1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Won't restore slow start up and shut down

Discussion in 'Virus & Other Malware Removal' started by APPACHE, Aug 22, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. APPACHE

    APPACHE Thread Starter

    Joined:
    Jul 2, 2010
    Messages:
    71
    This is a acer aspire 4520 with vista windows.it takes along time to start and just about as long to shut down,also my system restore is failing I suspect a virus,but maybe not..I'll leave the answers to you and thank you very much..(y)

    I am getting ready to do the things required will post back.. :)
     
  2. APPACHE

    APPACHE Thread Starter

    Joined:
    Jul 2, 2010
    Messages:
    71
    HijackThis log

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 7:32:49 PM, on 8/22/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18943)
    Boot mode: Normal
    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\RtHDVCpl.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\System32\rundll32.exe
    C:\Users\tommy\AppData\Local\Temp\RtkBtMnt.exe
    C:\Windows\system32\DllHost.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
    O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
    O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
    --
    End of file - 9905 bytes
     
  3. APPACHE

    APPACHE Thread Starter

    Joined:
    Jul 2, 2010
    Messages:
    71
    dds logs


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    DDS (Ver_10-03-17.01)
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 7/25/2010 4:29:20 PM
    System Uptime: 8/22/2010 7:19:42 PM (0 hours ago)
    Motherboard: Acer, Inc. | | Mono
    Processor: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-55 | Socket M2/S1G1 | 1800/133mhz
    ==== Disk Partitions =========================
    C: is FIXED (NTFS) - 51 GiB total, 21.974 GiB free.
    D: is FIXED (NTFS) - 51 GiB total, 45.978 GiB free.
    E: is CDROM ()
    ==== Disabled Device Manager Items =============
    ==== System Restore Points ===================

    ==== Installed Programs ======================
    Acer Arcade Deluxe
    Acer Assist
    Acer Crystal Eye webcam
    Acer eAudio Management
    Acer eDataSecurity Management
    Acer eLock Management
    Acer Empowering Technology
    Acer eNet Management
    Acer ePower Management
    Acer ePresentation Management
    Acer eSettings Management
    Acer GridVista
    Acer Mobility Center Plug-In
    Acer Registration
    Acer ScreenSaver
    Acer Tour
    Activation Assistant for the 2007 Microsoft Office suites
    Adobe Flash Player 10 ActiveX
    Adobe Reader 8.1.0
    Adobe Shockwave Player 11.5
    Advanced SystemCare 3
    Agere Systems HDA Modem
    AppCore
    AV
    Big Kahuna Reef 2
    Bricks of Egypt
    ccCommon
    Dell Driver Download Manager
    Dynasty
    Galapago
    Google Toolbar for Internet Explorer
    Google Update Helper
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Jewel Quest Solitaire
    Junk Mail filter update
    Launch Manager
    LightScribe 1.4.142.1
    LiveUpdate 3.2 (Symantec Corporation)
    LiveUpdate Notice (Symantec Corporation)
    Luxor 2
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office Live Add-in 1.5
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Works
    MSRedist
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Mystery Case Files - Prime Suspects
    Mystery Case Files Ravenhearst
    Norton AntiVirus
    Norton Confidential Browser Component
    Norton Confidential Web Protection Component
    Norton Internet Security
    Norton Internet Security (Symantec Corporation)
    Norton Protection Center
    Norton Security Scan
    NTI Backup NOW! 4.7
    NTI CD & DVD-Maker
    NVIDIA Drivers
    OGA Notifier 2.0.0048.0
    Orion
    PowerProducer 3.72
    Realtek High Definition Audio Driver
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
    Security Update for 2007 Microsoft Office System (KB2277947)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for 2007 Microsoft Office System (KB982312)
    Security Update for 2007 Microsoft Office System (KB982331)
    Security Update for Microsoft Office Excel 2007 (KB982308)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2251419)
    SPBBC 32bit
    Symantec Real Time Storage Protection Component
    SymNet
    Synaptics Pointing Device Driver
    Treasures of the Deep
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Winbond CIR Drivers
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer
    Yahoo! Toolbar
    Zuma Deluxe
    ==== End Of File ===========================



    DDS (Ver_10-03-17.01) - NTFSx86
    Run by tommy at 19:55:33.82 on Sun 08/22/2010
    Internet Explorer: 8.0.6001.18943
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.766.143 [GMT -4:00]
    AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
    SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    SP: Norton Internet Security *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
    FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
    ============== Running Processes ===============
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\agrsmsvc.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
    C:\Acer\Empowering Technology\eNet\eNet Service.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Acer\Mobility Center\MobilityService.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Users\tommy\AppData\Local\Temp\RtkBtMnt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\tommy\Desktop\dds.scr
    ============== Pseudo HJT Report ===============
    uSEARCH PAGE = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
    uSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    mStart Page = hxxp://en.us.acer.yahoo.com
    mDefault_Page_URL = hxxp://en.us.acer.yahoo.com
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: {1e8a6170-7264-4d0f-beae-d42a53123c75} - c:\program files\common files\symantec shared\coshared\browser\1.0\NppBho.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
    BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\windows\system32\ActiveToolBand.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
    TB: Show Norton Toolbar: {90222687-f593-4738-b738-fbee9c7b26df} - c:\program files\common files\symantec shared\coshared\browser\1.0\UIBHO.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
    mRun: [osCheck] "c:\program files\norton internet security\osCheck.exe"
    mRun: [PLFSet] rundll32.exe c:\windows\PLFSet.dll,PLFDefSetting
    mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
    mRun: [Acer Product Registration] "c:\program files\acer registration\ACE1.exe" /startup
    mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    dRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    ============= SERVICES / DRIVERS ===============
    R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\idsdefs\20100811.001\IDSvix86.sys [2010-8-18 281648]
    R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade deluxe\play movie\000.fcl [2010-7-25 13560]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-7-25 102448]
    R3 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2010-7-25 1251720]
    R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-8-3 38448]
    R3 winbondcir;Winbond IR Transceiver;c:\windows\system32\drivers\winbondcir.sys [2007-3-28 43008]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-30 135664]
    S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2010-7-27 21504]
    S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-7-28 54632]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    =============== Created Last 30 ================
    2010-08-22 23:10:06 0 d-----w- c:\program files\Trend Micro
    2010-08-12 04:17:58 2037760 ----a-w- c:\windows\system32\win32k.sys
    2010-08-12 04:17:55 36864 ----a-w- c:\windows\system32\rtutils.dll
    2010-08-12 04:17:46 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-08-12 04:17:45 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-08-12 04:16:58 1248768 ----a-w- c:\windows\system32\msxml3.dll
    2010-08-12 04:16:47 302080 ----a-w- c:\windows\system32\drivers\srv.sys
    2010-08-12 04:16:46 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
    2010-08-12 04:16:36 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2010-08-11 12:44:58 0 d-----w- c:\programdata\IObit
    2010-08-09 21:46:33 0 d-----w- c:\users\tommy\appdata\roaming\IObit
    2010-08-09 21:46:32 0 d-----w- c:\program files\IObit
    2010-08-04 19:54:47 0 d-----w- c:\users\tommy\appdata\roaming\Malwarebytes
    2010-08-04 19:40:10 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-08-04 19:40:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-08-04 19:40:08 0 d-----w- c:\programdata\Malwarebytes
    2010-08-04 19:40:08 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-07-31 20:33:35 0 d-----w- c:\windows\system32\drivers\NSS
    2010-07-31 20:33:35 0 d-----w- c:\program files\Norton Security Scan
    2010-07-31 20:33:30 0 d-----w- c:\programdata\NortonInstaller
    2010-07-31 20:33:29 0 d-----w- c:\program files\NortonInstaller
    2010-07-31 17:32:13 0 d-----w- c:\windows\system32\Adobe
    2010-07-31 03:22:31 0 d-----w- c:\programdata\McAfee
    2010-07-30 23:14:53 0 d-----w- c:\programdata\Citrix
    2010-07-30 23:13:32 0 d-----w- c:\program files\Citrix
    2010-07-30 18:37:58 0 d-----w- c:\programdata\Google
    2010-07-30 15:24:31 0 d-----w- c:\windows\pss
    2010-07-29 06:20:17 0 d-----w- c:\program files\Windows Portable Devices
    2010-07-29 06:19:56 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
    2010-07-29 06:14:33 92672 ----a-w- c:\windows\system32\UIAnimation.dll
    2010-07-29 06:14:32 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
    2010-07-29 06:14:32 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
    2010-07-29 06:12:37 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
    2010-07-29 06:10:04 4096 ----a-w- c:\windows\system32\oleaccrc.dll
    2010-07-29 06:10:03 234496 ----a-w- c:\windows\system32\oleacc.dll
    2010-07-29 06:10:02 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
    2010-07-29 00:19:15 706 ----a-w- c:\windows\system32\drivers\COH_Mon.inf
    2010-07-29 00:19:15 23888 ----a-w- c:\windows\system32\drivers\COH_Mon.sys
    2010-07-29 00:19:15 10537 ----a-w- c:\windows\system32\drivers\COH_Mon.cat
    2010-07-28 17:20:55 0 d-----w- c:\programdata\Office Genuine Advantage
    2010-07-28 16:24:00 0 d-----w- c:\windows\system32\eu-ES
    2010-07-28 16:24:00 0 d-----w- c:\windows\system32\ca-ES
    2010-07-28 16:23:57 0 d-----w- c:\windows\system32\vi-VN
    2010-07-28 16:20:02 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
    2010-07-28 14:00:24 0 d-----w- c:\windows\system32\EventProviders
    2010-07-28 13:56:44 0 d-----w- c:\users\tommy\Tracing
    2010-07-28 13:41:13 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys
    2010-07-28 13:39:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
    2010-07-28 13:38:57 0 d-----w- c:\program files\Microsoft SQL Server Compact Edition
    2010-07-28 13:37:06 0 d-----w- c:\program files\Microsoft
    2010-07-28 13:36:38 0 d-----w- c:\program files\Windows Live SkyDrive
    2010-07-28 10:59:56 0 d-----w- c:\program files\common files\Windows Live
    2010-07-28 10:59:41 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
    2010-07-28 10:59:13 1081344 ----a-w- c:\windows\system32\SLCExt.dll
    2010-07-28 10:59:12 3408896 ----a-w- c:\windows\system32\SLsvc.exe
    2010-07-28 10:58:57 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
    2010-07-28 10:58:57 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
    2010-07-28 10:58:43 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
    2010-07-28 10:58:30 1480704 ----a-w- c:\windows\system32\mssrch.dll
    2010-07-28 10:58:18 684032 ----a-w- c:\windows\system32\drivers\spsys.sys
    2010-07-28 10:58:14 1576960 ----a-w- c:\windows\system32\tquery.dll
    2010-07-28 10:58:05 779136 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
    2010-07-28 10:58:03 561152 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
    2010-07-28 10:58:02 928768 ----a-w- c:\windows\system32\scavenge.dll
    2010-07-28 10:56:56 324608 ----a-w- c:\windows\system32\sdohlp.dll
    2010-07-28 10:55:59 88064 ----a-w- c:\windows\system32\fdBth.dll
    2010-07-28 10:54:59 627712 ----a-w- c:\windows\system32\user32.dll
    2010-07-28 10:53:58 73216 ----a-w- c:\windows\system32\msiexec.exe
    2010-07-28 10:52:59 759296 ----a-w- c:\windows\system32\ipsecsnp.dll
    2010-07-28 10:51:59 29696 ----a-w- c:\windows\system32\ifmon.dll
    2010-07-28 10:50:53 153 ----a-w- c:\windows\system32\RacUREx.xml
    2010-07-28 10:50:23 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
    2010-07-28 10:50:23 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
    2010-07-28 10:50:23 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
    2010-07-28 10:50:22 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll
    2010-07-28 10:50:22 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
    2010-07-28 10:50:22 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
    2010-07-28 10:50:22 265728 ----a-w- c:\windows\system32\wbem\esscli.dll
    2010-07-28 10:50:19 705536 ----a-w- c:\windows\system32\SmiEngine.dll
    2010-07-28 10:50:16 218624 ----a-w- c:\windows\system32\wdscore.dll
    2010-07-28 10:50:16 130560 ----a-w- c:\windows\system32\PkgMgr.exe
    2010-07-28 10:49:50 247808 ----a-w- c:\windows\system32\drvstore.dll
    2010-07-28 10:49:21 0 d-----w- c:\programdata\WindowsSearch
    2010-07-28 09:56:36 0 d-----w- c:\programdata\NVIDIA
    2010-07-28 09:40:13 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
    2010-07-28 09:40:09 11967524 ----a-w- c:\windows\system32\korwbrkr.lex
    2010-07-28 09:27:45 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
    2010-07-28 09:27:45 49472 ----a-w- c:\windows\system32\netfxperf.dll
    2010-07-28 09:27:45 297808 ----a-w- c:\windows\system32\mscoree.dll
    2010-07-28 09:27:45 295264 ----a-w- c:\windows\system32\PresentationHost.exe
    2010-07-28 09:27:44 1130824 ----a-w- c:\windows\system32\dfshim.dll
    2010-07-28 09:11:11 67072 ----a-w- c:\windows\system32\asycfilt.dll
    2010-07-28 09:11:01 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-07-28 09:10:22 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
    2010-07-28 09:10:22 1696256 ----a-w- c:\windows\system32\gameux.dll
    2010-07-28 09:10:20 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    2010-07-28 09:10:16 420352 ----a-w- c:\windows\system32\vbscript.dll
    2010-07-28 09:10:08 738816 ----a-w- c:\windows\system32\inetcomm.dll
    2010-07-28 09:09:52 289792 ----a-w- c:\windows\system32\atmfd.dll
    2010-07-28 09:09:51 34304 ----a-w- c:\windows\system32\atmlib.dll
    2010-07-28 08:39:37 27839 ----a-w- c:\programdata\nvModes.dat
    2010-07-28 06:20:07 0 d-----w- C:\PerfLogs
    2010-07-28 03:10:06 705536 ----a-w- c:\windows\system32\imagesp1.dll
    2010-07-28 03:10:02 116736 ----a-w- c:\windows\system32\sstpsvc.dll
    2010-07-28 03:08:57 169472 ----a-w- c:\windows\system32\mssha.dll
    2010-07-28 03:07:59 71680 ----a-w- c:\windows\system32\msacm32.dll
    2010-07-28 03:06:59 95744 ----a-w- c:\windows\system32\xwtpw32.dll
    2010-07-28 03:05:59 8192 ----a-w- c:\windows\system32\drivers\mskssrv.sys
    2010-07-28 03:04:52 102400 ----a-w- c:\windows\system32\wbem\mofinstall.dll
    2010-07-28 03:04:51 357888 ----a-w- c:\windows\system32\wbemcomn.dll
    2010-07-28 03:04:46 129536 ----a-w- c:\windows\system32\sqmapi.dll
    2010-07-28 03:04:45 139264 ----a-w- c:\windows\system32\SmiInstaller.dll
    2010-07-28 03:04:21 35328 ----a-w- c:\windows\system32\mspatcha.dll
    2010-07-28 03:04:21 305152 ----a-w- c:\windows\system32\msdelta.dll
    2010-07-28 03:04:21 258560 ----a-w- c:\windows\system32\dpx.dll
    2010-07-28 03:04:12 6656 ----a-w- c:\windows\system32\kbd106.dll
    2010-07-28 02:45:41 57667 ----a-w- c:\windows\system32\ieuinit.inf
    2010-07-28 02:43:57 385024 ----a-w- c:\windows\system32\html.iec
    2010-07-28 02:43:56 45568 ----a-w- c:\windows\system32\mshta.exe
    2010-07-28 02:43:56 169472 ----a-w- c:\windows\system32\iexpress.exe
    2010-07-28 02:43:55 109568 ----a-w- c:\windows\system32\PDMSetup.exe
    2010-07-28 02:43:55 107520 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2010-07-28 02:43:55 107008 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2010-07-28 02:43:55 103936 ----a-w- c:\windows\system32\SetDepNx.exe
    2010-07-26 20:49:39 377344 ----a-w- c:\windows\system32\winhttp.dll
    2010-07-26 00:13:46 156672 ----a-w- c:\windows\system32\t2embed.dll
    2010-07-26 00:13:45 72704 ----a-w- c:\windows\system32\fontsub.dll
    2010-07-26 00:13:45 23552 ----a-w- c:\windows\system32\lpk.dll
    2010-07-26 00:13:45 10240 ----a-w- c:\windows\system32\dciman32.dll
    2010-07-26 00:07:19 61440 ----a-w- c:\windows\system32\winipsec.dll
    2010-07-26 00:07:19 272896 ----a-w- c:\windows\system32\polstore.dll
    2010-07-26 00:05:22 1820 ----a-w- c:\windows\system32\rasctrnm.h
    2010-07-26 00:03:48 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2010-07-25 23:59:43 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
    2010-07-25 23:59:43 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
    2010-07-25 23:59:43 17920 ----a-w- c:\windows\system32\netevent.dll
    2010-07-25 23:59:43 11264 ----a-w- c:\windows\system32\MRINFO.EXE
    2010-07-25 23:59:43 105984 ----a-w- c:\windows\system32\netiohlp.dll
    2010-07-25 23:59:42 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
    2010-07-25 23:59:42 19968 ----a-w- c:\windows\system32\ARP.EXE
    2010-07-25 23:59:42 17920 ----a-w- c:\windows\system32\ROUTE.EXE
    2010-07-25 23:59:42 10240 ----a-w- c:\windows\system32\finger.exe
    2010-07-25 23:53:05 127488 ----a-w- c:\windows\system32\L2SecHC.dll
    2010-07-25 23:53:04 2501921 ----a-w- c:\windows\system32\wlan.tmf
    2010-07-25 23:53:03 68096 ----a-w- c:\windows\system32\wlanhlp.dll
    2010-07-25 23:53:03 65024 ----a-w- c:\windows\system32\wlanapi.dll
    2010-07-25 23:53:03 513536 ----a-w- c:\windows\system32\wlansvc.dll
    2010-07-25 23:53:03 293376 ----a-w- c:\windows\system32\wlanmsm.dll
    2010-07-25 23:53:02 302592 ----a-w- c:\windows\system32\wlansec.dll
    2010-07-25 23:53:00 2334 ----a-w- c:\windows\system32\wbem\L2SecHC.mof
    2010-07-25 23:52:59 12880 ----a-w- c:\windows\system32\wbem\wlan.mof
    2010-07-25 23:52:58 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
    2010-07-25 23:50:19 1401856 ----a-w- c:\windows\system32\msxml6.dll
    2010-07-25 23:50:16 2048 ----a-w- c:\windows\system32\msxml3r.dll
    2010-07-25 23:50:15 2048 ----a-w- c:\windows\system32\msxml6r.dll
    2010-07-25 23:47:45 218624 ----a-w- c:\windows\system32\msv1_0.dll
    2010-07-25 23:45:34 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
    2010-07-25 23:45:34 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2010-07-25 23:45:34 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2010-07-25 23:43:08 98816 ----a-w- c:\windows\system32\mfps.dll
    2010-07-25 23:43:08 53248 ----a-w- c:\windows\system32\rrinstaller.exe
    2010-07-25 23:43:08 2868224 ----a-w- c:\windows\system32\mf.dll
    2010-07-25 23:43:08 2048 ----a-w- c:\windows\system32\mferror.dll
    2010-07-25 23:43:07 24576 ----a-w- c:\windows\system32\mfpmp.exe
    2010-07-25 23:35:13 71680 ----a-w- c:\windows\system32\atl.dll
    2010-07-25 23:27:07 160256 ----a-w- c:\windows\system32\wkssvc.dll
    2010-07-25 23:25:40 53248 ----a-w- c:\windows\system32\tsgqec.dll
    2010-07-25 23:25:40 136192 ----a-w- c:\windows\system32\aaclient.dll
    2010-07-25 23:25:39 2066432 ----a-w- c:\windows\system32\mstscax.dll
    2010-07-25 23:21:20 714240 ----a-w- c:\windows\system32\timedate.cpl
    2010-07-25 23:11:29 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
    2010-07-25 23:01:33 623616 ----a-w- c:\windows\system32\localspl.dll
    2010-07-25 22:55:43 8704 ----a-w- c:\windows\system32\hccoin.dll
    2010-07-25 22:55:43 15872 ----a-w- c:\windows\system32\hcrstco.dll
    2010-07-25 22:53:19 172032 ----a-w- c:\windows\system32\wintrust.dll
    2010-07-25 22:51:52 499712 ----a-w- c:\windows\system32\kerberos.dll
    2010-07-25 22:51:52 175104 ----a-w- c:\windows\system32\wdigest.dll
    2010-07-25 22:51:51 9728 ----a-w- c:\windows\system32\lsass.exe
    2010-07-25 22:51:51 72704 ----a-w- c:\windows\system32\secur32.dll
    2010-07-25 22:51:51 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
    2010-07-25 22:51:51 1259008 ----a-w- c:\windows\system32\lsasrv.dll
    2010-07-25 22:51:48 13780 ----a-w- c:\windows\system32\wbem\lsasrv.mof
    2010-07-25 22:46:59 4164096 ----a-w- c:\windows\system32\NlsLexicons0002.dll
    2010-07-25 22:40:46 6656 ----a-w- c:\windows\system32\kbd106n.dll
    2010-07-25 22:36:21 62464 ----a-w- c:\windows\system32\l3codeca.acm
    2010-07-25 22:36:21 220672 ----a-w- c:\windows\system32\l3codecp.acm
    2010-07-25 22:33:53 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
    2010-07-25 22:33:52 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
    2010-07-25 22:33:52 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
    2010-07-25 22:33:51 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
    2010-07-25 22:33:50 814 ----a-w- c:\windows\system32\wbem\WFP.MOF
    2010-07-25 22:27:49 98304 ----a-w- c:\windows\system32\cabview.dll
    2010-07-25 22:24:14 37888 ----a-w- c:\windows\system32\printcom.dll
    2010-07-25 22:21:00 14848 ----a-w- c:\windows\system32\wshrm.dll
    2010-07-25 22:19:15 43520 ----a-w- c:\windows\system32\msdxm.tlb
    2010-07-25 22:19:15 313344 ----a-w- c:\windows\system32\wmpdxm.dll
    2010-07-25 22:19:15 18432 ----a-w- c:\windows\system32\amcompat.tlb
    2010-07-25 22:17:15 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
    2010-07-25 22:17:15 332288 ----a-w- c:\windows\system32\msdrm.dll
    2010-07-25 22:17:15 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
    2010-07-25 22:17:14 518144 ----a-w- c:\windows\system32\RMActivate.exe
    2010-07-25 22:17:14 471552 ----a-w- c:\windows\system32\secproc.dll
    2010-07-25 22:17:14 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
    2010-07-25 22:17:14 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
    2010-07-25 22:17:13 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
    2010-07-25 22:17:13 471552 ----a-w- c:\windows\system32\secproc_isv.dll
    2010-07-25 21:38:14 49152 ----a-w- c:\windows\ocsetup_cbs_install_NetFx3.perf
    2010-07-25 21:38:14 16384 ----a-w- c:\windows\ocsetup_cbs_install_NetFx3.dpx
    2010-07-25 21:38:13 32718848 ----a-w- c:\windows\ocsetup_install_NetFx3.etl
    2010-07-25 21:14:33 84480 ----a-w- c:\windows\system32\INETRES.dll
    2010-07-25 21:14:12 60928 ----a-w- c:\windows\system32\msasn1.dll
    2010-07-25 21:13:28 784896 ----a-w- c:\windows\system32\rpcrt4.dll
    2010-07-25 21:12:37 411648 ----a-w- c:\windows\system32\drivers\http.sys
    2010-07-25 21:12:37 30720 ----a-w- c:\windows\system32\httpapi.dll
    2010-07-25 21:12:37 24064 ----a-w- c:\windows\system32\nshhttp.dll
    2010-07-25 21:10:10 243712 ----a-w- c:\windows\system32\rastls.dll
    2010-07-25 21:09:47 355328 ----a-w- c:\windows\system32\WSDApi.dll
    2010-07-25 21:08:58 0 d-----w- c:\program files\MSXML 4.0
    2010-07-25 21:07:26 91136 ----a-w- c:\windows\system32\avifil32.dll
    2010-07-25 21:07:26 82944 ----a-w- c:\windows\system32\mciavi32.dll
    2010-07-25 21:07:26 65024 ----a-w- c:\windows\system32\avicap32.dll
    2010-07-25 21:07:26 31744 ----a-w- c:\windows\system32\msvidc32.dll
    2010-07-25 21:07:26 123904 ----a-w- c:\windows\system32\msvfw32.dll
    2010-07-25 21:07:25 13312 ----a-w- c:\windows\system32\msrle32.dll
    2010-07-25 21:07:25 1314816 ----a-w- c:\windows\system32\quartz.dll
    2010-07-25 21:07:24 50176 ----a-w- c:\windows\system32\iyuv_32.dll
    2010-07-25 21:07:24 22528 ----a-w- c:\windows\system32\msyuv.dll
    2010-07-25 21:07:24 12288 ----a-w- c:\windows\system32\tsbyuv.dll
    2010-07-25 21:06:24 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
    2010-07-25 21:05:43 310784 ----a-w- c:\windows\system32\unregmp2.exe
    2010-07-25 21:05:42 8147456 ----a-w- c:\windows\system32\wmploc.DLL
    2010-07-25 21:05:41 7680 ----a-w- c:\windows\system32\spwmp.dll
    2010-07-25 21:05:40 4096 ----a-w- c:\windows\system32\msdxm.ocx
    2010-07-25 21:05:40 4096 ----a-w- c:\windows\system32\dxmasf.dll
    2010-07-25 20:48:09 40960 ------w- C:\junction.exe
    2010-07-25 20:47:17 1706800 ----a-w- c:\windows\system32\gdiplus.dll
    2010-07-25 20:44:38 83 ----a-w- c:\windows\QtZgAcer.UNI
    2010-07-25 20:44:35 0 d-----w- c:\program files\Launch Manager
    2010-07-25 20:41:39 0 d-sh--w- C:\$RECYCLE.BIN
    2010-07-25 20:40:11 45568 ----a-w- c:\windows\system32\drivers\rimmptsk.sys
    2010-07-25 20:40:11 43008 ----a-w- c:\windows\system32\drivers\rimsptsk.sys
    2010-07-25 20:40:11 38400 ----a-w- c:\windows\system32\drivers\rixdptsk.sys
    2010-07-25 20:40:11 172032 ----a-w- c:\windows\system32\rixdicon.dll
    2010-07-25 20:39:10 83554304 ----a-w- c:\windows\system32\acer.scr
    2010-07-25 20:38:56 40368034 ----a-w- c:\windows\system32\acer.exe
    2010-07-25 20:38:51 0 d-----w- c:\program files\Acer Inc
    2010-07-25 20:38:47 0 d-----w- c:\windows\ACER
    2010-07-25 20:37:44 0 d-----w- c:\program files\Yahoo!
    2010-07-25 20:28:59 0 d-----w- C:\Convesoft
    2010-07-25 20:28:26 0 d-----w- c:\program files\SUYIN
    2010-07-25 20:28:26 0 d-----w- c:\program files\ACER Crystal Eye webcam
    2010-07-25 20:27:51 0 d-----w- c:\windows\SUYIN NB Cam
    2010-07-25 20:27:50 53248 ----a-w- c:\windows\system32\csnp2uvc.dll
    2010-07-25 20:27:50 286720 ----a-w- c:\windows\system32\vsnp2uvc.dll
    2010-07-25 20:27:50 172032 ----a-w- c:\windows\system32\rsnp2uvc.dll
    2010-07-25 20:27:50 0 d-----w- c:\program files\common files\snp2uvc
    2010-07-25 19:10:26 16 ----a-w- c:\windows\system32\coh.cache
    2010-07-25 19:03:25 0 ----a-w- c:\windows\WinInit.ini
    2010-07-25 18:59:51 0 d-----w- c:\programdata\Norton
    2010-07-25 18:36:57 92 ----a-w- c:\windows\GridV.UNI
    2010-07-25 18:36:57 0 d-----w- c:\program files\Vic512WA
    2010-07-25 18:35:45 0 d-----w- c:\users\tommy\appdata\roaming\Acer
    2010-07-25 18:29:31 552 ----a-w- c:\windows\system32\setup.iss
    2010-07-25 18:29:31 327680 ----a-w- c:\windows\system32\Remove_eRecovery.exe
    2010-07-25 18:29:31 16384 ----a-w- c:\windows\system32\LauncheRyAgentUser.exe
    2010-07-25 18:29:31 16384 ----a-w- c:\windows\system32\ClearEvent.exe
    2010-07-25 18:29:30 368640 ----a-w- c:\windows\system32\CheckD2DSystem.exe
    2010-07-25 18:28:55 0 d-----w- c:\program files\Acer Assist
    2010-07-25 18:28:53 0 d-----w- c:\program files\Acer Registration
    2010-07-25 18:04:19 2421760 ----a-w- c:\windows\system32\wucltux.dll
    2010-07-25 18:03:40 87552 ----a-w- c:\windows\system32\wudriver.dll
    2010-07-25 18:03:08 33792 ----a-w- c:\windows\system32\wuapp.exe
    2010-07-25 18:03:08 171608 ----a-w- c:\windows\system32\wuwebv.dll
    ==================== Find3M ====================
    2010-07-29 06:20:07 665600 ----a-w- c:\windows\inf\drvindex.dat
    2010-07-29 06:20:07 51200 ----a-w- c:\windows\inf\infpub.dat
    2010-07-29 06:20:07 143360 ----a-w- c:\windows\inf\infstrng.dat
    2010-07-29 06:20:07 143360 ----a-w- c:\windows\inf\infstor.dat
    2010-07-28 16:01:27 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
    2010-07-28 06:37:14 174 --sha-w- c:\program files\desktop.ini
    2010-07-28 05:17:30 101888 ----a-w- c:\windows\system32\ifxcardm.dll
    2010-07-28 05:17:11 82432 ----a-w- c:\windows\system32\axaltocm.dll
    2010-07-25 22:46:59 11722752 ----a-w- c:\windows\system32\NlsLexicons0001.dll
    2010-07-25 21:04:02 16710176 ----a-w- c:\windows\fonts\meiryo.ttc
    2010-07-25 21:03:56 17159388 ----a-w- c:\windows\fonts\meiryob.ttc
    2010-07-25 19:01:24 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
    2010-07-25 19:01:24 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
    2010-07-25 19:01:24 10635 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
    2010-06-26 06:05:49 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-06-26 06:02:15 71680 ----a-w- c:\windows\system32\iesetup.dll
    2010-06-26 06:02:15 109056 ----a-w- c:\windows\system32\iesysprep.dll
    2010-06-26 04:25:02 133632 ----a-w- c:\windows\system32\ieUnatt.exe
    2010-06-11 16:16:20 274944 ----a-w- c:\windows\system32\schannel.dll
    2010-05-27 20:08:17 81920 ----a-w- c:\windows\system32\iccvid.dll
    2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
    2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
    2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
    2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
    2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
    2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
    2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
    2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
    ============= FINISH: 19:57:58.14 ===============
     
  4. APPACHE

    APPACHE Thread Starter

    Joined:
    Jul 2, 2010
    Messages:
    71
    Gmer would not respond,I don't no how to turn his norton security off either.I hope this is a good start.
     
  5. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,793
    Replying to this, but will look when I get to work (setting off in a min)

    :)
     
  6. APPACHE

    APPACHE Thread Starter

    Joined:
    Jul 2, 2010
    Messages:
    71
    thank you Eddie,just to let you no,,I don't no much about vista and how to,so bare with me :))
     
  7. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,793
    It can be a little harder to check, as some of the common tools won't work on Vista :(

    Now, can't see much jumping out, so lets look deeper ;)

    Download OTL to your Desktop
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • OTL should now start. Change the following settings
      • Change Drivers to All
      • Change Standard Registry to All
      • Under File Scans, change File age to 30
    • Under the Custom Scan box paste this in

      netsvcs
      %SYSTEMDRIVE%\*.*
      /md5start
      eventlog.dll
      scecli.dll
      netlogon.dll
      cngaudit.dll
      sceclt.dll
      ntelogon.dll
      logevent.dll
      iaStor.sys
      nvstor.sys
      atapi.sys
      IdeChnDr.sys
      viasraid.sys
      AGP440.sys
      vaxscsi.sys
      nvatabus.sys
      viamraid.sys
      nvata.sys
      nvgts.sys
      iastorv.sys
      ViPrt.sys
      eNetHook.dll
      ahcix86.sys
      KR10N.sys
      nvstor32.sys
      ahcix86s.sys
      nvrd32.sys
      svchost.exe
      /md5stop
      %systemroot%\*. /mp /s
      CREATERESTOREPOINT
      %systemroot%\System32\config\*.sav
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\Tasks\*.job /lockedfiles

    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt (first run only). These are saved in the same location as OTL.
      • Please post the contents of these files in your next reply.

    eddie
     
  8. APPACHE

    APPACHE Thread Starter

    Joined:
    Jul 2, 2010
    Messages:
    71
  9. APPACHE

    APPACHE Thread Starter

    Joined:
    Jul 2, 2010
    Messages:
    71
    I can not post the logs
    503 Server Error
     
  10. APPACHE

    APPACHE Thread Starter

    Joined:
    Jul 2, 2010
    Messages:
    71
    I am trying to zip it now
    OTL Extras logfile created on: 8/24/2010 1:47:50 PM - Run 1
    OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\tommy\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18943)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    766.00 Mb Total Physical Memory | 213.00 Mb Available Physical Memory | 28.00% Memory free
    2.00 Gb Paging File | 1.00 Gb Available in Paging File | 53.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 51.14 Gb Total Space | 19.48 Gb Free Space | 38.08% Space Free | Partition Type: NTFS
    Drive D: | 50.89 Gb Total Space | 45.98 Gb Free Space | 90.36% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: TOMMY-PC
    Current User Name: tommy
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "UacDisableNotify" = 1
    "InternetSettingsDisableNotify" = 1
    "AutoUpdateDisableNotify" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{036A3F25-A1DA-4BBD-A117-C1C9E49A5633}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{3F989F72-3D2B-4F9B-BA7F-C215AC8E3F63}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{000D03AE-8A59-4ACF-B5A3-6DE8F6DF813C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{04A912FC-B03E-4C92-94C0-70FB8168FFC7}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe |
    "{0D64D28C-20E1-427A-8A24-07B5321644EA}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
    "{1500FA78-5012-4AA2-8186-3E4E713E2124}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe |
    "{1C664631-489C-423D-BE0B-5A7C9C859702}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe |
    "{39017BD4-E911-4E78-9D54-0C57D742BF2E}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe |
    "{690F9576-D658-4DF0-8EEA-7C13D04A71D0}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe |
    "{6E3B8E31-3EB1-42AE-AD73-CB3CEF4D2C89}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
    "{78C29960-87F2-4185-AE03-52C4812DB4F8}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
    "{B924930E-EF04-41B7-82D8-998D82D5FB3E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{C0C8F477-2F0F-4A57-95AA-CB8D57CC8297}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
    "{FB498B97-BD1A-4DA6-9653-5499B54E5B02}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{047D47E3-7275-4B6E-AE56-63CA6BB2EA6D}" = Winbond CIR Drivers
    "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
    "{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
    "{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
    "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
    "{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
    "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{29040E10-A813-476E-A5DD-AD74AA4D1F36}" = SymNet
    "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
    "{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
    "{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye webcam
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
    "{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
    "{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
    "{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
    "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
    "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
    "{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
    "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
    "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
    "{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
    "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111263673}" = Treasures of the Deep
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111271497}" = Mystery Case Files - Prime Suspects
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111310630}" = Big Kahuna Reef 2
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
    "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547}" = Mystery Case Files Ravenhearst
    "{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
    "{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
    "{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
    "{A3B105C6-17CE-436F-8AE0-A0BF2853C4D0}" = Symantec Real Time Storage Protection Component
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AA047D7C-5E7C-4878-B75C-77589151B563}" = Acer Crystal Eye webcam
    "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
    "{AC1ACE88-C471-494E-B5FA-0B7C21F22E4F}" = Orion
    "{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
    "{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
    "{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
    "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer 3.72
    "{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
    "{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
    "{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
    "{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
    "{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
    "{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
    "{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
    "{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
    "{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
    "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
    "{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
    "{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
    "{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
    "{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
    "Acer Assist" = Acer Assist
    "Acer Registration" = Acer Registration
    "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "Advanced SystemCare 3_is1" = Advanced SystemCare 3
    "Agere Systems Soft Modem" = Agere Systems HDA Modem
    "GridVista" = Acer GridVista
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
    "InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
    "LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
    "LManager" = Launch Manager
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "NSS" = Norton Security Scan
    "NVIDIA Drivers" = NVIDIA Drivers
    "SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "WinLiveSuite_Wave3" = Windows Live Essentials
    "Yahoo! Companion" = Yahoo! Toolbar
    "Yahoo! Toolbar" = Yahoo! Toolbar

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "f031ef6ac137efc5" = Dell Driver Download Manager

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 8/16/2010 10:07:12 PM | Computer Name = tommy-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
    Description = Information Level: error Initialization of the COM subsystem failed.
    Error code: 0x8007041D

    Error - 8/17/2010 3:00:13 PM | Computer Name = tommy-PC | Source = EventSystem | ID = 4609
    Description =

    Error - 8/20/2010 1:55:36 PM | Computer Name = tommy-PC | Source = System Restore | ID = 8209
    Description =

    Error - 8/20/2010 2:37:11 PM | Computer Name = tommy-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
    Description = Information Level: error Initialization of the COM subsystem failed.
    Error code: 0x8007041D

    Error - 8/20/2010 2:38:24 PM | Computer Name = tommy-PC | Source = Windows Search Service | ID = 3013
    Description =

    Error - 8/20/2010 2:38:35 PM | Computer Name = tommy-PC | Source = Windows Search Service | ID = 3013
    Description =

    Error - 8/20/2010 2:38:38 PM | Computer Name = tommy-PC | Source = Windows Search Service | ID = 3013
    Description =

    Error - 8/20/2010 2:53:16 PM | Computer Name = tommy-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
    Description = Information Level: error Initialization of the COM subsystem failed.
    Error code: 0x8007041D

    Error - 8/22/2010 8:13:27 PM | Computer Name = tommy-PC | Source = Perflib | ID = 1010
    Description =

    Error - 8/22/2010 8:20:39 PM | Computer Name = tommy-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
    Description = Information Level: error Initialization of the COM subsystem failed.
    Error code: 0x8007041D

    [ System Events ]
    Error - 7/27/2010 11:44:26 PM | Computer Name = tommy-PC | Source = ACPI | ID = 327686
    Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
    14, function 0. Please contact your system vendor for technical assistance.

    Error - 7/27/2010 11:44:26 PM | Computer Name = tommy-PC | Source = ACPI | ID = 327686
    Description = IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot
    12, function 0. Please contact your system vendor for technical assistance.

    Error - 7/27/2010 11:44:46 PM | Computer Name = tommy-PC | Source = Microsoft-Windows-Kernel-WHEA | ID = 6
    Description =

    Error - 7/28/2010 12:58:25 AM | Computer Name = tommy-PC | Source = EventLog | ID = 6008
    Description = The previous system shutdown at 12:56:02 AM on 7/28/2010 was unexpected.

    Error - 7/28/2010 12:59:15 AM | Computer Name = tommy-PC | Source = Service Control Manager | ID = 7000
    Description =


    < End of report >
     

    Attached Files:

  11. APPACHE

    APPACHE Thread Starter

    Joined:
    Jul 2, 2010
    Messages:
    71
    i got one posted the other one must be to big so i zipped it thank you
     
  12. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,793
    Thanks, will look at them now :)
     
  13. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,793
    Please run OTL.exe
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      [2010/08/11 08:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
      [2010/08/09 17:46:33 | 000,000,000 | ---D | C] -- C:\Users\tommy\AppData\Roaming\IObit
      [2010/08/09 17:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
      :Commands
      [purity]
      [emptytemp]
      [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot when it is done
    • It will produce a log for you on reboot, please post that log in your next reply.

    eddie
     
  14. APPACHE

    APPACHE Thread Starter

    Joined:
    Jul 2, 2010
    Messages:
    71
    will do,sorry I didn't get a e-mail that you responded to the thread..will do at lunch ty
     
  15. APPACHE

    APPACHE Thread Starter

    Joined:
    Jul 2, 2010
    Messages:
    71
    All processes killed
    ========== OTL ==========
    C:\ProgramData\IObit\Advanced SystemCare folder moved successfully.
    C:\ProgramData\IObit folder moved successfully.
    C:\Users\tommy\AppData\Roaming\IObit\Advanced SystemCare\Backup\Registry folder moved successfully.
    C:\Users\tommy\AppData\Roaming\IObit\Advanced SystemCare\Backup folder moved successfully.
    C:\Users\tommy\AppData\Roaming\IObit\Advanced SystemCare folder moved successfully.
    C:\Users\tommy\AppData\Roaming\IObit folder moved successfully.
    C:\Program Files\IObit\Advanced SystemCare 3\Update folder moved successfully.
    C:\Program Files\IObit\Advanced SystemCare 3\Skin\White folder moved successfully.
    C:\Program Files\IObit\Advanced SystemCare 3\Skin\Black folder moved successfully.
    C:\Program Files\IObit\Advanced SystemCare 3\Skin folder moved successfully.
    C:\Program Files\IObit\Advanced SystemCare 3\News\Css folder moved successfully.
    C:\Program Files\IObit\Advanced SystemCare 3\News folder moved successfully.
    C:\Program Files\IObit\Advanced SystemCare 3\Language folder moved successfully.
    C:\Program Files\IObit\Advanced SystemCare 3\Images folder moved successfully.
    C:\Program Files\IObit\Advanced SystemCare 3\Backup folder moved successfully.
    C:\Program Files\IObit\Advanced SystemCare 3 folder moved successfully.
    C:\Program Files\IObit folder moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public

    User: tommy
    ->Temp folder emptied: 39178181 bytes
    ->Temporary Internet Files folder emptied: 12038697 bytes
    ->Flash cache emptied: 1416 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 65025 bytes
    RecycleBin emptied: 3346624 bytes

    Total Files Cleaned = 52.00 mb


    OTL by OldTimer - Version 3.2.11.0 log created on 08302010_124213
    Files\Folders moved on Reboot...
    Registry entries deleted on Reboot...
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/944966