How to remove Adware Generic5.CDUL from Laptop

[joeponcho]

Hello, I have an Acer Aspire 5536 Laptop with an AMD Athlon Processor QL-64 2.1 GHz. It has 3.00 GB of RAM, it’s a 32 bit system and it’s running Vista Home Premium w/ Service Pack 2. The antivirus is AVG Free and it’s detecting a virus called “Adware Generic5.CDUL” and the result shows this: “Forced Removal can cause system unstability or even crash” when I try to use System Restore, the most recent option for a restore point is Oct 2014. I’ve tried numerous restore points and none have removed the virus. How can I remove it without downloading a “Cleaner” and risking another virus?
Thanks for any info…

 

[askey127]

Hi joeponcho,
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL

• Right click the OTL icon and choose "Run as administrator".
• Check the boxes labeled :
  • Scan All Users
  • LOP check
  • Purity check
  • Extra Registry > Use SafeList
• Make sure all other windows are closed to let it run uninterrupted.
• Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so.
  When the scan starts, OTL may appear to be frozen while it runs. Please be patient.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
OTL.txt will be open on your desktop, and Extras.txt will be minimized in your taskbar.
The Extras.txt file will only appear as a running Notepad document the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

-------------------------------------------------------------
AdwCleaner Download and Run

Download AdwCleaner and save it to your desktop or somewhere you can find it.
Take care NOT to click on any ad, like from PC Optimizer Pro. The correct link is the button labeled "Download from Bleeping Computer".
NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below. Click on the Scan button (as indicated), accept any prompts that appear and allow it to run.
It may take several minutes to complete.
When it is done, click on the Clean button, accept any prompts that appear and allow the system to Reboot.
You will then be presented with the report. Copy & Paste it into a reply here.


If you lose track of the log, it is saved in this folder C:\AdwCleaner\
The filename will be adwcleaner[xx].txt where [xx] will be S1, or S2, etc. whichever filename is newest.

so we will be looking for the two logs from OTL, and the results log from AdwCleaner.

When you post the logs, make sure the Notepad's Format > wordwrap is turned OFF (shows unchecked).
askey127

 

[joeponcho]

Is this a SAFE download? I am always leary of downloading some unknown "Cleaner" to remove something else and risking another virus...

 

[joeponcho]

...Also, would it be smarter for me to just upgrade it to Windows 7? I have the Upgrade disc. Or would I still need to remove the virus prior to upgrading to Windows 7?


Thanks...

 

[askey127]

joeponcho,
First of all, this is NOT a virus. It is adware.
It is a nuisance, especially if AVG keeps bugging you about it.
I will never ask you to do anything dangerous.

I really do know what I am doing. I am a retired Electronics engineer.
I have specialized in this kind of work for ten years
As soon as I figure out your capability, and convince you to do exactly as I say, I will provide lots more information, and clean out anything else undesirable that may be on your machine.
I will also give you the Safe tools you need to keep your machine running.

You can upgrade to Windows 7 anytime you want. You do have more time before you need to decide.

askey127

 

[joeponcho]

Thanks Askey127, so I'm going to try this instead of loading Windows 7. I'll post my results when I'm done...

 

[joeponcho]

OTL Extras logfile created on: 2/27/2015 8:50:31 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 51.88% Memory free
5.72 Gb Paging File | 4.56 Gb Available in Paging File | 79.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.32 Gb Total Space | 145.57 Gb Free Space | 50.49% Space Free | Partition Type: NTFS
Drive E: | 149.01 Gb Total Space | 122.13 Gb Free Space | 81.96% Space Free | Partition Type: FAT32

Computer Name: JACKIE-PC | User Name: Jackie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-3660296209-2728650480-3079945215-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{29E348E6-987B-4174-9087-9C70EE52F196}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{E1CC233F-80E1-4E1D-BCB6-3F7C838F0AB3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F62C67E0-18D8-449A-9C4F-00C6E38DDEAE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0308FB51-0D4B-460A-8FA4-05527E5F5EC4}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{112B259C-9434-45C7-9831-2EE92076B998}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{1475D31B-AD99-457C-AA97-B6E6B878721E}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{15F88A1E-B5DC-43C5-AFDB-83D7F71A1DEE}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{3C7C5271-3726-4D28-87CE-152E99014617}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{4F5D95F4-2F1D-4647-8830-1B823F9B6B59}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |
"{6147FCD7-F165-4967-956E-3B38A2762818}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6742DEC5-C672-4BDF-AD34-E55572994153}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |
"{689B8F85-04FF-46A6-9E46-E3586AADDC38}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{6FBB9ED3-6CB6-47B3-BAAD-D9FC4F84AF14}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8529785E-93E9-420A-BBA7-7B6D22603404}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{A56EAECD-499F-42D0-A451-6600D25F2460}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{BE764536-9AB6-47D4-B5FD-5860ABEDAC65}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C01A15CC-A4D2-4BD3-92B9-3A907BACE569}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |
"{C986C4D5-0C46-45E1-8ECC-E665008B0E04}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{CC1DB1C1-4895-4102-9735-7A63DA7FD3FA}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{D427431C-2A40-4DD7-A982-5886AAE74F37}" = dir=in | app=c:\program files\avg\avg9\avgemc.exe |
"{D9625055-87EE-4C09-9690-461BF1B4D7B5}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{DDEE89B3-E61D-4B2B-A933-8C556112CD4C}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |
"{E9BB18D9-9C9D-45DB-859C-D461C4342C2C}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{EA386C7F-3616-412E-8EC6-95581847C0C5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F0E2E7D4-5EC7-49D3-A633-A2E163AA1B4F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F59F9F8F-8161-4E49-BC17-95902359CDA3}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{00ADB33F-DE41-4955-88CC-9BE46DF05540}" = Woodville
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{05B50E2F-B8F9-4624-993D-03FBE7824031}" = Mysteryville 2
"{082A23EF-AE72-4182-B1B4-4D04B2B5B3B4}" = Green Moon
"{082EF4D3-37D3-2ABE-8108-95B605157DBC}" = Catalyst Control Center Localization All
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0BE0D608-87C7-46A8-90A8-CD4C7D9959C3}" = The Magicians Handbook Cursed Valley
"{0CC04407-93DB-438C-B99F-FA1BF2D50472}" = Ancient Mysteries
"{10967295-9086-49AA-BEEB-3B25DA63B82D}_is1" = Animal Agents
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1F727AEE-3992-AAD9-E8A7-560BF4F92999}" = CCC Help Chinese Standard
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{2699A10A-73DC-467C-BDC7-3E388D64D194}" = SCREENSEVEN GAME CENTER
"{27FEB834-4E59-42AC-BBE9-69B875E78A96}" = Elizabeth Find M.D.
"{29E35F4E-2D81-499A-AB12-8AE4260FD6CD}_is1" = Mystery Stories - Island of Hope
"{2B5E94C5-C238-4C33-B6FB-6F86A8103120}" = Lost in Reefs
"{312101DF-074B-4EE2-B019-1F98C16F30B7}" = Mystery 5 in 1 Collection
"{31AC282F-3EF7-B239-9BBA-DB606B248F2A}" = CCC Help Spanish
"{33FA7D12-4740-D665-D17C-F5F25EA6EEA6}" = CCC Help Portuguese
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E05F9AE-738E-4C9F-A191-11E6B78A0E72}" = Mahjongg Investigations
"{3F5677C0-9871-0BEF-12DD-9E157C1ABA2E}" = CCC Help Dutch
"{42E711AD-C2DE-44AF-92CB-44AA0B140154}" = Cradle of Egypt
"{45EC6569-4EDA-4FEB-8C70-6359D600ABFA}_is1" = Voodoo chronicles - First sign version 1.0
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4AEAC717-86F8-DE21-3933-8E4377797AEF}" = CCC Help Japanese
"{4D258120-7C75-47C1-BACF-CE0780030994}" = JeweliX
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{52BF91FE-7B2F-E26C-7A78-42C056B4461C}" = ccc-utility
"{55CBE273-CFF8-4779-83B5-6545E2CC728B}" = Wizard Land
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5BF3F950-BDAF-C801-0BE4-6319CB412F9D}" = Catalyst Control Center InstallProxy
"{5FC61CFC-1CAA-7650-2755-721FFD78F8D4}" = CCC Help Swedish
"{61C770D4-6F09-52EA-5C84-FF58F324B62B}" = CCC Help Czech
"{63617A9B-A0EE-319B-2478-16CCDA8C945C}" = Catalyst Control Center Graphics Light
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{65EBA8F2-A7A0-E1A8-0986-BADCE1694362}" = Catalyst Control Center Core Implementation
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{69567CE7-08A6-F984-3BA1-9AE068EC7AAF}" = ATI Catalyst Install Manager
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6D9D1582-2E8C-491B-C337-63B6810A4426}" = CCC Help Finnish
"{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{77411C79-3B2E-342F-D803-AB964746CE1D}" = CCC Help Italian
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7A745642-3020-E403-B67A-C19BF008687A}" = CCC Help Turkish
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623}" = Tradewinds 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{877D85BD-71AA-4BC0-5314-03B8D15F95A9}" = Catalyst Control Center Graphics Full Existing
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90EC11E4-854E-4C0F-9B4C-76D6C7CF7C68}" = Linksys WUSB600N Dual-Band Wireless-N USB Network Adapter
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92ABBA93-EE00-41C7-8D44-67D0C9DEF51E}" = Catalyst Control Center - Branding
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1764486-0A89-4E84-98B7-79166AD1C558}" = Deadtime Stories
"{A2500B66-24D0-47AC-B98F-5C1DF9131433}" = Cradle Of Rome 2
"{A301896D-9F55-4492-B518-30EAC4C723E1}" = Super Collapse!
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A5AC5F3C-9C4B-136A-5A21-5ADFF12B9657}" = ccc-core-static
"{A6F8719C-479C-4656-BFF7-393584B2034A}" = CCC Help German
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.12)
"{B197EDA3-A786-4C94-A62F-BC2F3F792EFC}" = My Kindom for the Princess III
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B6D73C82-714E-1E99-2A85-43E649F51F18}" = Catalyst Control Center Graphics Full New
"{B7AEB2FB-B192-4499-A417-6046E302B8D5}" = Dream Chronicles Bundle
"{B7C690A8-80D8-D09B-B35F-1201AA6B6FDE}" = CCC Help French
"{B8BE463A-E21C-8E7E-399D-CC9724283682}" = CCC Help Polish
"{B9587DFD-225C-1B2B-4FA1-E27768140EFC}" = CCC Help Russian
"{BB50C649-9BB5-BF21-E8C1-0CFFE263C866}" = CCC Help Chinese Traditional
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C897FCB3-2F8B-4185-8035-79E2AF3A92A4}" = iTunes
"{CBD9E015-4A3C-A3DF-6FCF-C636251DF0C8}" = CCC Help Greek
"{CDCE9215-CFB4-45A2-B4E1-7B95F87B0416}" = Age of Enigma
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.74.216
"{D0F0DEFD-538E-8B1C-A2B7-12FB5135BA21}" = CCC Help Danish
"{D6E5E642-5975-C402-5EDC-181E0AAD10ED}" = CCC Help Korean
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E12E7096-E796-BB35-02BD-C7720978E481}" = CCC Help English
"{E48A7361-D746-8706-5221-F49A207A6DD8}" = CCC Help Thai
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{ECF195B6-D7F0-B206-7A04-9F83284E9412}" = CCC Help Hungarian
"{EE0A7F6F-A78F-4699-BD98-F744153DBF8C}" = Film Fatale: Lights, Camera, Madness
"{F05F99D8-BFEB-448C-B9B6-5842BE15B047}_is1" = Mystery Stories - Berlin Nights
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F571D38D-7B48-4172-85B3-41540FB5492E}" = Cradle Of Rome
"{F640BDC5-EB81-43D7-9816-BBA5F0C6919B}" = Greeting Card Factory Silver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{F7B51165-2226-45D0-8FDF-8DDBD2D8FE11}" = Age of Emerald
"{FCE5B0A4-294E-4653-BB5D-C749F1D1B117}" = World Mosaics 5
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"{FE3455C6-26CE-71F7-FC1B-7405C83451B7}" = CCC Help Norwegian
"20000 Leagues Under the Sea Extended Editionv1.0" = 20000 Leagues Under the Sea Extended Edition
"4 Great Games GOLD1.0" = 4 Great Games GOLD
"9 - The Dark Side Of Notre Dame1.0" = 9 - The Dark Side Of Notre Dame
"9 Clues - The Secret Of Serpent Creek_EN_is1" = 9 Clues - The Secret Of Serpent Creek
"A Wizards Curse1.0" = A Wizards Curse
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Alabama Smith in Escape from Pompeii" = Alabama Smith in Escape from Pompeii
"Alabama Smith in the Quest of Fate" = Alabama Smith in the Quest of Fate
"Aladin and the Enchanted Lamp Extended Editionv1.0" = Aladin and the Enchanted Lamp Extended Edition
"Amanda Rose: The Game of Time" = Amanda Rose: The Game of Time
"Amazing Adventures Around the World" = Amazing Adventures Around the World
"Amazing Adventures The Caribbean Secret" = Amazing Adventures The Caribbean Secret
"Amazing Adventures The Forgotten Dynasty" = Amazing Adventures The Forgotten Dynasty
"Amazing Adventures The Lost Tomb 1.0.0.5" = Amazing Adventures The Lost Tomb 1.0.0.5
"Ancient_0" = Ancient Secrets
"Antique Road Trip 2 - Homecoming" = Antique Road Trip 2 - Homecoming
"Antique Road Trip USA" = Antique Road Trip USA
"Around the World in 80 Days Extended Editionv1.0" = Around the World in 80 Days Extended Edition
"Ashley Clark. Secret of the Ruby 1.0" = Ashley Clark. Secret of the Ruby 1.0
"AVG9Uninstall" = AVG Free 9.0
"Azada 4 - Elementa CE1.0" = Azada 4 - Elementa CE
"BD304A0E-8388-0D1D-1B74-E71DCB5B922E" = TheBestDeals
"Bejeweled 31.0" = Bejeweled 3
"BeTrapped!" = BeTrapped!
"BFGC" = Big Fish Games: Game Manager
"BFG-Death at Fairing Point - A Dana Knightstone Novel" = Death at Fairing Point: A Dana Knightstone Novel
"BFG-Death Under Tuscan Skies - A Dana Knightstone Novel Collectors Edition" = Death Under Tuscan Skies: A Dana Knightstone Novel Collectors Edition
"BFG-Haunted Hotel" = Haunted Hotel
"BFG-Haunted Hotel II - Believe the Lies" = Haunted Hotel II: Believe the Lies
"BFG-Mystery Case Files - Shadow Lake Collectors Edition" = Mystery Case Files: Shadow Lake Collectors Edition
"BFG-Mystery Chronicles - Murder Among Friends" = Mystery Chronicles: Murder Among Friends
"BFG-Mystery in London" = Mystery in London
"BFG-Strange Cases - The Tarot Card Mystery" = Strange Cases: The Tarot Card Mystery
"BigFish games Interpol 2 Most Wanted 1.00" = BigFish games Interpol 2 Most Wanted 1.00
"Book Of Legends1.0" = Book Of Legends
"Broken Hearts Bonus Pack1.00" = Broken Hearts Bonus Pack
"Carbonite Setup Lite" = Carbonite Online Backup Setup
"Casebook Episode 0" = Casebook Episode 0
"Casebook Episode I" = Casebook Episode I
"Castle Never Judge a Book by Its Cover 1.00" = Castle Never Judge a Book by Its Cover 1.00
"Cate West - The Vanishing Files" = Cate West - The Vanishing Files
"Cate West - The Velvet Keys" = Cate West - The Velvet Keys
"Cateia_Roses" = Hotel
"Christmas Tales Fellinas Journey 1.00" = Christmas Tales Fellinas Journey 1.00
"Christmas Wonderland 31.0" = Christmas Wonderland 3
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Crime Stories_is1" = Crime Stories
"Destination Treasure Island" = Destination Treasure Island
"Dream Builder - Amusement Park [Updated]1.0" = Dream Builder - Amusement Park [Updated]
"Echoes of Sorrow" = Echoes of Sorrow
"egamestoolbar" = eGames Toolbar
"Elementals - The Magic Key_is1" = Elementals - The Magic Key
"Enchanted Cavern 21.0" = Enchanted Cavern 2
"Escape Whisper Valley" = Escape Whisper Valley
"ffdshow_is1" = ffdshow [rev 2936] [2009-05-03]
"GamesBar" = GamesBar 2.0.1.55
"Ghost Whisperer" = Ghost Whisperer
"Go Go Gourmet Chef of the Year_is1" = Go Go Gourmet Chef of the Year
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Gourmania" = Gourmania
"Grace's Quest: To Catch An Art Thief" = Grace's Quest: To Catch An Art Thief
"Green Ranch1.1" = Green Ranch
"GridVista" = Acer GridVista
"Haunted Halls 4 Nightmare Dwellers1.1" = Haunted Halls 4 Nightmare Dwellers
"Haunted Halls Green Hills Sanitarium Collectors Edition 1.00" = Haunted Halls Green Hills Sanitarium Collectors Edition 1.00
"Haunted Legends 3 - The Undertaker CE1.0" = Haunted Legends 3 - The Undertaker CE
"Haunted Legends The Bronze Horseman Collectors Edition 1.00" = Haunted Legends The Bronze Horseman Collectors Edition 1.00
"Hidden Mysteries - November 1963" = Hidden Mysteries - November 1963
"Hidden Objects Collection" = Hidden Objects Collection
"Hidden Secrets - The Nightmare1.1" = Hidden Secrets - The Nightmare
"Hide and Secret 1" = Hide and Secret 1
"Hide and Secret 2" = Hide and Secret 2
"Hide and Secret 3" = Hide and Secret 3
"Hide and Secret 4" = Hide and Secret 4
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Insider Tales – The stolen Venus" = Insider Tales – The stolen Venus
"Insider Tales: The Secret of Casanova" = Insider Tales: The Secret of Casanova
"Inspector Parker" = Inspector Parker
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{90EC11E4-854E-4C0F-9B4C-76D6C7CF7C68}" = Linksys Dual-Band Wireless-N USB Network Adapter
"Into the Haze" = Into the Haze
"iWinArcade" = iWin Games (remove only)
"Jetsetter 1.00" = Jetsetter 1.00
"Jewel Quest Mysteries: Curse of the Emerald Tear" = Jewel Quest Mysteries: Curse of the Emerald Tear (remove only)
"Jewel Quest Mysteries: Trail of the Midnight Heart" = Jewel Quest Mysteries: Trail of the Midnight Heart (remove only)
"Legends_0" = Legends In Time
"Legends_1" = Legends of the Shadows
"Legends_2" = Legends In Time
"Legends_3" = Legends of Discovery
"LManager" = Launch Manager
"Lost Inca Prophecy 2 - The Hollow Island1.0" = Lost Inca Prophecy 2 - The Hollow Island
"Luxor" = Luxor (remove only)
"Match Quest" = Match Quest 1.0.0.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mind's Eye: Secrets Of The Forgotten" = Mind's Eye: Secrets Of The Forgotten
"Monster Quest" = Monster Quest
"Murder, She Wrote" = Murder, She Wrote
"Mysteries of Horus" = Mysteries of Horus
"Mysterious City Cairo" = Mysterious City Cairo (remove only)
"Mystery Cookbook" = Mystery Cookbook
"Mystery Cruise" = Mystery Cruise
"Mystery of Mortlake Mansion_is1" = Mystery of Mortlake Mansion
"Mystery P.I. - Stolen in San Francisco" = Mystery P.I. - Stolen in San Francisco
"Mystery P.I. - The Curious Case of Counterfeit Cove" = Mystery P.I. - The Curious Case of Counterfeit Cove
"Natalie Brooks - Mystery at Hillcrest High" = Natalie Brooks - Mystery at Hillcrest High
"Natalie Brooks - Secrets of Treasure House" = Natalie Brooks - Secrets of Treasure House
"Natalie Brooks - The Treasures of the Lost Kingdom" = Natalie Brooks - The Treasures of the Lost Kingdom
"Neptune's Secret1.0" = Neptune's Secret
"OpenAL" = OpenAL
"Real Crimes - Jack the Ripper_is1" = Real Crimes - Jack the Ripper
"Real Crimes - The Unicorn Killer_is1" = Real Crimes - The Unicorn Killer
"Rhianna Ford and the Da Vinci Letter" = Rhianna Ford and the Da Vinci Letter
"Ricochet Infinity_is1" = Ricochet Infinity
"Ricochet Lost Worlds_is1" = Ricochet Lost Worlds
"Robin Hood" = Robin Hood
"Samantha Swift and the Golden Touch" = Samantha Swift and the Golden Touch
"Samantha Swift and the Hidden Roses of Athena" = Samantha Swift and the Hidden Roses of Athena
"Shutter Island 1.0.0" = Shutter Island
"Slingo Mystery 2" = Slingo Mystery 2 (remove only)
"Slingo Quest Amazon" = Slingo Quest Amazon (remove only)
"Slingo Quest Egypt" = Slingo Quest Egypt (remove only)
"Slingo Supreme" = Slingo Supreme (remove only)
"Special Enquiry Detail" = Special Enquiry Detail
"Surround MP4 Tool" = Surround MP4 Tool 3.4.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TCoS - Romeo and Juliet" = The Chronicles of Shakespeare - Romeo and Juliet
"The Lost Cases of 221B Baker St" = The Lost Cases of 221B Baker St
"The Mysterious City Golden Prague" = The Mysterious City Golden Prague (remove only)
"The Three Musketeers Extended Editionv1.0" = The Three Musketeers Extended Edition
"The Treasures of Mystery Island: The Gates of Fate" = The Treasures of Mystery Island: The Gates of Fate
"Treasure Island Extended Editionv1.0" = Treasure Island Extended Edition
"Treasure Masters, Inc." = Treasure Masters, Inc.
"Twisted - A Haunted Carol1.0" = Twisted - A Haunted Carol
"Undercover PI" = Undercover PI
"Untold Secrets" = Untold Secrets 1.0.0.1
"Viking Saga1.0" = Viking Saga
"VIVAGplayer" = VIVA MEDIA GAME CENTER
"vue MP4 PLAYER_is1" = Uninstall vue MP4 PLAYER
"WinLiveSuite_Wave3" = Windows Live Essentials
"Womens Murder Club - Death in Scarlet_is1" = Womens Murder Club - Death in Scarlet
"Women's Murder Club A Darker Shade of Grey_is1" = Women's Murder Club A Darker Shade of Grey
"wp-adinject-adk" = Web Protect for Windows

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3660296209-2728650480-3079945215-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dr. Jekyll & Mr. Hyde - The Strange Case" = Dr. Jekyll & Mr. Hyde - The Strange Case
"Enlightenus - The Dark Side" = Enlightenus - The Dark Side
"Forgotten Riddles - The Mayan Princess" = Forgotten Riddles - The Mayan Princess (remove only)
"Frankenstein - The Dismembered Bride" = Frankenstein - The Dismembered Bride
"Jack the Ripper - Letters from Hell" = Jack the Ripper - Letters from Hell
"Mystery Masterpiece - The Moonstone" = Mystery Masterpiece - The Moonstone
"Nightfall Mysteries - Asylum Conspiracy" = Nightfall Mysteries - Asylum Conspiracy
"Nightfall Mysteries - The Curse of the Opera" = Nightfall Mysteries - The Curse of the Opera
"Public Enemies - Bonnie and Clyde" = Public Enemies - Bonnie and Clyde
"The Lost Inca Prophecy" = The Lost Inca Prophecy
"The Mystery of the Crystal Portal 2" = The Mystery of the Crystal Portal 2
"Time Machine - Trapped in Time" = Time Machine - Trapped in Time
"Travelogue 360 - Paris" = Travelogue 360 - Paris (remove only)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/20/2013 4:58:16 PM | Computer Name = Jackie-PC | Source = EventSystem | ID = 4621
Description =

Error - 1/20/2013 8:01:31 PM | Computer Name = Jackie-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/20/2013 9:27:02 PM | Computer Name = Jackie-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/21/2013 2:38:43 PM | Computer Name = Jackie-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/21/2013 11:06:08 PM | Computer Name = Jackie-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/22/2013 11:28:15 PM | Computer Name = Jackie-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/23/2013 10:31:50 PM | Computer Name = Jackie-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/24/2013 10:26:46 PM | Computer Name = Jackie-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/26/2013 9:48:36 PM | Computer Name = Jackie-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/26/2013 9:51:08 PM | Computer Name = Jackie-PC | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 2/26/2015 10:10:44 PM | Computer Name = Jackie-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2/26/2015 10:13:14 PM | Computer Name = Jackie-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2/26/2015 10:14:58 PM | Computer Name = Jackie-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 2/27/2015 8:58:45 AM | Computer Name = Jackie-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:29:07 PM on 2/26/2015 was unexpected.

Error - 2/27/2015 9:00:12 AM | Computer Name = Jackie-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/27/2015 9:00:12 AM | Computer Name = Jackie-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 2/27/2015 9:00:12 AM | Computer Name = Jackie-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/27/2015 9:00:12 AM | Computer Name = Jackie-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2/27/2015 9:02:29 AM | Computer Name = Jackie-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2/27/2015 9:05:37 AM | Computer Name = Jackie-PC | Source = Service Control Manager | ID = 7034
Description =


< End of report >

 

[joeponcho]

OTL logfile created on: 2/27/2015 8:50:31 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 51.88% Memory free
5.72 Gb Paging File | 4.56 Gb Available in Paging File | 79.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.32 Gb Total Space | 145.57 Gb Free Space | 50.49% Space Free | Partition Type: NTFS
Drive E: | 149.01 Gb Total Space | 122.13 Gb Free Space | 81.96% Space Free | Partition Type: FAT32

Computer Name: JACKIE-PC | User Name: Jackie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015/02/27 08:28:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2014/09/04 07:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/09/02 14:55:28 | 000,487,483 | ---- | M] () -- C:\monitor.exe
PRC - [2014/03/22 17:58:32 | 002,077,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2012/02/28 16:39:02 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2012/02/28 16:39:02 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2012/02/28 16:38:59 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2012/02/28 16:38:56 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2012/02/28 16:38:55 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2012/02/28 16:38:55 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/05/31 08:22:36 | 000,568,312 | ---- | M] (Oberon Media ) -- C:\Program Files\GamesBar\SearchEngineProtection.exe
PRC - [2009/12/08 18:37:24 | 000,003,072 | ---- | M] () -- C:\Program Files\MT288B\chk_mt288b.exe
PRC - [2009/09/13 00:11:46 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Jackie\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2009/07/09 15:21:14 | 000,078,104 | ---- | M] (iWin Inc.) -- C:\Program Files\iWin Games\iWinTrusted.exe
PRC - [2009/06/07 20:02:02 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2009/04/10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/01 23:06:08 | 000,249,600 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009/04/01 23:06:02 | 000,054,528 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/02/18 22:42:50 | 000,866,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2009/02/06 14:07:08 | 000,686,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2009/02/06 14:07:06 | 000,653,856 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2009/01/21 02:41:24 | 000,202,024 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2009/01/21 02:41:18 | 000,156,968 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008/12/26 19:30:58 | 000,173,288 | ---- | M] (Acer Corp.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2008/12/18 15:51:34 | 000,075,048 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008/10/27 17:09:16 | 000,199,464 | ---- | M] (EgisTec Inc.) -- C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2008/10/27 14:05:28 | 000,306,736 | ---- | M] (EgisTec Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
PRC - [2008/10/27 14:05:24 | 000,346,672 | ---- | M] (EgisTec Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe


========== Modules (No Company Name) ==========

MOD - [2014/03/22 20:56:03 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5b0159d1e1269d2da867b576bd6359d5\Accessibility.ni.dll
MOD - [2014/03/22 20:56:01 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b0be4ac8da47fbf783dabd1505e6c55e\System.Windows.Forms.ni.dll
MOD - [2014/03/22 20:55:28 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\07e39e61fd6133a92333a2c98f2ffeb7\System.Drawing.ni.dll
MOD - [2014/03/22 20:55:09 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49431ce6d568de0bafdb1b25d3942723\System.Xml.ni.dll
MOD - [2014/03/22 20:55:00 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\207b1e1e2254c7a308efe4f903e52ce2\System.Configuration.ni.dll
MOD - [2014/03/22 20:54:11 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\34942db56010e4225825bfae8a27559f\System.ni.dll
MOD - [2014/03/22 20:51:47 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3aac7b97549d4ccf0c7dca3d1777f9b4\mscorlib.ni.dll
MOD - [2009/12/08 18:37:24 | 000,003,072 | ---- | M] () -- C:\Program Files\MT288B\chk_mt288b.exe
MOD - [2009/11/03 18:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/06/07 20:02:02 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/06/07 19:54:42 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3364.37101__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009/06/07 19:54:42 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3364.37179__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009/06/07 19:54:42 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3364.37083__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009/06/07 19:54:42 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3364.37103__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009/06/07 19:54:42 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3364.37160__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009/06/07 19:54:42 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3364.37091__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009/06/07 19:54:42 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3364.37141__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009/06/07 19:54:42 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3364.37097__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009/06/07 19:54:42 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3364.37128__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009/06/07 19:54:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3364.37092__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009/06/07 19:54:41 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3364.37146__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009/06/07 19:54:41 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3364.37179__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2009/06/07 19:54:41 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3364.37180__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009/06/07 19:54:41 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3364.37147__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009/06/07 19:54:41 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3364.37146__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009/06/07 19:54:41 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3364.37178__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2009/06/07 19:54:40 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3364.37130__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009/06/07 19:54:40 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3364.37092__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009/06/07 19:54:40 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3364.37104__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009/06/07 19:54:40 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3364.37124__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009/06/07 19:54:40 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3364.37129__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009/06/07 19:54:40 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3364.37155__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009/06/07 19:54:40 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3364.37140__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2009/06/07 19:54:40 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3364.37108__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2009/06/07 19:54:40 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3364.37103__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009/06/07 19:54:40 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3364.37139__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009/06/07 19:54:40 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3364.37129__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009/06/07 19:54:40 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3364.37128__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009/06/07 19:54:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3364.37107__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009/06/07 19:54:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3364.37129__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009/06/07 19:54:40 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3364.37138__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009/06/07 19:54:40 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3364.37140__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009/06/07 19:54:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009/06/07 19:54:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009/06/07 19:54:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009/06/07 19:54:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009/06/07 19:54:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009/06/07 19:54:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009/06/07 19:54:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009/06/07 19:54:40 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009/06/07 19:54:39 | 000,503,808 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3364.37207__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2009/06/07 19:54:39 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009/06/07 19:54:39 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009/06/07 19:54:39 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3364.37188__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009/06/07 19:54:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009/06/07 19:54:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009/06/07 19:54:39 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009/06/07 19:54:39 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009/06/07 19:54:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009/06/07 19:54:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009/06/07 19:54:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MOD - [2009/06/07 19:54:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009/06/07 19:54:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009/06/07 19:54:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009/06/07 19:54:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009/06/07 19:54:39 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009/06/07 19:54:39 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009/06/07 19:54:39 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3364.37078__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009/06/07 19:54:38 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3364.37087__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009/06/07 19:54:38 | 000,544,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3364.37168__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009/06/07 19:54:38 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3364.37097__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009/06/07 19:54:38 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3364.37174__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009/06/07 19:54:38 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3364.37080__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009/06/07 19:54:38 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3364.37081__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009/06/07 19:54:38 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3364.37172__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009/06/07 19:54:38 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3364.37080__90ba9c70f846762e\APM.Server.dll
MOD - [2009/06/07 19:54:38 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3364.37082__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009/06/07 19:54:38 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009/06/07 19:54:38 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3364.37079__90ba9c70f846762e\AEM.Server.dll
MOD - [2009/06/07 19:54:38 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009/06/07 19:54:38 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009/06/07 19:54:38 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009/06/07 19:54:38 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009/06/07 19:54:38 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3364.37173__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009/06/07 19:54:38 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009/06/07 19:54:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009/06/07 19:54:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009/06/07 19:54:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009/06/07 19:54:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009/03/29 20:42:20 | 005,242,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2009/03/29 20:42:20 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009/03/18 22:16:10 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2009/02/02 19:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2009/01/26 16:56:58 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009/01/21 02:41:26 | 000,872,448 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/01/21 02:41:22 | 000,007,680 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
MOD - [2003/06/07 16:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll


========== Services (SafeList) ==========

SRV - [2014/09/04 07:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/09/02 14:55:26 | 000,034,244 | ---- | M] () [Auto | Stopped] -- C:\monitorsvc.exe -- (ProtectMonitor)
SRV - [2014/09/01 13:26:50 | 001,317,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Web Protect\MyOSProtect.exe -- (MyOSProtect)
SRV - [2012/02/28 16:38:59 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2012/02/28 16:38:56 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2009/07/09 15:21:14 | 000,078,104 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2009/04/01 23:06:02 | 000,054,528 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/02/06 14:07:06 | 000,653,856 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009/01/16 13:53:30 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\XAudio32.dll -- (HsfXAudioService)
SRV - [2008/12/18 15:51:34 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008/10/27 14:05:28 | 000,306,736 | ---- | M] () [Auto | Running] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2014/09/01 13:29:16 | 000,019,840 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\pcwatch.sys -- (pcwatch)
DRV - [2014/03/22 17:58:18 | 000,226,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2012/02/28 16:39:03 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2012/02/28 16:39:02 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/04/16 21:41:43 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/04/16 21:41:13 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/03/18 23:06:28 | 004,386,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/02/20 21:10:00 | 000,153,952 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2009/01/16 13:53:32 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio32.sys -- (XAudio)
DRV - [2008/12/29 17:57:56 | 000,952,832 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/10/09 18:47:12 | 000,059,952 | ---- | M] (Egis Incorporated.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2008/10/09 18:47:12 | 000,019,504 | ---- | M] (Egis Incorporated.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [2008/10/09 18:47:12 | 000,016,432 | ---- | M] (Egis Incorporated.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2008/10/03 12:08:52 | 000,183,312 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008/09/03 23:12:56 | 000,223,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2008/05/28 19:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2008/04/28 09:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2007/12/14 05:16:34 | 000,570,880 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vp32&d=0609&m=aspire_5536
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vp32&d=0609&m=aspire_5536
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?source...nputEncoding}&oe={outputEncoding}&rlz=1I7ACAW


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=2&o=vp32&d=0609&m=aspire_5536
IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://snt146.mail.live.com/m/?id=64855&rru=inbox
IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\..\SearchScopes,DefaultScope = {36377DD7-B3EB-42f5-986F-680BAF59BA9D}
IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://mumbojumbo.start.iplay.com/searchresults.aspx?o=chrome&q={searchTerms}
IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?source...tEncoding}&oe={outputEncoding}&rlz=1I7ACAW_en
IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=INCpbo6vDbnljMIx618OQVWCcmo?q={searchTerms}
IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\..\SearchScopes\{8E02D41C-5924-4816-9490-33CCD28BEB72}: "URL" = http://search.yahoo.com/search?ei=ISO-8859-1&fr=chr-vmn&type=egames3_0yach&q={searchTerms}
IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:13896;https=127.0.0.1:13896


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{DBF02184-BE37-AA2C-02D9-AD2E681B62D4}: C:\Program Files\ver3TheBestDeals\179.xpi [2014/09/27 20:25:36 | 000,009,825 | ---- | M] ()


========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Jackie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Jackie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (eGames Toolbar) - {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - C:\Program Files\egamestoolbar\egamestoolbar.dll ()
O2 - BHO: (TheBestDeals) - {589547E8-2766-A93A-7F9F-9108E4F3E213} - C:\Program Files\ver3TheBestDeals\179.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (IEHlprObj Class) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files\iWin Games\iWinGamesHookIE.dll (iWin Inc.)
O2 - BHO: (Security Helper {A6BCD8FE-436D-4ad3-A5C5-A3DFCD61568A}) - {A6BCD8FE-436D-4ad3-A5C5-A3DFCD61568A} - C:\Program Files\egamestoolbar\auxi\egamesb.dll (Visicom Media)
O2 - BHO: (GamesBarBHO Class) - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\2.0.1.55\oberontb.dll (Oberon Media Ltd.)
O3 - HKLM\..\Toolbar: (eGames Toolbar) - {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - C:\Program Files\egamestoolbar\egamestoolbar.dll ()
O3 - HKLM\..\Toolbar: (GamesBar) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\2.0.1.55\oberontb.dll (Oberon Media Ltd.)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [chk_mt288b] C:\Program Files\MT288B\chk_mt288b.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (EgisTec Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O4 - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000..\Run: [SearchEngineProtection] C:\Program Files\GamesBar\SearchEngineProtection.exe (Oberon Media )
O4 - Startup: C:\Users\Jackie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Orion.lnk = File not found
O9 - Extra 'Tools' menuitem : GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\MyOSProtect.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\MyOSProtect.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\MyOSProtect.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\MyOSProtect.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\MyOSProtect.dll ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\..Trusted Ranges: GD ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C4308C6-F5AC-4787-8FFD-291DB9F516F9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE94EDF1-DFB8-41FE-8487-377D83788E79}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (c:\progra~1\google\google~1\goec62~1.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jackie\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jackie\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk C:\
O33 - MountPoints2\{3bbc24ea-9eb9-11e2-8fbd-001f169e4239}\Shell - "" = AutoRun
O33 - MountPoints2\{3bbc24ea-9eb9-11e2-8fbd-001f169e4239}\Shell\AutoRun\command - "" = E:\TLBootstrap_WPP.exe
O33 - MountPoints2\{95edce26-77e0-11e3-a92e-001f169e4239}\Shell - "" = AutoRun
O33 - MountPoints2\{95edce26-77e0-11e3-a92e-001f169e4239}\Shell\AutoRun\command - "" = E:\VZW_Software_upgrade_assistant.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015/02/27 08:50:16 | 000,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/02/27 08:50:16 | 000,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/02/27 08:29:21 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/27 07:59:16 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/27 07:59:16 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\TheBestDeals Update.job
[2015/02/27 07:58:58 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015/02/27 07:58:58 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015/02/27 07:58:54 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2015/02/27 07:58:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/02/27 07:58:37 | 2951,069,696 | -HS- | M] () -- C:\hiberfil.sys
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/09/27 20:22:44 | 000,019,840 | ---- | C] () -- C:\Windows\System32\drivers\pcwatch.sys
[2014/09/27 20:22:39 | 000,009,744 | ---- | C] () -- C:\Windows\System32\MyOSProtect.ini
[2014/09/27 20:22:39 | 000,002,312 | ---- | C] () -- C:\Windows\System32\MyOSProtectOff.ini
[2014/09/27 20:22:33 | 000,304,776 | ---- | C] () -- C:\Windows\System32\MyOSProtect.dll
[2014/03/22 18:40:57 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2014/03/22 18:38:51 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/04/09 21:18:49 | 000,018,440 | ---- | C] () -- C:\Users\Jackie\AppData\Local\slot1.mm1
[2010/06/28 21:36:52 | 000,000,680 | ---- | C] () -- C:\Users\Jackie\AppData\Local\d3d9caps.dat
[2010/03/28 18:59:27 | 000,006,144 | ---- | C] () -- C:\Users\Jackie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/12 00:18:21 | 000,000,306 | ---- | C] () -- C:\Users\Jackie\AppData\Roaming\wklnhst.dat

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 11:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009/03/12 08:58:05 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2009/03/12 08:58:05 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2011/06/23 17:27:58 | 000,000,000 | -HSD | M] -- C:\Users\Jackie\AppData\Roaming\.#
[2011/01/14 22:38:14 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\20000Leagues
[2013/06/11 16:21:45 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\4 Friends Games
[2013/07/30 20:30:50 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Absolutist
[2009/09/13 00:10:49 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Acer
[2009/03/12 08:58:05 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Acer GameZone Console
[2010/01/31 22:45:30 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Aisle 5 Games, Inc
[2012/01/14 21:54:13 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Alawar
[2010/12/10 23:26:42 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Alawar Entertainment
[2013/01/27 20:43:46 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\AlawarEntertainment
[2014/03/23 17:29:00 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Argali
[2010/01/10 12:41:42 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Argonyt
[2013/07/08 19:56:05 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Artifex Mundi
[2013/03/04 19:42:57 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\ArtifexMundi
[2012/04/23 17:42:50 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Artogon
[2013/08/03 18:11:23 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Awem
[2012/12/09 23:39:37 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\AzuazGames
[2013/06/13 19:06:46 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Big Fish Games
[2010/03/13 23:19:04 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\BloodTies
[2013/04/08 22:09:44 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Blue Tea Games
[2011/08/11 20:47:30 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Boolat Games
[2014/01/09 21:14:48 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Boomzap
[2014/01/03 21:45:03 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Brabl
[2010/07/01 21:27:34 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\BrokenHearts
[2010/03/20 23:51:57 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\casanova
[2013/11/16 20:38:19 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Casual Box
[2013/12/25 13:43:58 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\casualArts
[2012/06/23 22:54:59 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Cat's Eye Games
[2012/12/30 21:59:13 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\cerasus.media
[2011/01/16 13:27:19 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Column of the Maya
[2013/04/03 19:57:04 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\DarkParablesBriarRoseSE_BFG
[2013/06/05 20:16:08 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Deep Shadows
[2010/06/21 21:49:29 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\eGames
[2013/12/28 17:59:00 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Elephant Games
[2010/03/13 21:37:12 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Enlightenus_Egames
[2013/09/15 19:34:41 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\ERS G-Studio
[2014/06/22 01:14:09 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\ERS Game Studios
[2011/03/28 19:38:53 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Flood Light Games
[2012/05/03 15:17:37 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Floodlight Games
[2010/08/25 20:01:51 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\ForgottenRiddles
[2011/12/20 22:07:21 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Freeze Tag
[2012/12/25 15:38:28 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Friday's games
[2012/04/14 21:52:25 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\funkitron
[2010/02/08 21:43:53 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Gaijin Ent
[2013/03/31 19:12:58 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\GameHouse
[2010/06/04 21:49:16 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\GameMill
[2013/02/17 10:40:02 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\GameMill Entertainment
[2012/02/20 17:39:35 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Gamers Digital
[2012/07/05 14:55:21 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\GamersDigital
[2010/04/18 13:35:34 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Games
[2010/05/12 22:42:57 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\GhostFleet
[2010/06/28 22:05:32 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Go-Go Gourmet Chef of the Year
[2014/01/01 19:29:05 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Gogii
[2010/06/21 20:25:18 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Gogii Games
[2010/04/01 20:05:55 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Gold Casual Games
[2013/05/14 21:47:36 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Green Clover Games
[2013/09/26 17:22:47 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\HdO Adventure
[2012/12/22 16:17:03 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\HSAS
[2011/01/16 13:27:49 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Immortal Lovers
[2011/02/13 20:11:37 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\iWin
[2014/04/26 09:49:30 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Jetsetter
[2009/09/13 00:10:49 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Leadertech
[2012/06/10 18:53:20 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\LegacyInteractive
[2012/12/06 19:01:20 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\margrave3
[2010/07/01 20:43:07 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Meridian93
[2010/07/01 21:08:42 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Merscom
[2011/12/20 22:08:41 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Moonstone Extras
[2011/12/29 23:58:34 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Mystery of Mortlake Mansion
[2010/10/22 20:49:02 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\MysteryStudio
[2010/01/04 21:19:06 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Mysteryville2
[2010/12/31 21:45:22 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Oberon Media
[2013/07/01 20:09:52 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Orneon
[2010/01/04 22:53:53 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Pirateville
[2013/07/26 20:19:17 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\PlayFirst
[2013/10/10 19:51:25 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\PlayPond
[2010/09/10 19:08:55 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\PoBros
[2011/05/27 20:55:25 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\PopCapv1000
[2010/06/02 20:52:38 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\PopCapv1002
[2010/03/01 22:40:27 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\PopCapv1003
[2011/03/27 20:27:22 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\PopCapv1005
[2015/02/23 18:57:11 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\PowerCinema
[2010/05/06 21:01:31 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Princess Isabella
[2011/11/13 20:12:36 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Roaming
[2011/01/16 13:28:35 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Robin Hood
[2010/06/14 21:39:43 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\RobinsonCrusoeOM
[2010/06/03 20:42:21 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\SecretIslandUSA
[2010/08/01 00:19:53 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\SerpentOfIsis
[2013/07/28 14:27:14 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\SMIGames
[2015/02/23 18:57:11 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\SoftDMA
[2013/01/24 21:26:40 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\SpinTop Games
[2010/06/16 16:14:44 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\SprillBermudeEng
[2010/08/03 20:50:38 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\SulusGames
[2014/03/23 17:54:55 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\tabagames
[2014/01/20 22:46:17 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Tap It Games
[2009/09/12 00:21:40 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Template
[2010/04/06 19:14:34 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\TitanicMystery
[2009/11/24 01:09:41 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\TMInc
[2011/06/23 18:30:49 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\TOMI2.THE GATES OF FATE
[2014/01/10 20:45:34 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Top Evidence
[2010/05/28 13:06:54 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\V-Games
[2010/02/19 20:09:48 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Valusoft
[2010/10/25 15:30:34 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\VampireSaga
[2013/02/03 19:34:24 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\VampireSagaHL
[2014/06/11 20:02:30 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Vast Studios
[2014/01/19 20:34:27 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\viking_saga_en
[2012/08/25 21:15:13 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\Viva Media
[2013/02/24 21:54:10 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\YoudaGames
[2009/12/31 00:31:09 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\ZEMNOTT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 192 bytes -> C:\ProgramData\Temp:65C4D44A
@Alternate Data Stream - 188 bytes -> C:\ProgramData\Temp6D084A5
@Alternate Data Stream - 184 bytes -> C:\ProgramData\Temp:BCFEA004
@Alternate Data Stream - 184 bytes -> C:\ProgramData\Temp:87A3A233
@Alternate Data Stream - 183 bytes -> C:\ProgramData\Temp:1A15E356
@Alternate Data Stream - 181 bytes -> C:\ProgramData\Temp:6EE8565A
@Alternate Data Stream - 177 bytes -> C:\ProgramData\Temp:F89F2593
@Alternate Data Stream - 177 bytes -> C:\ProgramData\Temp:CAC06C34
@Alternate Data Stream - 177 bytes -> C:\ProgramData\Temp:627153F1
@Alternate Data Stream - 173 bytes -> C:\ProgramData\Temp:B845F669
@Alternate Data Stream - 173 bytes -> C:\ProgramData\Temp:997DA6D7
@Alternate Data Stream - 173 bytes -> C:\ProgramData\Temp:54380FEC
@Alternate Data Stream - 173 bytes -> C:\ProgramData\Temp:0EC7A545
@Alternate Data Stream - 172 bytes -> C:\ProgramData\Temp48500F8
@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:EEB25EAE
@Alternate Data Stream - 171 bytes -> C:\ProgramData\Temp:E8B61305
@Alternate Data Stream - 170 bytes -> C:\ProgramData\Temp:0F64164E
@Alternate Data Stream - 169 bytes -> C:\ProgramData\Temp:A88BE334
@Alternate Data Stream - 168 bytes -> C:\ProgramData\Temp:8BE7A048
@Alternate Data Stream - 168 bytes -> C:\ProgramData\Temp:5D351BC6
@Alternate Data Stream - 167 bytes -> C:\ProgramData\Temp:BE40C8A2
@Alternate Data Stream - 167 bytes -> C:\ProgramData\Temp:A7DA2BCD
@Alternate Data Stream - 166 bytes -> C:\ProgramData\Temp:FAFEC4B9
@Alternate Data Stream - 165 bytes -> C:\ProgramData\Temp:6CF828C2
@Alternate Data Stream - 163 bytes -> C:\ProgramData\Temp:9F3CEEE6
@Alternate Data Stream - 163 bytes -> C:\ProgramData\Temp:177313FB
@Alternate Data Stream - 161 bytes -> C:\ProgramData\Temp:8E5EA40F
@Alternate Data Stream - 157 bytes -> C:\ProgramData\Temp:FB4262DE
@Alternate Data Stream - 157 bytes -> C:\ProgramData\Temp:1ECED34B
@Alternate Data Stream - 156 bytes -> C:\ProgramData\Temp:B54E4B5A
@Alternate Data Stream - 156 bytes -> C:\ProgramData\Temp:9491C9C7
@Alternate Data Stream - 156 bytes -> C:\ProgramData\Temp:90D89144
@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:AECF4772
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:C22674B6
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:737160C1
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:561B1D2B
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:260575F1
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:FAB64002
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:EDDBC69E
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:E51234A9
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:71612023
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:206470A5
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp31BE97C
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:0AC32449
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:BB24555F
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:B203B914
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:9E22BBE8
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:131C0EE9
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:814B9485
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:E1982A23
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:35759C73
< End of report >

 

[joeponcho]

# AdwCleaner v4.111 - Logfile created 27/02/2015 at 09:26:35
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Local]
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Username : Jackie - JACKIE-PC
# Running from : E:\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : MyOSProtect
[#] Service Deleted : pcwatch
[#] Service Deleted : ProtectMonitor
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\2308189059
Folder Deleted : C:\ProgramData\GamesBar
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWin.com Games
Folder Deleted : C:\Program Files\Convesoft
Folder Deleted : C:\Program Files\GamesBar
Folder Deleted : C:\Program Files\Optimizer Pro
[!] Folder Deleted : C:\Program Files\Web Protect
Folder Deleted : C:\Program Files\iWin.com Games
Folder Deleted : C:\Program Files\ver3TheBestDeals
[!] Folder Deleted : C:\Users\Jackie\AppData\Local\Temp\11351
[!] Folder Deleted : C:\Users\Jackie\AppData\Local\Temp\11353
[!] Folder Deleted : C:\Users\Jackie\AppData\Local\Temp\116
[!] Folder Deleted : C:\Users\Jackie\AppData\Local\Temp\337
Folder Deleted : C:\Users\Jackie\AppData\Local\Temp\Klip Pal
Folder Deleted : C:\Users\Jackie\AppData\Roaming\iWin
Folder Deleted : C:\Users\Jackie\Documents\Optimizer Pro
File Deleted : C:\monitor.exe
File Deleted : C:\monitorsvc.exe
File Deleted : C:\Windows\system32\drivers\pcwatch.sys
File Deleted : C:\Windows\system32\MyOSProtect.dll
File Deleted : C:\Windows\system32\MyOSProtect.ini
File Deleted : C:\Windows\system32\MyOSProtectOff.ini
File Deleted : C:\Users\Jackie\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Jackie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Jackie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Jackie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
File Deleted : C:\Users\Jackie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
File Deleted : C:\Users\Jackie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Deleted : C:\Users\Jackie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage
***** [ Scheduled tasks ] *****
Task Deleted : RunAsStdUser Task
Task Deleted : TheBestDeals Update
***** [ Shortcuts ] *****

***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SearchEngineProtection]
Key Deleted : HKLM\SOFTWARE\Classes\oberontb.band
Key Deleted : HKLM\SOFTWARE\Classes\oberontb.band.1
Key Deleted : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO
Key Deleted : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{589547E8-2766-A93A-7F9F-9108E4F3E213}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD76633E-E50D-4844-9E7F-4DFBC7C18467}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{589547E8-2766-A93A-7F9F-9108E4F3E213}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A93C934-025B-4C3A-B38E-9654A7003239}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{589547E8-2766-A93A-7F9F-9108E4F3E213}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1A93C934-025B-4C3A-B38E-9654A7003239}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
Key Deleted : HKCU\Software\gamesbar
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\WebProtect
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\TheBestDeals
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\gamesbar
Key Deleted : HKLM\SOFTWARE\InstallIQ
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\WebProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gamesbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BD304A0E-8388-0D1D-1B74-E71DCB5B922E
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\gamesbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BD304A0E-8388-0D1D-1B74-E71DCB5B922E
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:13896;hxxps=127.0.0.1:13896
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
***** [ Web browsers ] *****
-\\ Internet Explorer v7.0.6002.18005

-\\ Google Chrome v37.0.2062.124
[C:\Users\Jackie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Jackie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Jackie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.lakeside.com/catalog/search_results.jsp?_dyncharset=ISO-8859-1&question={searchTerms}&_D%3Aquestion=+&%2Fatg%2Fcommerce%2Fsearch%2FRootCategoryConstraint.value=catalog10004&_D%3A%2Fatg%2Fcommerce%2Fsearch%2FRootCategoryConstraint.value=+&%2Fatg%2Fcommerce%2Fsearch%2FSearchablePropertyConstraint.value=LS&_D%3A%2Fatg%2Fcommerce%2Fsearch%2FSearchablePropertyConstraint.value=+&%2Fatg%2Fcommerce%2Fsearch%2Fcatalog%2FQueryFormHandler.searchRequest.docSort=numprop&_D%3A%2Fatg%2Fcommerce%2Fsearch%2Fcatalog%2FQueryFormHandler.searchRequest.docSort=+&%2Fatg%2Fcommerce%2Fsearch%2Fcatalog%2FQueryFormHandler.searchRequest.docSortOrder=ascending&_D%3A%2Fatg%2Fcommerce%2Fsearch%2Fcatalog%2FQueryFormHandler.searchRequest.docSortOrder=+&%2Fatg%2Fcommerce%2Fsearch%2Fcatalog%2FQueryFormHandler.searchRequest.docSortProp=sortOrder&_D%3A%2Fatg%2Fcommerce%2Fsearch%2Fcatalog%2FQueryFormHandler.searchRequest.docSortProp=+&%2Fatg%2Fcommerce%2Fsearch%2Fcatalog%2FQueryFormHandler.search.x=37&%2Fatg%2Fcommerce%2Fsearch%2Fcatalog%2FQueryFormHandler.search.y=7&%2Fatg%2Fcommerce%2Fsearch%2Fcatalog%2FQueryFormHandler.search=search&_D%3A%2Fatg%2Fcommerce%2Fsearch%2Fcatalog%2FQueryFormHandler.search=+&_DARGS=%2Fcommon%2Fincludes%2Finc_header.jsp.basicSearch
*************************
AdwCleaner[R0].txt - [8593 bytes] - [27/02/2015 09:22:44]
AdwCleaner[S0].txt - [8728 bytes] - [27/02/2015 09:26:35]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8787 bytes] ##########

 

[askey127]

joeponcho,
You have a lot of adware on there.
I'm sure much of it has come in with the games, and without notice.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

Adobe Reader X
TheBestDeals
ffdshow
GamesBar 2.0.1.55
Web Protect for Windows

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
--------------------------------------------------------
Download and Install the newest version of Adobe Reader for reading pdf files
There are security vulnerabilities in earlier versions of both Reader and Acrobat Pro. All versions numbered lower than 11.0.10 are vulnerable.
Go HERE to download the Installer AdbeRdr11010_en_US.exe .
Save the file to your desktop and run it to install the latest version of Adobe Reader.
Always be careful to UNCHECK any offer for toolbars, helpers or other "partner" Free programs
After the new Reader is installed, Open Adobe Reader XI, as it is called, and OK the license.
Click on Edit and select Preferences.
On the Left, click on the Javascript category and Uncheck Enable Acrobat Javascript.
Click on the Security (Enhanced) category
Uncheck Automatically trust sites from my Win OS security zones, and under Protected View, click on Files from potentially unsafe locations.
Click on the Trust Manager category and Uncheck Allow opening of non-PDF file attachments with external applications.
Click the OK button
When it asks if you are sure you want to make changes to Advanced Security Preferences, answer Yes.
When it finishes, you can remove the Installer from your desktop.

----------------------------------------------
Perform a Custom Fix with OTL
Right click OTL on your desktop, and choose "Run as administrator" to open it.

• In the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box (Do not include the word "Code"):
  

  :Commands
  [CREATERESTOREPOINT]
  
  :OTL
  SRV - [2014/09/01 13:26:50 | 001,317,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Web Protect\MyOSProtect.exe -- (MyOSProtect)
  IE - HKU\S-1-5-21-3660296209-2728650480-3079945215-1000\..\SearchScopes\{8E02D41C-5924-4816-9490-33CCD28BEB72}: "URL" = http://search.yahoo.com/search?ei=IS...q={searchTerms}
  FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{DBF02184-BE37-AA2C-02D9-AD2E681B62D4}: C:\Program Files\ver3TheBestDeals\179.xpi [2014/09/27 20:25:36 | 000,009,825 | ---- | M] ()
  O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
  O2 - BHO: (TheBestDeals) - {589547E8-2766-A93A-7F9F-9108E4F3E213} - C:\Program Files\ver3TheBestDeals\179.dll File not found
  O2 - BHO: (GamesBarBHO Class) - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\2.0.1.55\oberontb.dll (Oberon Media Ltd.)
  O3 - HKLM\..\Toolbar: (GamesBar) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\2.0.1.55\oberontb.dll (Oberon Media Ltd.)
  O9 - Extra 'Tools' menuitem : GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - Reg Error: Value error. File not found
  [2011/05/27 20:55:25 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\PopCapv1000
  [2010/06/02 20:52:38 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\PopCapv1002
  [2010/03/01 22:40:27 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\PopCapv1003
  [2011/03/27 20:27:22 | 000,000,000 | ---D | M] -- C:\Users\Jackie\AppData\Roaming\PopCapv1005
  
  :Files
  ipconfig /flushdns /c
  
  :Commands
  [emptyjava]
  [emptyflash] 
  [EMPTYTEMP]

• Then click the Run Fix button at the top. DO NOT CLICK Run Scan
• Let the program run unhindered, and click to allow the Reboot when it is done.
  When the computer Reboots, and you start your usual account, a Notepad text file will appear.
• That is the FIX log file. Copy the contents of that file and post it in your next reply.
  It will also be available and named by timestamp here: C:\_OTL\Moved Files\mmddyyyy_hhmmss.log

----------------------------------------------
After posting the Resulting log, Please Rescan as follows:
Open OTL again and click the Quick Scan button. Post the new log it produces, OTL.txt, in a separate reply.

askey127

 

[joeponcho]

I removed Adobe Reader X, ffdshow and Web Protect for Windows but I cannot find TheBestDeals or GamesBar 2.0.1.55. Should I look somewhere else, or should I just do the rest of your plan?

 

[joeponcho]

Also, the laptop wouldn't connect to the internet via wireless router, so I tried using an Ethernet cable but to no avail... Now every time I try to start up the laptop, Windows starts but shuts right down....
Any idea from there? thanks for all your help.....

 

[askey127]

jowponcho,
Nothing from normal Windows Uninstalls should cause any of that.
There may have been some system damage from the nasty adware.
There have been cases where it changed a lot more than the browser.
See if you can get into Safe Mode with Networking this way, and get the machine to run.
-----------------------------------------------------------
Start Your Computer in Safe Mode.
Reboot into Safe Mode by hitting the F8 key repeatedly as the machine boots, until a menu shows up. Choose Safe Mode with Networking from the list.
In some systems, this may be the F5 key, so try that if F8 doesn't work.
No matter what you read on the Internet or elsewhere, DO NOT FORCE A SAFE MODE BOOT BY EDITING MSCONFIG

askey127'

 

[joeponcho]

OK, I'll try that & report back... Thanks

 

[joeponcho]

I can't get connected even in "SAFEMODE." I'm at a loss, normally I use System Restore but it will not work. Any other solutions to getting connected before I resort to loading the Windows 7 Upgrade?