 000,001,562 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\SymNetV.inf

[2010/02/13 18:36:38 | 000,001,561 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\SymNet.inf

[2010/02/13 18:36:38 | 000,001,388 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\srtspx.inf

[2010/02/13 18:36:38 | 000,001,382 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\srtsp.inf

[2010/02/13 18:36:38 | 000,000,640 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\BHDrvx86.inf

[2010/02/13 18:36:33 | 000,009,412 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\symnetv.cat

[2010/02/13 18:36:33 | 000,009,402 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\SymNet.cat

[2010/02/13 18:36:33 | 000,007,431 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\SymEFA.cat

[2010/02/13 18:36:33 | 000,007,429 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\srtspx.cat

[2010/02/13 18:36:33 | 000,007,425 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\srtsp.cat

[2010/02/13 18:36:33 | 000,007,400 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\BHDrvx86.CAT

[2010/02/13 18:36:33 | 000,007,383 | ---- | M] () -- C:\Windows\System32\drivers\N360\0308000.029\ccHPx86.cat

[2010/02/13 17:05:00 | 000,010,198 | ---- | M] () -- C:\Users\Gerald\Documents\Dennis SCAIFE.docx

[2010/02/12 08:32:11 | 000,713,888 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010/02/12 08:32:11 | 000,619,206 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010/02/12 08:32:11 | 000,107,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010/02/11 19:11:13 | 000,000,761 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2010/02/10 10:21:45 | 000,002,174 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2010/02/10 10:19:12 | 000,010,752 | ---- | M] () -- C:\Users\Gerald\Documents\Jayne and Adams Loan.xlr

[2010/02/10 10:19:12 | 000,000,486 | ---- | M] () -- C:\Users\Gerald\AppData\Roaming\wklnhst.dat

[2010/02/02 17:06:10 | 000,010,909 | ---- | M] () -- C:\Users\Gerald\Documents\Citibank Contract Termination.docx

[2010/02/02 11:09:29 | 000,145,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor32.sys

[2010/01/31 17:15:02 | 000,010,000 | ---- | M] () -- C:\Users\Gerald\Documents\1687079961639234601139186.docx

[2010/01/31 16:51:24 | 000,524,288 | -HS- | M] () -- C:\Users\Gerald\ntuser.dat{aaf081db-0e85-11df-9dfe-e291f046747c}.TMContainer00000000000000000002.regtrans-ms

[2010/01/31 16:51:24 | 000,524,288 | -HS- | M] () -- C:\Users\Gerald\ntuser.dat{aaf081db-0e85-11df-9dfe-e291f046747c}.TMContainer00000000000000000001.regtrans-ms

[2010/01/31 16:51:24 | 000,065,536 | -HS- | M] () -- C:\Users\Gerald\ntuser.dat{aaf081db-0e85-11df-9dfe-e291f046747c}.TM.blf

[2010/01/26 16:29:48 | 000,014,769 | ---- | M] () -- C:\Users\Gerald\Documents\morrish letter 1.1.docx

[2010/01/26 15:36:47 | 000,011,053 | ---- | M] () -- C:\Users\Gerald\Documents\morrish letter 1.2.docx

[2010/01/18 23:29:31 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll

[2010/01/18 23:29:31 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll

[2010/01/18 23:29:31 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll

[2010/01/18 23:29:30 | 000,369,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll

[2010/01/18 23:28:33 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe

[2010/01/18 23:28:33 | 000,277,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe

[2010/01/18 23:28:30 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe

[2010/01/18 23:28:30 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe

========== Files Created - No Company Name ==========

[2010/02/13 20:49:40 | 000,940,456 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\Cat.DB

[2010/02/13 20:24:25 | 000,009,412 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\symnetv.cat

[2010/02/13 20:24:25 | 000,009,402 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\SymNet.cat

[2010/02/13 20:24:25 | 000,001,562 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\SymNetV.inf

[2010/02/13 20:24:25 | 000,001,561 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\SymNet.inf

[2010/02/13 20:24:24 | 000,007,431 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\SymEFA.cat

[2010/02/13 20:24:24 | 000,007,429 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\srtspx.cat

[2010/02/13 20:24:24 | 000,007,425 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\srtsp.cat

[2010/02/13 20:24:24 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\ccHPx86.cat

[2010/02/13 20:24:24 | 000,003,373 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\SymEFA.inf

[2010/02/13 20:24:24 | 000,001,752 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\ccHPx86.inf

[2010/02/13 20:24:24 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\srtspx.inf

[2010/02/13 20:24:24 | 000,001,382 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\srtsp.inf

[2010/02/13 20:24:23 | 000,007,400 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\BHDrvx86.CAT

[2010/02/13 20:24:23 | 000,000,640 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\BHDrvx86.inf

[2010/02/13 20:23:51 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0308000.029\isolate.ini

[2010/02/13 18:37:08 | 000,007,456 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT

[2010/02/13 18:37:08 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF

[2010/02/13 18:37:02 | 000,002,326 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk

[2010/02/13 17:05:00 | 000,010,198 | ---- | C] () -- C:\Users\Gerald\Documents\Dennis SCAIFE.docx

[2010/02/10 10:21:45 | 000,002,174 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2010/02/10 10:14:09 | 000,010,752 | ---- | C] () -- C:\Users\Gerald\Documents\Jayne and Adams Loan.xlr

[2010/02/02 17:01:52 | 000,010,909 | ---- | C] () -- C:\Users\Gerald\Documents\Citibank Contract Termination.docx

[2010/01/31 17:15:01 | 000,010,000 | ---- | C] () -- C:\Users\Gerald\Documents\1687079961639234601139186.docx

[2010/01/31 16:51:24 | 000,524,288 | -HS- | C] () -- C:\Users\Gerald\ntuser.dat{aaf081db-0e85-11df-9dfe-e291f046747c}.TMContainer00000000000000000002.regtrans-ms

[2010/01/31 16:51:24 | 000,524,288 | -HS- | C] () -- C:\Users\Gerald\ntuser.dat{aaf081db-0e85-11df-9dfe-e291f046747c}.TMContainer00000000000000000001.regtrans-ms

[2010/01/31 16:51:24 | 000,065,536 | -HS- | C] () -- C:\Users\Gerald\ntuser.dat{aaf081db-0e85-11df-9dfe-e291f046747c}.TM.blf

[2010/01/26 15:33:40 | 000,011,053 | ---- | C] () -- C:\Users\Gerald\Documents\morrish letter 1.2.docx

[2010/01/21 13:06:39 | 000,014,769 | ---- | C] () -- C:\Users\Gerald\Documents\morrish letter 1.1.docx

[2009/10/21 17:56:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/07/16 18:21:07 | 000,073,216 | ---- | C] () -- C:\Windows\System32\drivers\SENTINEL.SYS

[2009/07/16 18:21:07 | 000,049,152 | ---- | C] () -- C:\Windows\System32\SNTI386.DLL

[2009/07/13 23:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/07/10 10:07:23 | 000,100,560 | ---- | C] () -- C:\Windows\System32\drivers\VBoxDrv.sys

[2009/05/17 17:16:13 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI

[2009/04/26 15:40:11 | 000,000,000 | ---- | C] () -- C:\Windows\epcmonitor.INI

[2009/04/26 15:39:55 | 000,360,448 | ---- | C] () -- C:\Windows\System32\XNMBA458.DLL

[2009/04/26 15:39:55 | 000,143,360 | ---- | C] () -- C:\Windows\System32\XNMHB425.DLL

[2009/04/26 15:39:55 | 000,092,672 | ---- | C] () -- C:\Windows\System32\XNMHB458.DLL

[2009/04/26 15:39:55 | 000,066,560 | ---- | C] () -- C:\Windows\System32\XNMHN425.DLL

[2009/04/26 15:39:55 | 000,064,512 | ---- | C] () -- C:\Windows\System32\XNMTE458.DLL

[2009/04/26 15:39:55 | 000,056,320 | ---- | C] () -- C:\Windows\System32\XNMTE425.DLL

[2009/04/26 15:39:55 | 000,025,600 | ---- | C] () -- C:\Windows\System32\XNMHN458.DLL

[2009/04/26 15:39:55 | 000,006,848 | ---- | C] () -- C:\Windows\System32\drivers\DS1410D.SYS

[2009/04/26 15:39:54 | 000,303,616 | ---- | C] () -- C:\Windows\System32\XNMBA425.DLL

[2009/04/26 15:39:54 | 000,006,848 | ---- | C] () -- C:\Windows\System32\DS1410D.SYS

[2009/04/26 15:29:50 | 000,000,000 | ---- | C] () -- C:\Windows\frontend.INI

[2009/04/26 15:24:45 | 000,001,052 | ---- | C] () -- C:\Windows\ODBC.INI

[2009/03/12 06:16:30 | 000,000,486 | ---- | C] () -- C:\Users\Gerald\AppData\Roaming\wklnhst.dat

[2008/08/17 08:53:40 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll

[2007/08/14 16:35:24 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll

[2006/10/11 01:17:08 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini

[2006/10/11 01:17:08 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini

[2006/10/11 01:13:24 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll

[2006/10/11 01:13:24 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll

[2001/12/26 23:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll

[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

[2001/09/04 06:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll

[2001/07/30 23:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll

[2001/07/24 05:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2009/03/13 01:55:21 | 000,000,000 | -HSD | M] -- C:\Users\Gerald\AppData\Roaming\.#

[2009/11/27 15:24:38 | 000,000,000 | ---D | M] -- C:\Users\Gerald\AppData\Roaming\Acer GameZone Console

[2009/12/29 10:17:35 | 000,000,000 | ---D | M] -- C:\Users\Gerald\AppData\Roaming\eSobi

[2010/02/01 10:35:55 | 000,000,000 | -HSD | M] -- C:\Users\Gerald\AppData\Roaming\lowsec

[2009/12/28 19:08:53 | 000,000,000 | ---D | M] -- C:\Users\Gerald\AppData\Roaming\NCH Swift Sound

[2009/12/24 13:11:11 | 000,000,000 | ---D | M] -- C:\Users\Gerald\AppData\Roaming\Nokia

[2009/12/24 13:10:03 | 000,000,000 | ---D | M] -- C:\Users\Gerald\AppData\Roaming\Nokia Ovi Suite

[2009/12/24 13:10:16 | 000,000,000 | ---D | M] -- C:\Users\Gerald\AppData\Roaming\PC Suite

[2009/11/27 15:24:48 | 000,000,000 | ---D | M] -- C:\Users\Gerald\AppData\Roaming\Template

[2009/11/27 15:24:48 | 000,000,000 | ---D | M] -- C:\Users\Gerald\AppData\Roaming\TomTom

[2010/02/13 17:06:31 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2009/06/10 21:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009/07/14 01:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr

[2009/11/27 23:05:45 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2009/06/10 21:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys

[2010/02/15 10:36:41 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys

[2009/04/26 15:01:19 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2009/04/26 15:01:19 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2010/02/15 10:36:45 | 3220,430,848 | -HS- | M] () -- C:\pagefile.sys

[2006/10/11 01:05:46 | 000,000,791 | ---- | M] () -- C:\RHDSetup.log

[2010/01/03 17:33:51 | 000,000,001 | ---- | M] () -- C:\s

< MD5 for: AGP440.SYS >

[2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys

[2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys

[2009/07/14 01:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: AHCIX86S.SYS >

[2007/08/08 04:55:08 | 000,122,880 | ---- | M] (Promise Technology, Inc.) MD5=4283A0F3A9557EB133D2BA8979747A77 -- C:\ACER\Preload\Autorun\DRV\ATI VGA PCI-E\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys

< MD5 for: ATAPI.SYS >

[2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys

[2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys

[2009/07/14 01:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: CNGAUDIT.DLL >

[2009/07/14 01:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll

[2009/07/14 01:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: IASTOR.SYS >

[2009/06/05 01:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\drivers\iaStor.sys

[2009/06/05 01:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_4f144d6467fc7c22\iaStor.sys

[2009/06/05 01:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_x86_neutral_10aa509d6843c6fc\iaStor.sys

< MD5 for: IASTORV.SYS >

[2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys

[2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys

[2009/07/14 01:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: NETLOGON.DLL >

[2009/07/14 01:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll

[2009/07/14 01:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRD32.SYS >

[2008/08/18 10:58:42 | 000,133,152 | ---- | M] (NVIDIA Corporation) MD5=7894FFC354DDD5A0600BC112FFEC2DD0 -- C:\ACER\Preload\Autorun\DRV\nVidia Chipset MCP73PV\IDE\WinVista\sataraid\nvrd32.sys

< MD5 for: NVSTOR.SYS >

[2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys

[2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys

[2009/07/14 01:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: NVSTOR32.SYS >

[2007/12/07 23:28:08 | 000,140,320 | ---- | M] (NVIDIA Corporation) MD5=1A649B87A7B7C1220A2B16B121F2198E -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_6508ffd59b29f382\nvstor32.sys

[2008/08/18 10:58:42 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=2A0CC26D67B38460CC7563BC8313C1D6 -- C:\ACER\Preload\Autorun\DRV\nVidia Chipset MCP73PV\IDE\WinVista\sataraid\nvstor32.sys

[2008/08/18 10:58:16 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=8EE374B6FB3CB2BB8D70395218B464A5 -- C:\$WINDOWS.~Q\DATA\Windows\System32\drivers\nvstor32.sys

[2008/08/18 10:58:16 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=8EE374B6FB3CB2BB8D70395218B464A5 -- C:\ACER\Preload\Autorun\DRV\nVidia Chipset MCP73PV\IDE\WinVista\sata_ide\nvstor32.sys

[2010/02/02 11:09:29 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=8EE374B6FB3CB2BB8D70395218B464A5 -- C:\Windows\System32\drivers\nvstor32.sys

[2008/08/18 10:58:16 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=8EE374B6FB3CB2BB8D70395218B464A5 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_b900095f3aa53048\nvstor32.sys

< MD5 for: SCECLI.DLL >

[2009/07/14 01:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll

[2009/07/14 01:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

[2009/07/14 01:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll

[2009/07/14 01:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

[2009/07/14 01:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\LocationApi.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< End of report >

OTL Extras logfile created on: 15/02/2010 11:30:16 - Run 1

OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\Gerald\Desktop

Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free

6.00 Gb Paging File | 5.00 Gb Available in Paging File | 80.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 139.15 Gb Total Space | 94.99 Gb Free Space | 68.27% Space Free | Partition Type: NTFS

Drive D: | 142.94 Gb Total Space | 130.98 Gb Free Space | 91.63% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: GERALD-PC-HOME

Current User Name: Gerald

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.5400

"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard

"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect

"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management

"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}" = Upgrade Kit

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java 6 Update 17

"{27BF988A-AD38-41F2-8012-B797A2BC7285}" = Sun xVM VirtualBox

"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth

"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD

"{4CE6B3C4-D8E2-4A5D-BEF5-5B69AF843B0C}" = PC Connectivity Solution

"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter

"{564B16F4-6B5B-47B0-9AB6-FF2E943947F7}" = Nokia Ovi Suite Software Updater

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}" = Flip Words 2

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8D100E0C-1A5A-43AD-93EF-76F94AE61C30}" = OviMPlatform

"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology

"{900A92BA-19EF-4A34-86CF-7B6C85BDD971}" = VC_MergeModuleToMSI

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{9BFA86B3-D978-423C-981C-C64FF7A022A4}_is1" = yDGpatch 1.2

"{9D29159F-227D-45B9-BD70-94564CE259BD}" = O2InstV2Win7UpdateV1

"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia

"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator

"{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}" = Nokia Ovi Suite

"{BC14F40D-7C13-4F3A-9F4A-3835D7642036}" = PE585QAEncoder-32

"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver

"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1

"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F1C3541D-5B93-4131-B440-692FBA3DD250}" = Ovi Desktop Sync Engine

"{F4A871F6-BFE1-4E05-9370-4F7B1EB5ECD8}" = Hornby Virtual Railway 2

"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician

"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician

"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)

"7-Zip" = 7-Zip 4.65

"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"CCleaner" = CCleaner

"Config" = VADIS Config

"ENTERPRISE" = Microsoft Office Enterprise 2007

"EPC32.EXE" = EPC

"Google Desktop" = Google Desktop

"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5

"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2

"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8

"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter

"JRE 1.3.1" = Java 2 Runtime Environment Standard Edition v1.3.1

"JSDK2.0" = Java Servlet Development Kit 2.0

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"N360" = Norton 360

"Nokia Ovi Suite" = Nokia Ovi Suite

"NVIDIA Drivers" = NVIDIA Drivers

"Rainbow Sentinel Driver" = Sentinel System Driver

"StartVADIS" = StartVADIS

"Switch" = Switch Sound File Converter

"TomTom HOME" = TomTom HOME

"VADIS" = VADIS Application

"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.