Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Solved: Won't restore slow start up and shut down


(!)

APPACHE's Avatar
APPACHE APPACHE is offline
Computer Specs
Member with 71 posts.
THREAD STARTER
 
Join Date: Jul 2010
Experience: Beginner
22-Aug-2010, 07:01 PM #1
Won't restore slow start up and shut down
This is a acer aspire 4520 with vista windows.it takes along time to start and just about as long to shut down,also my system restore is failing I suspect a virus,but maybe not..I'll leave the answers to you and thank you very much..

I am getting ready to do the things required will post back..
APPACHE's Avatar
APPACHE APPACHE is offline
Computer Specs
Member with 71 posts.
THREAD STARTER
 
Join Date: Jul 2010
Experience: Beginner
22-Aug-2010, 07:34 PM #2
HijackThis log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:32:49 PM, on 8/22/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\System32\rundll32.exe
C:\Users\tommy\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/yco...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
--
End of file - 9905 bytes
APPACHE's Avatar
APPACHE APPACHE is offline
Computer Specs
Member with 71 posts.
THREAD STARTER
 
Join Date: Jul 2010
Experience: Beginner
22-Aug-2010, 08:04 PM #3
dds logs


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-03-17.01)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 7/25/2010 4:29:20 PM
System Uptime: 8/22/2010 7:19:42 PM (0 hours ago)
Motherboard: Acer, Inc. | | Mono
Processor: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-55 | Socket M2/S1G1 | 1800/133mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 51 GiB total, 21.974 GiB free.
D: is FIXED (NTFS) - 51 GiB total, 45.978 GiB free.
E: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================

==== Installed Programs ======================
Acer Arcade Deluxe
Acer Assist
Acer Crystal Eye webcam
Acer eAudio Management
Acer eDataSecurity Management
Acer eLock Management
Acer Empowering Technology
Acer eNet Management
Acer ePower Management
Acer ePresentation Management
Acer eSettings Management
Acer GridVista
Acer Mobility Center Plug-In
Acer Registration
Acer ScreenSaver
Acer Tour
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.0
Adobe Shockwave Player 11.5
Advanced SystemCare 3
Agere Systems HDA Modem
AppCore
AV
Big Kahuna Reef 2
Bricks of Egypt
ccCommon
Dell Driver Download Manager
Dynasty
Galapago
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Jewel Quest Solitaire
Junk Mail filter update
Launch Manager
LightScribe 1.4.142.1
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Luxor 2
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSRedist
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery Case Files - Prime Suspects
Mystery Case Files Ravenhearst
Norton AntiVirus
Norton Confidential Browser Component
Norton Confidential Web Protection Component
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
Norton Security Scan
NTI Backup NOW! 4.7
NTI CD & DVD-Maker
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Orion
PowerProducer 3.72
Realtek High Definition Audio Driver
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
SPBBC 32bit
Symantec Real Time Storage Protection Component
SymNet
Synaptics Pointing Device Driver
Treasures of the Deep
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Winbond CIR Drivers
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Yahoo! Toolbar
Zuma Deluxe
==== End Of File ===========================



DDS (Ver_10-03-17.01) - NTFSx86
Run by tommy at 19:55:33.82 on Sun 08/22/2010
Internet Explorer: 8.0.6001.18943
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.766.143 [GMT -4:00]
AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton Internet Security *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Users\tommy\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\tommy\Desktop\dds.scr
============== Pseudo HJT Report ===============
uSEARCH PAGE = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://en.us.acer.yahoo.com
mDefault_Page_URL = hxxp://en.us.acer.yahoo.com
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {1e8a6170-7264-4d0f-beae-d42a53123c75} - c:\program files\common files\symantec shared\coshared\browser\1.0\NppBho.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\windows\system32\ActiveToolBand.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: Show Norton Toolbar: {90222687-f593-4738-b738-fbee9c7b26df} - c:\program files\common files\symantec shared\coshared\browser\1.0\UIBHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "c:\program files\norton internet security\osCheck.exe"
mRun: [PLFSet] rundll32.exe c:\windows\PLFSet.dll,PLFDefSetting
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [Acer Product Registration] "c:\program files\acer registration\ACE1.exe" /startup
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
dRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
============= SERVICES / DRIVERS ===============
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\idsdefs\20100811.001\IDSvix86 .sys [2010-8-18 281648]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade deluxe\play movie\000.fcl [2010-7-25 13560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-7-25 102448]
R3 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2010-7-25 1251720]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-8-3 38448]
R3 winbondcir;Winbond IR Transceiver;c:\windows\system32\drivers\winbondcir.sys [2007-3-28 43008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-30 135664]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2010-7-27 21504]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-7-28 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v040 0.exe [2010-3-18 753504]
=============== Created Last 30 ================
2010-08-22 23:10:06 0 d-----w- c:\program files\Trend Micro
2010-08-12 04:17:58 2037760 ----a-w- c:\windows\system32\win32k.sys
2010-08-12 04:17:55 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-08-12 04:17:46 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-08-12 04:17:45 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-08-12 04:16:58 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-08-12 04:16:47 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-12 04:16:46 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-12 04:16:36 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-08-11 12:44:58 0 d-----w- c:\programdata\IObit
2010-08-09 21:46:33 0 d-----w- c:\users\tommy\appdata\roaming\IObit
2010-08-09 21:46:32 0 d-----w- c:\program files\IObit
2010-08-04 19:54:47 0 d-----w- c:\users\tommy\appdata\roaming\Malwarebytes
2010-08-04 19:40:10 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-04 19:40:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-04 19:40:08 0 d-----w- c:\programdata\Malwarebytes
2010-08-04 19:40:08 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-31 20:33:35 0 d-----w- c:\windows\system32\drivers\NSS
2010-07-31 20:33:35 0 d-----w- c:\program files\Norton Security Scan
2010-07-31 20:33:30 0 d-----w- c:\programdata\NortonInstaller
2010-07-31 20:33:29 0 d-----w- c:\program files\NortonInstaller
2010-07-31 17:32:13 0 d-----w- c:\windows\system32\Adobe
2010-07-31 03:22:31 0 d-----w- c:\programdata\McAfee
2010-07-30 23:14:53 0 d-----w- c:\programdata\Citrix
2010-07-30 23:13:32 0 d-----w- c:\program files\Citrix
2010-07-30 18:37:58 0 d-----w- c:\programdata\Google
2010-07-30 15:24:31 0 d-----w- c:\windows\pss
2010-07-29 06:20:17 0 d-----w- c:\program files\Windows Portable Devices
2010-07-29 06:19:56 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-07-29 06:14:33 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-07-29 06:14:32 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-07-29 06:14:32 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-07-29 06:12:37 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-07-29 06:10:04 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-07-29 06:10:03 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-07-29 06:10:02 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-07-29 00:19:15 706 ----a-w- c:\windows\system32\drivers\COH_Mon.inf
2010-07-29 00:19:15 23888 ----a-w- c:\windows\system32\drivers\COH_Mon.sys
2010-07-29 00:19:15 10537 ----a-w- c:\windows\system32\drivers\COH_Mon.cat
2010-07-28 17:20:55 0 d-----w- c:\programdata\Office Genuine Advantage
2010-07-28 16:24:00 0 d-----w- c:\windows\system32\eu-ES
2010-07-28 16:24:00 0 d-----w- c:\windows\system32\ca-ES
2010-07-28 16:23:57 0 d-----w- c:\windows\system32\vi-VN
2010-07-28 16:20:02 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-07-28 14:00:24 0 d-----w- c:\windows\system32\EventProviders
2010-07-28 13:56:44 0 d-----w- c:\users\tommy\Tracing
2010-07-28 13:41:13 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-07-28 13:39:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-07-28 13:38:57 0 d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-07-28 13:37:06 0 d-----w- c:\program files\Microsoft
2010-07-28 13:36:38 0 d-----w- c:\program files\Windows Live SkyDrive
2010-07-28 10:59:56 0 d-----w- c:\program files\common files\Windows Live
2010-07-28 10:59:41 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2010-07-28 10:59:13 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2010-07-28 10:59:12 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2010-07-28 10:58:57 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2010-07-28 10:58:57 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2010-07-28 10:58:43 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2010-07-28 10:58:30 1480704 ----a-w- c:\windows\system32\mssrch.dll
2010-07-28 10:58:18 684032 ----a-w- c:\windows\system32\drivers\spsys.sys
2010-07-28 10:58:14 1576960 ----a-w- c:\windows\system32\tquery.dll
2010-07-28 10:58:05 779136 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2010-07-28 10:58:03 561152 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2010-07-28 10:58:02 928768 ----a-w- c:\windows\system32\scavenge.dll
2010-07-28 10:56:56 324608 ----a-w- c:\windows\system32\sdohlp.dll
2010-07-28 10:55:59 88064 ----a-w- c:\windows\system32\fdBth.dll
2010-07-28 10:54:59 627712 ----a-w- c:\windows\system32\user32.dll
2010-07-28 10:53:58 73216 ----a-w- c:\windows\system32\msiexec.exe
2010-07-28 10:52:59 759296 ----a-w- c:\windows\system32\ipsecsnp.dll
2010-07-28 10:51:59 29696 ----a-w- c:\windows\system32\ifmon.dll
2010-07-28 10:50:53 153 ----a-w- c:\windows\system32\RacUREx.xml
2010-07-28 10:50:23 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2010-07-28 10:50:23 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2010-07-28 10:50:23 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2010-07-28 10:50:22 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2010-07-28 10:50:22 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2010-07-28 10:50:22 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2010-07-28 10:50:22 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
2010-07-28 10:50:19 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2010-07-28 10:50:16 218624 ----a-w- c:\windows\system32\wdscore.dll
2010-07-28 10:50:16 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2010-07-28 10:49:50 247808 ----a-w- c:\windows\system32\drvstore.dll
2010-07-28 10:49:21 0 d-----w- c:\programdata\WindowsSearch
2010-07-28 09:56:36 0 d-----w- c:\programdata\NVIDIA
2010-07-28 09:40:13 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-07-28 09:40:09 11967524 ----a-w- c:\windows\system32\korwbrkr.lex
2010-07-28 09:27:45 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-07-28 09:27:45 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-07-28 09:27:45 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-07-28 09:27:45 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-07-28 09:27:44 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-07-28 09:11:11 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-07-28 09:11:01 2048 ----a-w- c:\windows\system32\tzres.dll
2010-07-28 09:10:22 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-07-28 09:10:22 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-07-28 09:10:20 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-07-28 09:10:16 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-07-28 09:10:08 738816 ----a-w- c:\windows\system32\inetcomm.dll
2010-07-28 09:09:52 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-07-28 09:09:51 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-07-28 08:39:37 27839 ----a-w- c:\programdata\nvModes.dat
2010-07-28 06:20:07 0 d-----w- C:\PerfLogs
2010-07-28 03:10:06 705536 ----a-w- c:\windows\system32\imagesp1.dll
2010-07-28 03:10:02 116736 ----a-w- c:\windows\system32\sstpsvc.dll
2010-07-28 03:08:57 169472 ----a-w- c:\windows\system32\mssha.dll
2010-07-28 03:07:59 71680 ----a-w- c:\windows\system32\msacm32.dll
2010-07-28 03:06:59 95744 ----a-w- c:\windows\system32\xwtpw32.dll
2010-07-28 03:05:59 8192 ----a-w- c:\windows\system32\drivers\mskssrv.sys
2010-07-28 03:04:52 102400 ----a-w- c:\windows\system32\wbem\mofinstall.dll
2010-07-28 03:04:51 357888 ----a-w- c:\windows\system32\wbemcomn.dll
2010-07-28 03:04:46 129536 ----a-w- c:\windows\system32\sqmapi.dll
2010-07-28 03:04:45 139264 ----a-w- c:\windows\system32\SmiInstaller.dll
2010-07-28 03:04:21 35328 ----a-w- c:\windows\system32\mspatcha.dll
2010-07-28 03:04:21 305152 ----a-w- c:\windows\system32\msdelta.dll
2010-07-28 03:04:21 258560 ----a-w- c:\windows\system32\dpx.dll
2010-07-28 03:04:12 6656 ----a-w- c:\windows\system32\kbd106.dll
2010-07-28 02:45:41 57667 ----a-w- c:\windows\system32\ieuinit.inf
2010-07-28 02:43:57 385024 ----a-w- c:\windows\system32\html.iec
2010-07-28 02:43:56 45568 ----a-w- c:\windows\system32\mshta.exe
2010-07-28 02:43:56 169472 ----a-w- c:\windows\system32\iexpress.exe
2010-07-28 02:43:55 109568 ----a-w- c:\windows\system32\PDMSetup.exe
2010-07-28 02:43:55 107520 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2010-07-28 02:43:55 107008 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2010-07-28 02:43:55 103936 ----a-w- c:\windows\system32\SetDepNx.exe
2010-07-26 20:49:39 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-07-26 00:13:46 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-07-26 00:13:45 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-07-26 00:13:45 23552 ----a-w- c:\windows\system32\lpk.dll
2010-07-26 00:13:45 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-07-26 00:07:19 61440 ----a-w- c:\windows\system32\winipsec.dll
2010-07-26 00:07:19 272896 ----a-w- c:\windows\system32\polstore.dll
2010-07-26 00:05:22 1820 ----a-w- c:\windows\system32\rasctrnm.h
2010-07-26 00:03:48 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-07-25 23:59:43 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-07-25 23:59:43 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-07-25 23:59:43 17920 ----a-w- c:\windows\system32\netevent.dll
2010-07-25 23:59:43 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-07-25 23:59:43 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-07-25 23:59:42 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-07-25 23:59:42 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-07-25 23:59:42 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-07-25 23:59:42 10240 ----a-w- c:\windows\system32\finger.exe
2010-07-25 23:53:05 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2010-07-25 23:53:04 2501921 ----a-w- c:\windows\system32\wlan.tmf
2010-07-25 23:53:03 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2010-07-25 23:53:03 65024 ----a-w- c:\windows\system32\wlanapi.dll
2010-07-25 23:53:03 513536 ----a-w- c:\windows\system32\wlansvc.dll
2010-07-25 23:53:03 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2010-07-25 23:53:02 302592 ----a-w- c:\windows\system32\wlansec.dll
2010-07-25 23:53:00 2334 ----a-w- c:\windows\system32\wbem\L2SecHC.mof
2010-07-25 23:52:59 12880 ----a-w- c:\windows\system32\wbem\wlan.mof
2010-07-25 23:52:58 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2010-07-25 23:50:19 1401856 ----a-w- c:\windows\system32\msxml6.dll
2010-07-25 23:50:16 2048 ----a-w- c:\windows\system32\msxml3r.dll
2010-07-25 23:50:15 2048 ----a-w- c:\windows\system32\msxml6r.dll
2010-07-25 23:47:45 218624 ----a-w- c:\windows\system32\msv1_0.dll
2010-07-25 23:45:34 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-07-25 23:45:34 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-07-25 23:45:34 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-07-25 23:43:08 98816 ----a-w- c:\windows\system32\mfps.dll
2010-07-25 23:43:08 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2010-07-25 23:43:08 2868224 ----a-w- c:\windows\system32\mf.dll
2010-07-25 23:43:08 2048 ----a-w- c:\windows\system32\mferror.dll
2010-07-25 23:43:07 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-07-25 23:35:13 71680 ----a-w- c:\windows\system32\atl.dll
2010-07-25 23:27:07 160256 ----a-w- c:\windows\system32\wkssvc.dll
2010-07-25 23:25:40 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-07-25 23:25:40 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-07-25 23:25:39 2066432 ----a-w- c:\windows\system32\mstscax.dll
2010-07-25 23:21:20 714240 ----a-w- c:\windows\system32\timedate.cpl
2010-07-25 23:11:29 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2010-07-25 23:01:33 623616 ----a-w- c:\windows\system32\localspl.dll
2010-07-25 22:55:43 8704 ----a-w- c:\windows\system32\hccoin.dll
2010-07-25 22:55:43 15872 ----a-w- c:\windows\system32\hcrstco.dll
2010-07-25 22:53:19 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-07-25 22:51:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2010-07-25 22:51:52 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-07-25 22:51:51 9728 ----a-w- c:\windows\system32\lsass.exe
2010-07-25 22:51:51 72704 ----a-w- c:\windows\system32\secur32.dll
2010-07-25 22:51:51 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-07-25 22:51:51 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2010-07-25 22:51:48 13780 ----a-w- c:\windows\system32\wbem\lsasrv.mof
2010-07-25 22:46:59 4164096 ----a-w- c:\windows\system32\NlsLexicons0002.dll
2010-07-25 22:40:46 6656 ----a-w- c:\windows\system32\kbd106n.dll
2010-07-25 22:36:21 62464 ----a-w- c:\windows\system32\l3codeca.acm
2010-07-25 22:36:21 220672 ----a-w- c:\windows\system32\l3codecp.acm
2010-07-25 22:33:53 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-07-25 22:33:52 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-07-25 22:33:52 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-07-25 22:33:51 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2010-07-25 22:33:50 814 ----a-w- c:\windows\system32\wbem\WFP.MOF
2010-07-25 22:27:49 98304 ----a-w- c:\windows\system32\cabview.dll
2010-07-25 22:24:14 37888 ----a-w- c:\windows\system32\printcom.dll
2010-07-25 22:21:00 14848 ----a-w- c:\windows\system32\wshrm.dll
2010-07-25 22:19:15 43520 ----a-w- c:\windows\system32\msdxm.tlb
2010-07-25 22:19:15 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2010-07-25 22:19:15 18432 ----a-w- c:\windows\system32\amcompat.tlb
2010-07-25 22:17:15 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-07-25 22:17:15 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-07-25 22:17:15 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-07-25 22:17:14 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-07-25 22:17:14 471552 ----a-w- c:\windows\system32\secproc.dll
2010-07-25 22:17:14 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-07-25 22:17:14 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-07-25 22:17:13 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-07-25 22:17:13 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-07-25 21:38:14 49152 ----a-w- c:\windows\ocsetup_cbs_install_NetFx3.perf
2010-07-25 21:38:14 16384 ----a-w- c:\windows\ocsetup_cbs_install_NetFx3.dpx
2010-07-25 21:38:13 32718848 ----a-w- c:\windows\ocsetup_install_NetFx3.etl
2010-07-25 21:14:33 84480 ----a-w- c:\windows\system32\INETRES.dll
2010-07-25 21:14:12 60928 ----a-w- c:\windows\system32\msasn1.dll
2010-07-25 21:13:28 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-25 21:12:37 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-07-25 21:12:37 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-07-25 21:12:37 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-07-25 21:10:10 243712 ----a-w- c:\windows\system32\rastls.dll
2010-07-25 21:09:47 355328 ----a-w- c:\windows\system32\WSDApi.dll
2010-07-25 21:08:58 0 d-----w- c:\program files\MSXML 4.0
2010-07-25 21:07:26 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-07-25 21:07:26 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-07-25 21:07:26 65024 ----a-w- c:\windows\system32\avicap32.dll
2010-07-25 21:07:26 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-07-25 21:07:26 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-07-25 21:07:25 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-07-25 21:07:25 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-07-25 21:07:24 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-07-25 21:07:24 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-07-25 21:07:24 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-07-25 21:06:24 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-07-25 21:05:43 310784 ----a-w- c:\windows\system32\unregmp2.exe
2010-07-25 21:05:42 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-07-25 21:05:41 7680 ----a-w- c:\windows\system32\spwmp.dll
2010-07-25 21:05:40 4096 ----a-w- c:\windows\system32\msdxm.ocx
2010-07-25 21:05:40 4096 ----a-w- c:\windows\system32\dxmasf.dll
2010-07-25 20:48:09 40960 ------w- C:\junction.exe
2010-07-25 20:47:17 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2010-07-25 20:44:38 83 ----a-w- c:\windows\QtZgAcer.UNI
2010-07-25 20:44:35 0 d-----w- c:\program files\Launch Manager
2010-07-25 20:41:39 0 d-sh--w- C:\$RECYCLE.BIN
2010-07-25 20:40:11 45568 ----a-w- c:\windows\system32\drivers\rimmptsk.sys
2010-07-25 20:40:11 43008 ----a-w- c:\windows\system32\drivers\rimsptsk.sys
2010-07-25 20:40:11 38400 ----a-w- c:\windows\system32\drivers\rixdptsk.sys
2010-07-25 20:40:11 172032 ----a-w- c:\windows\system32\rixdicon.dll
2010-07-25 20:39:10 83554304 ----a-w- c:\windows\system32\acer.scr
2010-07-25 20:38:56 40368034 ----a-w- c:\windows\system32\acer.exe
2010-07-25 20:38:51 0 d-----w- c:\program files\Acer Inc
2010-07-25 20:38:47 0 d-----w- c:\windows\ACER
2010-07-25 20:37:44 0 d-----w- c:\program files\Yahoo!
2010-07-25 20:28:59 0 d-----w- C:\Convesoft
2010-07-25 20:28:26 0 d-----w- c:\program files\SUYIN
2010-07-25 20:28:26 0 d-----w- c:\program files\ACER Crystal Eye webcam
2010-07-25 20:27:51 0 d-----w- c:\windows\SUYIN NB Cam
2010-07-25 20:27:50 53248 ----a-w- c:\windows\system32\csnp2uvc.dll
2010-07-25 20:27:50 286720 ----a-w- c:\windows\system32\vsnp2uvc.dll
2010-07-25 20:27:50 172032 ----a-w- c:\windows\system32\rsnp2uvc.dll
2010-07-25 20:27:50 0 d-----w- c:\program files\common files\snp2uvc
2010-07-25 19:10:26 16 ----a-w- c:\windows\system32\coh.cache
2010-07-25 19:03:25 0 ----a-w- c:\windows\WinInit.ini
2010-07-25 18:59:51 0 d-----w- c:\programdata\Norton
2010-07-25 18:36:57 92 ----a-w- c:\windows\GridV.UNI
2010-07-25 18:36:57 0 d-----w- c:\program files\Vic512WA
2010-07-25 18:35:45 0 d-----w- c:\users\tommy\appdata\roaming\Acer
2010-07-25 18:29:31 552 ----a-w- c:\windows\system32\setup.iss
2010-07-25 18:29:31 327680 ----a-w- c:\windows\system32\Remove_eRecovery.exe
2010-07-25 18:29:31 16384 ----a-w- c:\windows\system32\LauncheRyAgentUser.exe
2010-07-25 18:29:31 16384 ----a-w- c:\windows\system32\ClearEvent.exe
2010-07-25 18:29:30 368640 ----a-w- c:\windows\system32\CheckD2DSystem.exe
2010-07-25 18:28:55 0 d-----w- c:\program files\Acer Assist
2010-07-25 18:28:53 0 d-----w- c:\program files\Acer Registration
2010-07-25 18:04:19 2421760 ----a-w- c:\windows\system32\wucltux.dll
2010-07-25 18:03:40 87552 ----a-w- c:\windows\system32\wudriver.dll
2010-07-25 18:03:08 33792 ----a-w- c:\windows\system32\wuapp.exe
2010-07-25 18:03:08 171608 ----a-w- c:\windows\system32\wuwebv.dll
==================== Find3M ====================
2010-07-29 06:20:07 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-07-29 06:20:07 51200 ----a-w- c:\windows\inf\infpub.dat
2010-07-29 06:20:07 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-07-29 06:20:07 143360 ----a-w- c:\windows\inf\infstor.dat
2010-07-28 16:01:27 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
2010-07-28 06:37:14 174 --sha-w- c:\program files\desktop.ini
2010-07-28 05:17:30 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-07-28 05:17:11 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-07-25 22:46:59 11722752 ----a-w- c:\windows\system32\NlsLexicons0001.dll
2010-07-25 21:04:02 16710176 ----a-w- c:\windows\fonts\meiryo.ttc
2010-07-25 21:03:56 17159388 ----a-w- c:\windows\fonts\meiryob.ttc
2010-07-25 19:01:24 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-07-25 19:01:24 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-07-25 19:01:24 10635 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-06-26 06:05:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-26 06:02:15 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-06-26 06:02:15 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-26 04:25:02 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-11 16:16:20 274944 ----a-w- c:\windows\system32\schannel.dll
2010-05-27 20:08:17 81920 ----a-w- c:\windows\system32\iccvid.dll
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 19:57:58.14 ===============
APPACHE's Avatar
APPACHE APPACHE is offline
Computer Specs
Member with 71 posts.
THREAD STARTER
 
Join Date: Jul 2010
Experience: Beginner
23-Aug-2010, 12:55 AM #4
Gmer would not respond,I don't no how to turn his norton security off either.I hope this is a good start.
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,306 posts.
 
Join Date: Mar 2001
Location: Bradford, England
23-Aug-2010, 02:43 AM #5
Replying to this, but will look when I get to work (setting off in a min)

APPACHE's Avatar
APPACHE APPACHE is offline
Computer Specs
Member with 71 posts.
THREAD STARTER
 
Join Date: Jul 2010
Experience: Beginner
23-Aug-2010, 11:35 AM #6
thank you Eddie,just to let you no,,I don't no much about vista and how to,so bare with me )
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,306 posts.
 
Join Date: Mar 2001
Location: Bradford, England
24-Aug-2010, 07:59 AM #7
It can be a little harder to check, as some of the common tools won't work on Vista

Now, can't see much jumping out, so lets look deeper

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • OTL should now start. Change the following settings
    • Change Drivers to All
    • Change Standard Registry to All
    • Under File Scans, change File age to 30
  • Under the Custom Scan box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.*
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    svchost.exe
    /md5stop
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt (first run only). These are saved in the same location as OTL.
    • Please post the contents of these files in your next reply.

eddie
__________________
Just go with the flow, like a twig on the shoulders of a mighty stream

MVP in Consumer Security
APPACHE's Avatar
APPACHE APPACHE is offline
Computer Specs
Member with 71 posts.
THREAD STARTER
 
Join Date: Jul 2010
Experience: Beginner
25-Aug-2010, 02:48 AM #8
Test
APPACHE's Avatar
APPACHE APPACHE is offline
Computer Specs
Member with 71 posts.
THREAD STARTER
 
Join Date: Jul 2010
Experience: Beginner
25-Aug-2010, 02:55 AM #9
I can not post the logs
503 Server Error
APPACHE's Avatar
APPACHE APPACHE is offline
Computer Specs
Member with 71 posts.
THREAD STARTER
 
Join Date: Jul 2010
Experience: Beginner
25-Aug-2010, 03:04 AM #10
I am trying to zip it now
OTL Extras logfile created on: 8/24/2010 1:47:50 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\tommy\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

766.00 Mb Total Physical Memory | 213.00 Mb Available Physical Memory | 28.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 53.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51.14 Gb Total Space | 19.48 Gb Free Space | 38.08% Space Free | Partition Type: NTFS
Drive D: | 50.89 Gb Total Space | 45.98 Gb Free Space | 90.36% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: TOMMY-PC
Current User Name: tommy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{036A3F25-A1DA-4BBD-A117-C1C9E49A5633}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3F989F72-3D2B-4F9B-BA7F-C215AC8E3F63}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{000D03AE-8A59-4ACF-B5A3-6DE8F6DF813C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{04A912FC-B03E-4C92-94C0-70FB8168FFC7}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe |
"{0D64D28C-20E1-427A-8A24-07B5321644EA}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{1500FA78-5012-4AA2-8186-3E4E713E2124}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe |
"{1C664631-489C-423D-BE0B-5A7C9C859702}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe |
"{39017BD4-E911-4E78-9D54-0C57D742BF2E}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe |
"{690F9576-D658-4DF0-8EEA-7C13D04A71D0}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe |
"{6E3B8E31-3EB1-42AE-AD73-CB3CEF4D2C89}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{78C29960-87F2-4185-AE03-52C4812DB4F8}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{B924930E-EF04-41B7-82D8-998D82D5FB3E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C0C8F477-2F0F-4A57-95AA-CB8D57CC8297}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{FB498B97-BD1A-4DA6-9653-5499B54E5B02}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047D47E3-7275-4B6E-AE56-63CA6BB2EA6D}" = Winbond CIR Drivers
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{29040E10-A813-476E-A5DD-AD74AA4D1F36}" = SymNet
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111263673}" = Treasures of the Deep
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111271497}" = Mystery Case Files - Prime Suspects
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111310630}" = Big Kahuna Reef 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547}" = Mystery Case Files Ravenhearst
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A3B105C6-17CE-436F-8AE0-A0BF2853C4D0}" = Symantec Real Time Storage Protection Component
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC1ACE88-C471-494E-B5FA-0B7C21F22E4F}" = Orion
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer 3.72
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/16/2010 10:07:12 PM | Computer Name = tommy-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x8007041D

Error - 8/17/2010 3:00:13 PM | Computer Name = tommy-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/20/2010 1:55:36 PM | Computer Name = tommy-PC | Source = System Restore | ID = 8209
Description =

Error - 8/20/2010 2:37:11 PM | Computer Name = tommy-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x8007041D

Error - 8/20/2010 2:38:24 PM | Computer Name = tommy-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 8/20/2010 2:38:35 PM | Computer Name = tommy-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 8/20/2010 2:38:38 PM | Computer Name = tommy-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 8/20/2010 2:53:16 PM | Computer Name = tommy-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x8007041D

Error - 8/22/2010 8:13:27 PM | Computer Name = tommy-PC | Source = Perflib | ID = 1010
Description =

Error - 8/22/2010 8:20:39 PM | Computer Name = tommy-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x8007041D

[ System Events ]
Error - 7/27/2010 11:44:26 PM | Computer Name = tommy-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
14, function 0. Please contact your system vendor for technical assistance.

Error - 7/27/2010 11:44:26 PM | Computer Name = tommy-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
12, function 0. Please contact your system vendor for technical assistance.

Error - 7/27/2010 11:44:46 PM | Computer Name = tommy-PC | Source = Microsoft-Windows-Kernel-WHEA | ID = 6
Description =

Error - 7/28/2010 12:58:25 AM | Computer Name = tommy-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:56:02 AM on 7/28/2010 was unexpected.

Error - 7/28/2010 12:59:15 AM | Computer Name = tommy-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
APPACHE's Avatar
APPACHE APPACHE is offline
Computer Specs
Member with 71 posts.
THREAD STARTER
 
Join Date: Jul 2010
Experience: Beginner
25-Aug-2010, 03:09 AM #11
i got one posted the other one must be to big so i zipped it thank you
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,306 posts.
 
Join Date: Mar 2001
Location: Bradford, England
26-Aug-2010, 01:00 PM #12
Thanks, will look at them now
eddie5659's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 28,306 posts.
 
Join Date: Mar 2001
Location: Bradford, England
26-Aug-2010, 01:28 PM #13
Please run OTL.exe
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code:
    :OTL
    [2010/08/11 08:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
    [2010/08/09 17:46:33 | 000,000,000 | ---D | C] -- C:\Users\tommy\AppData\Roaming\IObit
    [2010/08/09 17:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
    :Commands
    [purity]
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.

eddie
APPACHE's Avatar
APPACHE APPACHE is offline
Computer Specs
Member with 71 posts.
THREAD STARTER
 
Join Date: Jul 2010
Experience: Beginner
30-Aug-2010, 11:56 AM #14
will do,sorry I didn't get a e-mail that you responded to the thread..will do at lunch ty
APPACHE's Avatar
APPACHE APPACHE is offline
Computer Specs
Member with 71 posts.
THREAD STARTER
 
Join Date: Jul 2010
Experience: Beginner
30-Aug-2010, 12:55 PM #15
All processes killed
========== OTL ==========
C:\ProgramData\IObit\Advanced SystemCare folder moved successfully.
C:\ProgramData\IObit folder moved successfully.
C:\Users\tommy\AppData\Roaming\IObit\Advanced SystemCare\Backup\Registry folder moved successfully.
C:\Users\tommy\AppData\Roaming\IObit\Advanced SystemCare\Backup folder moved successfully.
C:\Users\tommy\AppData\Roaming\IObit\Advanced SystemCare folder moved successfully.
C:\Users\tommy\AppData\Roaming\IObit folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\Update folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\Skin\White folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\Skin\Black folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\Skin folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\News\Css folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\News folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\Language folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\Images folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3\Backup folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 3 folder moved successfully.
C:\Program Files\IObit folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: tommy
->Temp folder emptied: 39178181 bytes
->Temporary Internet Files folder emptied: 12038697 bytes
->Flash cache emptied: 1416 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65025 bytes
RecycleBin emptied: 3346624 bytes

Total Files Cleaned = 52.00 mb


OTL by OldTimer - Version 3.2.11.0 log created on 08302010_124213
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


Similar Threads
Title Thread Starter Forum Replies Last Post
Very slow start up and shut down zoecat601 Virus & Other Malware Removal 55 15-Aug-2009 03:00 PM
Computer Really slow starting up and shutting down.... lost in NB Hardware 6 17-May-2007 01:28 PM
really slow start up and shut down gopherfan Virus & Other Malware Removal 17 07-Mar-2006 12:11 PM
Slow start up and shut down dago52 Windows XP 27 26-Jan-2005 08:16 PM
slow start up and shut down wdisneymom Windows XP 2 15-Aug-2004 05:30 PM

WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑