Author Topic: Internet problem (Read 1386 times)

nerwnas · « **on:** July 02, 2009, 01:06:37 PM »

Good afternoon

My notebook is Acer 8930G and my network adapter is an Atheros AR8121/AR8113/AR8114 and i used to have as a wired router a Dlink 524T, which i changed with a Netgear DG834 during my many attempts to resolve in vain my internet problems as i did with my ethernet cables.

About a week ago,suddenly my notebook ceased to have any internet connection and my status varied from local only to limited connectivity while both the green and orange lights on the adapter came and went continiously.
After a casual scan with Malwarebytez antispyware,it turned out that i had 9 infections from the trojan BHO.After innumerable efforts and formats,i somehow cleaned(so it seems without being 100% certain) my PC.The only thing is that the problem persists with the connection,while two other computers that share the network with me didn't have any problems whatsoever.

Is it possible that my ethernet card was damaged by the trojan?If anyone could help me out or at least enlighten me,i would be much obliged!!!!

Thanks in advance

guestolo · « **Reply #1 on:** July 02, 2009, 09:52:46 PM »

Hi nerwnas
I'm going to lock your other topic you started, let's stick with this one please
Since you have access to another computer
The below instructions, can you transfer OTL to the desktop of the computer offline
And transfer the logs I need back here to a computer online

Can you do the following

Download [color=\"#FF0000\"]OTL[/color] to your desktop.
Right click on the icon and choose to "Run As Administrator" to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Under the Standard Registry box change it to All.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

NOTE: If you do have problems posting those 2 logs back, please Upload them in a reply
With the Browse... UPLOAD buttons

In addition: Can I see that log from Malwarebytes AntiMalware
Open MBAM>>Open LOGS tab
Double click on the log that you ran
Save a copy to your desktop, then transfer it back here please

nerwnas · « **Reply #2 on:** July 03, 2009, 06:14:44 AM »

[quote name=\'guestolo\' post=\'463812\' date=\'Jul 3 2009, 04:52 AM\']Hi nerwnas
I'm going to lock your other topic you started, let's stick with this one please
Since you have access to another computer
The below instructions, can you transfer OTL to the desktop of the computer offline
And transfer the logs I need back here to a computer online

Can you do the following

Download [color=\"#ff0000\"]OTL[/color] to your desktop.
Right click on the icon and choose to "Run As Administrator" to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Under the Standard Registry box change it to All.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

NOTE: If you do have problems posting those 2 logs back, please Upload them in a reply
With the Browse... UPLOAD buttons

In addition: Can I see that log from Malwarebytes AntiMalware
Open MBAM>>Open LOGS tab
Double click on the log that you ran
Save a copy to your desktop, then transfer it back here please[/quote]

Thanks for the quick reply!

When the problem first appeared,i was running Windows Vista Home Premium offered with my Acer notebook and MBA showed 9 infections,2 of which were partner.exe and partner.dll that were located in c:/programdata/partner and 7 registry infections.I tried 2-3 times running the Acer recovery backup
situated at a hidden partition on my hard disk after i cleaned them with Mba and after running a new scan were everything was ok but without restoring the internet connection.I then realised that these infections came from Acer itself as Internet explorer had attached a toolbar where Partner BHO ran.

So i had to buy another copy of Windows Vista Ultimate x32 and in the process of formatting i lost all the logs of MBA.

I did what you asked and here are the logs:

OTL logfile created on: 3/7/2009 12:56:38 Î¼Î¼ - Run 1
OTL by OldTimer - Version 3.0.6.3 Folder = C:\Users\Nektarios\Desktop
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000408 | Country: Î•Î»Î»Î¬Î´Î± | Language: ELL | Date Format: d/M/yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 126,76 Gb Free Space | 88,00% Space Free | Partition Type: NTFS
Drive D: | 154,05 Gb Total Space | 153,95 Gb Free Space | 99,94% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NEKTARIOS-PC
Current User Name: Nektarios
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

[color=\"#E56717\"]========== Processes (SafeList) ==========[/color]

PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
PRC - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe ()
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Acer\Mobility Center\MobilityService.exe ()
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
PRC - C:\Program Files\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Windows\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
PRC - C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Users\Nektarios\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files\Acer\Acer VCM\acp2HID.exe (Acer Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Synaptics, Inc.)
PRC - C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Users\Nektarios\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\wbem\WMIADAP.EXE (Microsoft Corporation)

[color=\"#E56717\"]========== Win32 Services (SafeList) ==========[/color]

SRV - (AgereModemAudio [Auto | Running]) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (btwdins [Auto | Running]) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (BUNAgentSvc [Auto | Running]) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
SRV - (CLHNService [Auto | Running]) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (eDataSecurity Service [Auto | Running]) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Running]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (ETService [Auto | Running]) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (Eventlog [Auto | Running]) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation)
SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (IAANTMON [Auto | Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (IGBASVC [Auto | Running]) -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe ()
SRV - (LightScribeService [Auto | Running]) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (MobilityService [Auto | Running]) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NTIBackupSvc [Auto | Running]) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc [Auto | Running]) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (nvsvc [Auto | Running]) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV - (RS_Service [Auto | Running]) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (vfsFPService [Auto | Running]) -- C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

[color=\"#E56717\"]========== Driver Services (SafeList) ==========[/color]

DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (AgereSoftModem [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\AGRSM.sys (Agere Systems)
DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (AlfaFF [Boot | Running]) -- C:\Windows\system32\Drivers\AlfaFF.sys (Alfa Corporation)
DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (btwaudio [On_Demand | Stopped]) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwavdt [On_Demand | Stopped]) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwrchid [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\btwrchid.sys (Broadcom Corporation.)
DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (DKbFltr [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\DKbFltr.sys (Dritek System Inc.)
DRV - (DritekPortIO [System | Running]) -- C:\Program Files\Launch Manager\DPortIO.sys (Dritek System Inc.)
DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\E1G60I32.sys (Intel Corporation)
DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (iaStor [Boot | Running]) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (int15 [Auto | Running]) -- C:\Windows\System32\drivers\int15.sys ()
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (itecir [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\itecir.sys (ITE Tech. Inc. )
DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (L1E [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\L1E60x86.sys (Atheros Communications, Inc.)
DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (NETw5v32 [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\NETw5v32.sys (Intel Corporation)
DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (NTIDrvr [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (NTIPPKernel [Auto | Running]) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (nvlddmkm [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (PSDFilter [Boot | Running]) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV - (PSDNServ [Auto | Running]) -- C:\Windows\System32\DRIVERS\PSDNServ.sys (Egis Incorporated)
DRV - (psdvdisk [Auto | Running]) -- C:\Windows\System32\DRIVERS\PSDVdisk.sys (Egis Incorporated)
DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (SynTP [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (UBHelper [Boot | Running]) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vfs101x [On_Demand | Running]) -- C:\Windows\System32\drivers\vfs101x.sys (Validity Sensors, Inc.)
DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796} [Auto | Running]) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)

[color=\"#E56717\"]========== Standard Registry (All) ==========[/color]

[color=\"#E56717\"]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BkupTray] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZPdtWzdVitaKey MC3000] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe (Arachnoid Biometrics Identification Group Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskmgr = 0
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/octet-stream - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{df2fde43-6692-11de-b18b-00a0d1aa709f}\Shell - "" = AutoRun
O33 - MountPoints2\{df2fde43-6692-11de-b18b-00a0d1aa709f}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e52e6bb4-6632-11de-94ea-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e52e6bb4-6632-11de-94ea-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\AutorunX\AutorunX.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

[color=\"#E56717\"]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009/07/03 12:51:23 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\Nektarios\Desktop\OTL.exe
[2009/07/03 02:00:21 | 00,186,880 | ---- | C] (CEXX.ORG) -- C:\Users\Nektarios\Desktop\LSPFix.exe
[2009/07/02 17:42:38 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/07/02 17:26:44 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/07/02 17:26:44 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/07/02 17:25:40 | 00,173,119 | ---- | C] (Eric_71) -- C:\Users\Nektarios\Desktop\Rooter.exe
[2009/07/02 17:06:53 | 05,034,888 | ---- | C] () -- C:\Users\Nektarios\Desktop\spybotsd_includes.exe
[2009/07/02 16:24:34 | 16,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Nektarios\Desktop\spybotsd162.exe
[2009/07/02 04:13:28 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\Desktop\Powder.Blue.2009.BDRip.XviD-FRAGMENT
[2009/07/02 03:56:06 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Roaming\Media Player Classic
[2009/07/02 03:56:02 | 00,019,968 | ---- | C] () -- C:\Users\Nektarios\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/02 03:36:45 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2009/07/02 03:36:45 | 00,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2009/07/02 03:36:45 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2009/07/02 03:36:45 | 00,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2009/07/02 03:36:44 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm
[2009/07/02 03:36:44 | 00,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/07/02 03:36:44 | 00,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml
[2009/07/02 03:36:44 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/07/02 03:36:43 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009/07/02 03:36:43 | 00,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/07/02 03:36:43 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2009/07/02 03:36:43 | 00,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/07/02 03:36:43 | 00,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm
[2009/07/02 03:36:43 | 00,090,112 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\dpl100.dll
[2009/07/02 03:36:42 | 00,685,056 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx.dll
[2009/07/02 03:36:42 | 00,060,273 | ---- | C] (Open Source Software community project) -- C:\Windows\System32\pthreadGC2.dll
[2009/07/02 03:36:42 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009/07/02 03:36:41 | 00,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/07/02 03:36:40 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2009/07/02 03:27:37 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Roaming\Adobe
[2009/07/02 00:32:08 | 00,000,000 | ---D | C] -- C:\Windows\Panther
[2009/07/02 00:31:55 | 00,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2009/07/02 00:31:54 | 00,333,203 | RHS- | C] () -- C:\bootmgr
[2009/07/02 00:31:54 | 00,000,000 | -HSD | C] -- C:\Boot
[2009/07/01 19:47:04 | 00,000,000 | ---- | C] () -- C:\Users\Nektarios\Desktop\settings.dat
[2009/07/01 19:46:46 | 00,458,240 | ---- | C] ( ) -- C:\Users\Nektarios\Desktop\RootRepeal.exe
[2009/07/01 18:37:59 | 00,001,874 | ---- | C] () -- C:\Users\Nektarios\Desktop\HijackThis.lnk
[2009/07/01 18:37:59 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/07/01 18:11:26 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\Nektarios\Desktop\HJTInstall.exe
[2009/07/01 18:11:10 | 00,286,208 | ---- | C] () -- C:\Users\Nektarios\Desktop\sj1dhx90.exe
[2009/07/01 17:05:34 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2009/07/01 16:42:19 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Roaming\Malwarebytes
[2009/07/01 16:42:16 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/07/01 16:42:15 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/07/01 16:42:15 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/07/01 16:42:15 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/01 16:11:37 | 00,054,784 | ---- | C] (ITE Tech. Inc. ) -- C:\Windows\System32\drivers\itecir.sys
[2009/07/01 16:11:37 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CIRCoInst.dll
[2009/07/01 15:59:20 | 00,000,000 | ---D | C] -- C:\Windows\BUVC_AP
[2009/07/01 15:55:08 | 00,028,219 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/07/01 15:55:06 | 00,028,219 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/07/01 15:54:06 | 00,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2009/07/01 15:47:57 | 00,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
[2009/07/01 15:47:49 | 00,000,000 | ---D | C] -- C:\Intel
[2009/07/01 15:47:48 | 00,324,120 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iaStor.sys
[2009/07/01 15:47:25 | 00,000,553 | R--- | C] () -- C:\Windows\USetup.iss
[2009/07/01 15:47:00 | 00,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2009/07/01 15:46:43 | 00,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2009/07/01 15:46:42 | 00,001,694 | R--- | C] () -- C:\Windows\RtDefLvl.ini
[2009/07/01 15:46:42 | 00,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2009/07/01 15:46:42 | 00,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009/07/01 15:46:42 | 00,000,008 | R--- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2009/07/01 15:46:41 | 01,826,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SkyTel.exe
[2009/07/01 15:46:41 | 01,777,664 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2009/07/01 15:46:41 | 01,196,032 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
[2009/07/01 15:46:41 | 00,532,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2009/07/01 15:46:41 | 00,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2009/07/01 15:46:41 | 00,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2009/07/01 15:46:41 | 00,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2009/07/01 15:46:41 | 00,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2009/07/01 15:46:40 | 02,172,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2009/07/01 15:46:40 | 02,134,424 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2009/07/01 15:46:40 | 00,694,784 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2009/07/01 15:46:40 | 00,285,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2009/07/01 15:46:40 | 00,031,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2009/07/01 15:46:39 | 06,139,904 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2009/07/01 15:46:38 | 01,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2009/07/01 15:46:38 | 00,159,744 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2009/07/01 15:46:38 | 00,143,360 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\FMAPO.dll
[2009/07/01 15:46:38 | 00,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2009/07/01 15:46:38 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek
[2009/07/01 15:46:35 | 00,520,192 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2009/07/01 15:46:35 | 00,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2009/07/01 15:45:57 | 01,079,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpluir.dll
[2009/07/01 15:45:57 | 00,768,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcplui.exe
[2009/07/01 15:45:57 | 00,420,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.cpl
[2009/07/01 15:45:57 | 00,313,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll
[2009/07/01 15:45:31 | 00,453,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvudisp.exe
[2009/07/01 15:45:31 | 00,008,664 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu
[2009/07/01 15:44:23 | 00,453,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE
[2009/07/01 15:43:36 | 00,054,824 | ---- | C] (Agere Systems) -- C:\Windows\System32\agrsmdel.exe
[2009/07/01 15:43:14 | 01,202,560 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\AGRSM.sys
[2009/07/01 15:43:14 | 00,054,824 | ---- | C] (Agere Systems) -- C:\Windows\agrsmdel.exe
[2009/07/01 15:43:14 | 00,013,312 | ---- | C] (Agere Systems) -- C:\Windows\System32\agrscoin.dll
[2009/07/01 15:43:14 | 00,012,800 | ---- | C] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
[2009/07/01 15:43:09 | 00,000,000 | ---D | C] -- C:\Windows\Options
[2009/07/01 15:42:29 | 00,047,104 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\L1E60x86.sys
[2009/07/01 15:42:25 | 00,000,000 | ---D | C] -- C:\Windows\System32\Atheros_L1e
[2009/07/01 15:41:54 | 00,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2009/07/01 15:41:32 | 00,000,000 | ---D | C] -- C:\Program Files\Cisco
[2009/07/01 15:41:30 | 00,000,000 | ---D | C] -- C:\ProgramData\Intel
[2009/07/01 15:41:30 | 00,000,000 | ---D | C] -- C:\Program Files\Intel
[2009/07/01 15:41:30 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2009/07/01 15:40:58 | 03,658,752 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETw5v32.sys
[2009/07/01 15:40:58 | 02,756,608 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETw5r32.dll
[2009/07/01 15:40:58 | 00,659,456 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETw5c32.dll
[2009/07/01 15:40:25 | 00,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2009/07/01 15:40:25 | 00,114,688 | ---- | C] (Arachnoid Biometrics Identification Group Corp.) -- C:\Windows\System32\VCryptAPI.dll
[2009/07/01 15:40:25 | 00,023,040 | ---- | C] (Arachnoid Biometrics Identification Group Corp.) -- C:\Windows\System32\ShlCmd.exe
[2009/07/01 15:40:24 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biologon.dll
[2009/07/01 15:40:21 | 00,331,776 | ---- | C] (Alfa Corporation) -- C:\Windows\System32\DrvCrypt.dll
[2009/07/01 15:40:21 | 00,043,184 | ---- | C] (Alfa Corporation) -- C:\Windows\System32\drivers\AlfaFF.sys
[2009/07/01 15:40:21 | 00,016,384 | ---- | C] (Alfa Corporation) -- C:\Windows\System32\AlfaFF.dll
[2009/07/01 15:40:18 | 00,192,512 | ---- | C] (Arachnoid Biometric Identification Group.) -- C:\Windows\System32\BioOne.dll
[2009/07/01 15:40:18 | 00,189,952 | ---- | C] (AuthenTec, Inc.) -- C:\Windows\System32\PBAGUI.dll
[2009/07/01 15:39:22 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Roaming\Validity
[2009/07/01 15:38:50 | 00,000,000 | ---D | C] -- C:\Program Files\Validity Sensors, Inc
[2009/07/01 15:38:25 | 00,000,125 | ---- | C] () -- C:\Windows\xUninstall.bat
[2009/07/01 15:38:08 | 00,015,086 | R--- | C] () -- C:\Windows\System32\jmcr_xd.ico
[2009/07/01 15:38:08 | 00,015,086 | R--- | C] () -- C:\Windows\System32\jmcr_ms.ico
[2009/07/01 15:38:08 | 00,015,086 | R--- | C] () -- C:\Windows\System32\jmcr_mmc.ico
[2009/07/01 15:38:08 | 00,000,000 | ---D | C] -- C:\Windows\JMCR_DIR
[2009/07/01 15:38:00 | 00,000,209 | ---- | C] () -- C:\Windows\Setuplog.ini
[2009/07/01 15:36:05 | 00,081,200 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwavdt.sys
[2009/07/01 15:36:04 | 00,079,664 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwaudio.sys
[2009/07/01 15:36:04 | 00,016,432 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\drivers\btwrchid.sys
[2009/07/01 15:35:58 | 00,233,472 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\BtwRSupport.dll
[2009/07/01 15:35:47 | 00,000,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2009/07/01 15:35:45 | 00,000,000 | ---D | C] -- C:\Windows\System32\es-MX
[2009/07/01 15:35:45 | 00,000,000 | ---D | C] -- C:\Windows\System32\es-AR
[2009/07/01 15:35:43 | 00,000,000 | ---D | C] -- C:\Program Files\WIDCOMM
[2009/07/01 15:35:09 | 00,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/07/01 15:33:34 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2009/07/01 15:33:26 | 00,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2009/07/01 15:33:12 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009/07/01 15:33:12 | 00,196,784 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys
[2009/07/01 15:33:12 | 00,196,608 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynCtrl.dll
[2009/07/01 15:33:12 | 00,163,840 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynCOM.dll
[2009/07/01 15:33:12 | 00,147,456 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynTPAPI.dll
[2009/07/01 15:33:12 | 00,110,592 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynTPCo4.dll
[2009/07/01 15:32:50 | 00,009,216 | ---- | C] () -- C:\Windows\usbvideo_reg.exe
[2009/07/01 15:32:50 | 00,004,838 | ---- | C] () -- C:\Windows\Suyin.reg
[2009/07/01 15:32:49 | 00,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009/07/01 15:32:49 | 00,352,256 | ---- | C] (SuYin) -- C:\Windows\Acer Crystal Eye webcam.EXE
[2009/07/01 15:32:49 | 00,222,382 | ---- | C] () -- C:\Windows\Acer Crystal Eye webcam.ico
[2009/07/01 15:32:49 | 00,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009/07/01 15:32:49 | 00,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009/07/01 15:32:41 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Roaming\InstallShield
[2009/07/01 15:31:10 | 00,000,000 | ---D | C] -- C:\Windows\Driver Cache
[2009/07/01 15:31:09 | 00,000,000 | ---D | C] -- C:\Program Files\AVerMedia
[2009/07/01 15:30:35 | 00,000,083 | ---- | C] () -- C:\Windows\LManager.UNI
[2009/07/01 15:30:32 | 00,000,000 | ---D | C] -- C:\Program Files\Launch Manager
[2009/07/01 15:30:24 | 00,000,000 | ---- | C] () -- C:\Windows\Setup.INI
[2009/07/01 15:30:23 | 00,000,092 | ---- | C] () -- C:\Windows\GridV.UNI
[2009/07/01 15:30:20 | 00,000,000 | ---D | C] -- C:\Program Files\Acer Inc
[2009/07/01 15:28:55 | 00,204,800 | ---- | C] (Acer Inc.) -- C:\Windows\System32\SysHook.dll
[2009/07/01 15:28:55 | 00,061,440 | ---- | C] (Acer Inc.) -- C:\Windows\System32\MCEPlugin.dll
[2009/07/01 15:27:48 | 00,238,080 | ---- | C] (TODO: <Company name>) -- C:\Windows\System32\ITEIO_64.dll
[2009/07/01 15:27:48 | 00,014,544 | ---- | C] (EnTech Taiwan) -- C:\Windows\System32\drivers\TVicPort.sys
[2009/07/01 15:27:48 | 00,006,080 | ---- | C] (Zeal SoftStudio) -- C:\Windows\System32\drivers\zntport.sys
[2009/07/01 15:25:03 | 00,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009/07/01 15:24:55 | 00,017,952 | ---- | C] (Acer, Inc.) -- C:\Windows\System32\drivers\int15_64.sys
[2009/07/01 15:24:55 | 00,001,739 | ---- | C] () -- C:\Users\Public\Desktop\Empowering Technology.lnk
[2009/07/01 15:22:50 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2009/07/01 15:22:50 | 00,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2009/07/01 15:22:45 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Local\Downloaded Installations
[2009/07/01 15:22:21 | 00,014,848 | R--- | C] (NewTech Infosystems, Inc.) -- C:\Windows\System32\drivers\NTIDrvr.sys
[2009/07/01 15:22:18 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2009/07/01 15:22:16 | 00,013,824 | R--- | C] (NewTech Infosystems Corporation) -- C:\Windows\System32\drivers\UBHelper.sys
[2009/07/01 15:22:13 | 00,002,142 | ---- | C] () -- C:\Users\Public\Desktop\NTI Media Maker 8.lnk
[2009/07/01 15:21:28 | 00,000,000 | ---D | C] -- C:\Program Files\NewTech Infosystems
[2009/07/01 15:19:34 | 00,001,024 | RH-- | C] () -- C:\Users\Public\Documents\NTIMPEG2.dll
[2009/07/01 15:19:34 | 00,001,024 | RH-- | C] () -- C:\Users\Public\Documents\NTIMP3.dll
[2009/07/01 15:18:59 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Local\Adobe
[2009/07/01 15:18:48 | 00,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2009/07/01 15:18:46 | 00,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2009/07/01 15:18:43 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2009/07/01 15:18:43 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/07/01 15:17:17 | 00,001,900 | ---- | C] () -- C:\Users\Public\Desktop\Orion.lnk
[2009/07/01 15:17:14 | 00,000,000 | ---D | C] -- C:\Program Files\Convesoft
[2009/07/01 15:16:15 | 00,000,000 | ---D | C] -- C:\ProgramData\eSobi
[2009/07/01 15:16:11 | 00,001,948 | ---- | C] () -- C:\Users\Public\Desktop\eSobi v2.lnk
[2009/07/01 15:16:07 | 00,000,000 | ---D | C] -- C:\Program Files\eSobi
[2009/07/01 15:15:18 | 01,233,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4.dll
[2009/07/01 15:15:18 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4r.dll
[2009/07/01 15:15:18 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2009/07/01 15:14:29 | 00,002,065 | ---- | C] () -- C:\Users\Public\Desktop\Acer Arcade Deluxe.lnk
[2009/07/01 15:14:29 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Local\PowerCinema
[2009/07/01 15:14:26 | 00,000,000 | ---D | C] -- C:\Program Files\Cyberlink
[2009/07/01 15:12:48 | 00,000,000 | ---D | C] -- C:\Program Files\Acer Arcade Deluxe
[2009/07/01 15:12:46 | 00,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2009/07/01 15:12:30 | 00,000,000 | ---D | C] -- C:\ProgramData\Temp
[2009/07/01 15:12:10 | 00,000,000 | -HSD | C] -- C:\Windows\Installer
[2009/07/01 15:11:48 | 00,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2009/07/01 15:11:23 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Roaming\Acer
[2009/07/01 15:11:18 | 00,000,671 | ---- | C] () -- C:\Users\Public\Desktop\Acer VCM.lnk
[2009/07/01 15:11:18 | 00,000,627 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
[2009/07/01 15:11:18 | 00,000,000 | ---D | C] -- C:\Program Files\Acer
[2009/07/01 15:10:46 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009/07/01 15:10:46 | 00,000,000 | ---D | C] -- C:\Acer
[2009/07/01 15:10:29 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2009/07/01 14:44:51 | 01,827,707 | -H-- | C] () -- C:\Users\Nektarios\AppData\Local\IconCache.db
[2009/07/01 14:43:33 | 00,048,600 | ---- | C] () -- C:\Users\Nektarios\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/07/01 14:43:19 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Roaming\Identities
[2009/07/01 14:43:17 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Local\VirtualStore
[2009/07/01 14:43:14 | 00,007,592 | ---- | C] () -- C:\Users\Nektarios\AppData\Local\d3d9caps.dat
[2009/07/01 14:43:13 | 00,000,000 | --SD | C] -- C:\Users\Nektarios\AppData\Roaming\Microsoft
[2009/07/01 14:43:13 | 00,000,000 | -HSD | C] -- C:\Users\Nektarios\Documents\My Videos
[2009/07/01 14:43:13 | 00,000,000 | -HSD | C] -- C:\Users\Nektarios\Documents\My Pictures
[2009/07/01 14:43:13 | 00,000,000 | -HSD | C] -- C:\Users\Nektarios\Documents\My Music
[2009/07/01 14:43:13 | 00,000,000 | -HSD | C] -- C:\Users\Nektarios\AppData\Local\Temporary Internet Files
[2009/07/01 14:43:13 | 00,000,000 | -HSD | C] -- C:\Users\Nektarios\AppData\Local\History
[2009/07/01 14:43:13 | 00,000,000 | -HSD | C] -- C:\Users\Nektarios\AppData\Local\Application Data
[2009/07/01 14:43:13 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Roaming\Media Center Programs
[2009/07/01 14:43:13 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Local\Temp
[2009/07/01 14:43:13 | 00,000,000 | ---D | C] -- C:\Users\Nektarios\AppData\Local\Microsoft
[2009/07/01 13:40:35 | 00,000,000 | ---D | C] -- C:\Windows\Debug
[2009/07/01 13:39:18 | 32,180,46976 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/01 13:36:38 | 00,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2009/07/01 13:34:50 | 00,000,000 | ---D | C] -- C:\Windows\CSC
[2009/07/01 13:32:57 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2008/

guestolo · « **Reply #3 on:** July 03, 2009, 09:07:54 AM »

Which drive is represented by drive letter E?
It may have infected files on it that reinfect this machine

Can you transfer the next tool to desktop
Download ComboFix from one of these locations:

[color=\"#0000FF\"]Link 1[/color]
[color=\"#0000FF\"]Link 2[/color]
[color=\"#FF0000\"]Save it ONLY to your Desktop[/color]

[color=\"#2E8B57\"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

Double click on ComboFix.exe & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please

nerwnas · « **Reply #4 on:** July 03, 2009, 10:21:09 AM »

[quote name=\'guestolo\' post=\'463820\' date=\'Jul 3 2009, 04:07 PM\']Which drive is represented by drive letter E?
It may have infected files on it that reinfect this machine

Can you transfer the next tool to desktop
Download ComboFix from one of these locations:

[color=\"#0000ff\"]Link 1[/color]
[color=\"#0000ff\"]Link 2[/color]
[color=\"#ff0000\"]Save it ONLY to your Desktop[/color]

[color=\"#2e8b57\"]Temporarily Disable your AntiVirus/AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with this tool
[/color]

Double click on ComboFix.exe & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply

NOTE: Do not mouseclick inside ComboFix window as it's running, it may cause it to stall
ComboFix will/may run again on startup, it will prompt that it's creating a log
This process could take up to 10 minutes, let it run uninterrupted please[/quote]

Drive E is the dvd rom.So i don't know if it is involved in some way with the problem...

Here is the Combofix log:

ComboFix 09-06-26.02 - Nektarios 03/07/2009 17:08.1 - NTFSx86
MicrosoftÂ® Windows Vistaâ„¢ Ultimate 6.0.6001.1.1253.30.1033.18.3068.2175 [GMT 2:00]
Running from: c:\users\Nektarios\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2009-06-03 to 2009-07-03 )))))))))))))))))))))))))))))))
.

2009-07-02 15:42 . 2009-07-02 15:43 -------- d-----w- C:\Rooter$
2009-07-02 15:26 . 2009-07-02 15:27 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-07-02 15:26 . 2009-07-02 15:26 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-02 01:56 . 2009-07-02 01:56 -------- d-----w- c:\users\Nektarios\AppData\Roaming\Media Player Classic
2009-07-01 22:32 . 2009-07-01 11:38 -------- d-----w- c:\windows\Panther
2009-07-01 22:31 . 2009-07-03 15:11 -------- d-sh--w- C:\Boot
2009-07-01 16:37 . 2009-07-01 16:37 -------- d-----w- c:\program files\Trend Micro
2009-07-01 14:42 . 2009-07-01 14:42 -------- d-----w- c:\users\Nektarios\AppData\Roaming\Malwarebytes
2009-07-01 14:42 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-01 14:42 . 2009-07-01 14:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-01 14:42 . 2009-07-01 14:42 -------- d-----w- c:\programdata\Malwarebytes
2009-07-01 14:42 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-01 14:11 . 2007-12-18 09:12 54784 ----a-w- c:\windows\system32\drivers\itecir.sys
2009-07-01 14:11 . 2006-10-04 21:46 7680 ----a-w- c:\windows\system32\CIRCoInst.dll
2009-07-01 13:59 . 2009-07-01 13:59 -------- d-----w- c:\windows\BUVC_AP
2009-07-01 13:54 . 2009-07-01 13:54 -------- d-----w- c:\programdata\NVIDIA
2009-07-01 13:47 . 2006-11-10 07:25 319456 ----a-w- c:\windows\system32\difxapi.dll
2009-07-01 13:47 . 2009-07-01 13:47 -------- d-----w- C:\Intel
2009-07-01 13:47 . 2008-07-20 15:44 324120 ----a-w- c:\windows\system32\drivers\iaStor.sys
2009-07-01 13:47 . 2009-07-01 13:47 -------- d-----w- c:\windows\system32\RTCOM
2009-07-01 13:45 . 2008-08-01 13:11 768544 ----a-w- c:\windows\system32\nvcplui.exe
2009-07-01 13:45 . 2008-08-01 13:11 313888 ----a-w- c:\windows\system32\nvexpbar.dll
2009-07-01 13:45 . 2008-08-01 13:11 1079840 ----a-w- c:\windows\system32\nvcpluir.dll
2009-07-01 13:45 . 2008-08-01 13:11 453152 ----a-w- c:\windows\system32\nvudisp.exe
2009-07-01 13:44 . 2008-08-06 05:51 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-07-01 13:43 . 2008-03-07 04:11 54824 ------w- c:\windows\system32\agrsmdel.exe
2009-07-01 13:43 . 2008-03-07 04:11 54824 ----a-w- c:\windows\agrsmdel.exe
2009-07-01 13:43 . 2008-02-29 07:13 1202560 ----a-w- c:\windows\system32\drivers\AGRSM.sys
2009-07-01 13:43 . 2007-12-11 03:40 13312 ------w- c:\windows\system32\agrscoin.dll
2009-07-01 13:43 . 2007-12-11 03:15 12800 ----a-w- c:\windows\system32\agrsmsvc.exe
2009-07-01 13:43 . 2009-07-01 13:43 -------- d-----w- c:\windows\Options
2009-07-01 13:42 . 2008-05-19 16:23 47104 ----a-w- c:\windows\system32\drivers\L1E60x86.sys
2009-07-01 13:42 . 2009-07-01 14:18 -------- d-----w- c:\windows\system32\Atheros_L1e
2009-07-01 13:41 . 2009-07-01 13:41 -------- d-----w- c:\users\Public\Roaming
2009-07-01 13:41 . 2009-07-01 13:41 -------- d-----w- c:\users\Nektarios\Roaming
2009-07-01 13:41 . 2009-07-01 13:41 -------- d-----w- c:\users\Default\Roaming
2009-07-01 13:41 . 2009-07-01 13:41 -------- d-----w- c:\programdata\Roaming
2009-07-01 13:41 . 2009-07-01 13:41 -------- d-----w- c:\program files\Cisco
2009-07-01 13:41 . 2009-07-01 13:49 -------- d-----w- c:\program files\Intel
2009-07-01 13:41 . 2009-07-01 13:41 -------- d-----w- c:\programdata\Intel
2009-07-01 13:41 . 2009-07-01 13:41 -------- d-----w- c:\program files\Common Files\Intel
2009-07-01 13:40 . 2008-04-27 22:29 3658752 ----a-w- c:\windows\system32\drivers\NETw5v32.sys
2009-07-01 13:40 . 2008-04-18 08:09 2756608 ----a-w- c:\windows\system32\NETw5r32.dll
2009-07-01 13:40 . 2008-04-18 08:08 659456 ----a-w- c:\windows\system32\NETw5c32.dll
2009-07-01 13:40 . 2009-07-01 13:40 23040 ----a-w- c:\windows\system32\ShlCmd.exe
2009-07-01 13:40 . 2009-07-01 13:40 118784 ----a-w- c:\windows\system32\VMC3KAPI.dll
2009-07-01 13:40 . 2009-07-01 13:40 114688 ----a-w- c:\windows\system32\VCryptAPI.dll
2009-07-01 13:40 . 2009-07-01 13:40 5632 ----a-w- c:\windows\system32\biologon.dll
2009-07-01 13:40 . 2009-07-01 13:40 43184 ----a-w- c:\windows\system32\drivers\AlfaFF.sys
2009-07-01 13:40 . 2009-07-01 13:40 331776 ----a-w- c:\windows\system32\DrvCrypt.dll
2009-07-01 13:40 . 2009-07-01 13:40 16384 ----a-w- c:\windows\system32\AlfaFF.dll
2009-07-01 13:40 . 2009-07-01 13:40 192512 ----a-w- c:\windows\system32\BioOne.dll
2009-07-01 13:40 . 2009-07-01 13:40 189952 ----a-w- c:\windows\system32\PBAGUI.dll
2009-07-01 13:39 . 2009-07-01 13:39 -------- d-----w- c:\users\Nektarios\AppData\Roaming\Validity
2009-07-01 13:38 . 2009-07-01 13:38 -------- d-----w- c:\program files\Validity Sensors, Inc
2009-07-01 13:38 . 2009-07-01 14:00 125 ----a-w- c:\windows\xUninstall.bat
2009-07-01 13:38 . 2009-07-01 14:00 -------- d-----w- c:\windows\JMCR_DIR
2009-07-01 13:36 . 2007-02-27 06:20 81200 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2009-07-01 13:36 . 2007-03-29 19:46 79664 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2009-07-01 13:36 . 2007-02-27 06:20 16432 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2009-07-01 13:35 . 2007-04-26 02:20 233472 ----a-w- c:\windows\system32\BtwRSupport.dll
2009-07-01 13:35 . 2009-07-01 13:35 -------- d-----w- c:\windows\system32\es-MX
2009-07-01 13:35 . 2009-07-01 13:35 -------- d-----w- c:\windows\system32\es-AR
2009-07-01 13:35 . 2009-07-01 13:35 -------- d-----w- c:\program files\WIDCOMM
2009-07-01 13:35 . 2009-07-03 15:11 12 ----a-w- c:\windows\bthservsdp.dat
2009-07-01 13:33 . 2009-07-01 13:33 -------- d-----w- c:\program files\Synaptics
2009-07-01 13:33 . 2008-04-04 09:26 196784 ----a-w- c:\windows\system32\drivers\SynTP.sys
2009-07-01 13:33 . 2008-04-04 09:26 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2009-07-01 13:33 . 2008-04-04 08:58 147456 ----a-w- c:\windows\system32\SynTPAPI.dll
2009-07-01 13:33 . 2008-04-04 08:46 196608 ----a-w- c:\windows\system32\SynCtrl.dll
2009-07-01 13:33 . 2008-04-04 08:45 163840 ----a-w- c:\windows\system32\SynCOM.dll
2009-07-01 13:33 . 2006-03-09 01:58 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll
2009-07-01 13:32 . 2008-04-22 11:21 9216 ----a-w- c:\windows\usbvideo_reg.exe
2009-07-01 13:32 . 2008-02-25 09:13 4838 ----a-w- c:\windows\Suyin.reg
2009-07-01 13:32 . 2008-06-30 15:56 200704 ----a-w- c:\windows\PLFSetI.exe
2009-07-01 13:32 . 2008-06-23 09:47 352256 ----a-w- c:\windows\Acer Crystal Eye webcam.EXE
2009-07-01 13:32 . 2007-03-29 14:48 626688 ----a-w- c:\windows\Image.dll
2009-07-01 13:32 . 2009-07-01 13:32 -------- d-----w- c:\users\Nektarios\AppData\Roaming\InstallShield
2009-07-01 13:31 . 2009-07-01 14:07 -------- d-----w- c:\windows\Driver Cache
2009-07-01 13:31 . 2009-07-01 13:31 -------- d-----w- c:\program files\AVerMedia
2009-07-01 13:30 . 2009-07-01 13:30 -------- d-----w- c:\program files\Launch Manager
2009-07-01 13:30 . 2009-07-01 13:30 -------- d-----w- c:\program files\Acer Inc
2009-07-01 13:28 . 2008-08-01 07:51 61440 ----a-w- c:\windows\system32\MCEPlugin.dll
2009-07-01 13:28 . 2008-08-01 07:51 204800 ----a-w- c:\windows\system32\SysHook.dll
2009-07-01 13:27 . 2008-02-25 14:29 6080 ----a-w- c:\windows\system32\drivers\zntport.sys
2009-07-01 13:27 . 2008-02-25 14:29 14544 ----a-w- c:\windows\system32\drivers\TVicPort.sys
2009-07-01 13:27 . 2008-02-25 14:28 238080 ----a-w- c:\windows\system32\ITEIO_64.dll
2009-07-01 13:25 . 2008-06-02 07:25 487424 ----a-w- c:\windows\system32\INT15.dll
2009-07-01 13:24 . 2008-06-02 07:20 17952 ----a-w- c:\windows\system32\drivers\int15_64.sys
2009-07-01 13:22 . 2009-07-01 13:22 1024 ---h--r- c:\windows\system32\NTIOFM4.dll
2009-07-01 13:22 . 2009-07-01 13:22 1024 ---h--r- c:\windows\system32\NTIBUN5.dll
2009-07-01 13:22 . 2009-07-01 13:26 -------- d-----w- c:\users\Nektarios\AppData\Local\Downloaded Installations
2009-07-01 13:22 . 2008-01-30 09:52 14848 ----a-r- c:\windows\system32\drivers\NTIDrvr.sys
2009-07-01 13:22 . 2009-07-01 13:22 -------- d-----w- c:\program files\Common Files\LightScribe
2009-07-01 13:22 . 2008-01-30 09:51 13824 ------r- c:\windows\system32\drivers\UBHelper.sys
2009-07-01 13:21 . 2009-07-01 13:23 -------- d-----w- c:\program files\NewTech Infosystems
2009-07-01 13:18 . 2009-07-01 13:18 -------- d-----w- c:\users\Nektarios\AppData\Local\Adobe
2009-07-01 13:18 . 2009-07-01 13:18 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-01 13:17 . 2009-07-01 13:17 -------- d-----w- c:\program files\Convesoft
2009-07-01 13:16 . 2009-07-01 13:16 -------- d-----w- c:\programdata\eSobi
2009-07-01 13:16 . 2009-07-01 13:16 -------- d-----w- c:\program files\eSobi
2009-07-01 13:15 . 2008-01-16 16:35 82432 ----a-w- c:\windows\system32\msxml4r.dll
2009-07-01 13:15 . 2008-01-16 16:35 44544 ----a-w- c:\windows\system32\msxml4a.dll
2009-07-01 13:15 . 2008-01-16 16:35 1233920 ----a-w- c:\windows\system32\msxml4.dll
2009-07-01 13:14 . 2009-07-01 13:14 -------- d-----w- c:\users\Nektarios\AppData\Local\PowerCinema
2009-07-01 12:43 . 2009-07-01 12:43 48600 ----a-w- c:\users\Nektarios\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-01 11:40 . 2009-07-01 14:29 -------- d-----w- c:\windows\Debug

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-03 14:57 . 2009-07-01 13:55 28219 ----a-w- c:\programdata\nvModes.dat
2009-07-02 23:00 . 2009-07-01 12:43 7592 ----a-w- c:\users\Nektarios\AppData\Local\d3d9caps.dat
2009-07-02 01:36 . 2009-07-02 01:36 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-07-01 15:05 . 2009-07-01 15:05 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-07-01 13:59 . 2009-07-01 13:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-01 13:46 . 2009-07-01 13:46 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-07-01 13:46 . 2009-07-01 13:46 -------- d-----w- c:\program files\Realtek
2009-07-01 13:46 . 2009-07-01 13:46 315392 ----a-w- c:\windows\HideWin.exe
2009-07-01 13:40 . 2009-07-01 13:11 -------- d-----w- c:\program files\Acer
2009-07-01 13:33 . 2009-07-01 13:33 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2009-07-01 13:15 . 2009-07-01 13:12 -------- d-----w- c:\program files\Acer Arcade Deluxe
2009-07-01 13:14 . 2009-07-01 13:10 -------- d-----w- c:\program files\Common Files\InstallShield
2009-07-01 13:14 . 2009-07-01 13:12 -------- d-----w- c:\programdata\CyberLink
2009-07-01 13:14 . 2009-07-01 13:14 -------- d-----w- c:\program files\Cyberlink
2009-07-01 13:12 . 2009-07-01 13:13 36864 ----a-w- c:\programdata\Temp\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\PostBuild.exe
2009-07-01 13:12 . 2009-07-01 13:12 53319 ----a-w- c:\programdata\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe
2009-07-01 13:11 . 2009-07-01 13:11 -------- d-----w- c:\users\Nektarios\AppData\Roaming\Acer
2009-06-02 16:11 . 2009-07-02 01:36 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-05-29 21:37 . 2009-07-02 01:36 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-05-29 21:31 . 2009-07-02 01:36 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-05-01 21:02 . 2009-07-02 01:36 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-07-02 01:36 685056 ----a-w- c:\windows\system32\divx.dll
2008-04-09 23:35 . 2008-04-09 23:35 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 15:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-07-24 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-07-24 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-07-18 167936]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-05-30 544768]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-06-16 809480]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-06-30 200704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-04 1037608]
"ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2009-07-01 3719680]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-01 13548064]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-01 92704]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-05-07 6139904]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-7-1 1216512]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-24 723760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2009-07-01 13:40 3162624 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{16A1A73B-8847-4E9C-912F-809E62A0FDD6}"= c:\program files\Acer\Acer VCM\VC.exe:Acer VCM
"{20902C93-F50B-44F0-98EE-20DBADBC7F8D}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{6AE05148-C1AB-462A-B89E-CA6ECAE83D4D}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie
"{7BAE9196-DF78-4C3B-B66C-6D730078F560}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program
"{832F4903-41A8-4897-B3D2-F33B63F37E98}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia
"{5EC89EE1-DA71-428D-90CC-16AE16E7C43E}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{30391DA6-DE30-4315-8D08-5EF4E478B91C}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{140AD626-A618-4A2C-9575-30640E629C25}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{6EB12095-A154-4233-B117-FD1D823E9183}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{8F0DD72F-DBDE-4D3C-9CBE-2E07C76B98D5}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{75C4C250-ACEC-48C1-AF27-20E59DC5BFE8}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R0 AlfaFF;AlfaFF File System mini-filter;c:\windows\System32\drivers\AlfaFF.sys [1/7/2009 3:40 Î¼Î¼ 43184]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [1/7/2009 3:14 Î¼Î¼ 61424]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3/3/2008 1:11 Î¼Î¼ 16384]
R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [1/7/2009 3:15 Î¼Î¼ 81504]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [1/7/2009 3:24 Î¼Î¼ 24576]
R2 IGBASVC;iGroupTec Service;c:\program files\Acer\Acer Bio Protection\BASVC.exe [1/7/2009 3:40 Î¼Î¼ 3520512]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [25/4/2008 9:36 Î¼Î¼ 45056]
R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [1/7/2009 3:15 Î¼Î¼ 122368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [25/4/2008 9:36 Î¼Î¼ 131072]
R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [1/7/2009 3:11 Î¼Î¼ 233472]
R2 vfsFPService;Validity Fingerprint Service;c:\windows\System32\vfsFPService.exe [26/5/2008 5:43 Ï€Î¼ 599344]
R3 itecir;ITECIR Infrared Receiver;c:\windows\System32\drivers\itecir.sys [1/7/2009 4:11 Î¼Î¼ 54784]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\System32\drivers\L1E60x86.sys [1/7/2009 3:42 Î¼Î¼ 47104]
R3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\System32\drivers\NETw5v32.sys [1/7/2009 3:40 Î¼Î¼ 3658752]
R3 vfs101x;vfs101x;c:\windows\System32\drivers\vfs101x.sys [26/5/2008 5:44 Ï€Î¼ 40752]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
.
------- Supplementary Scan -------
.
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-03 17:13
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(1156)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\system32\btmmhook.dll
c:\windows\System32\SysHook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\agrsmsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\windows\System32\rundll32.exe
c:\program files\Acer\Acer Bio Protection\CompPtcVUI.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\windows\System32\WUDFHost.exe
c:\windows\System32\conime.exe
c:\program files\Launch Manager\LManager.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\Acer\Acer VCM\acp2HID.exe
c:\users\NEKTAR~1\AppData\Local\Temp\RtkBtMnt.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
.
**************************************************************************
.
Completion time: 2009-07-03 17:14 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-03 15:14

Pre-Run: 136.040.558.592 bytes free
Post-Run: 135.913.099.264 bytes free

276

guestolo · « **Reply #5 on:** July 04, 2009, 08:27:50 AM »

If you go into Device Manager, do you see any problems?

Can you try Safe mode with Networking, can you connect?
Did you have any trial Security software installed, such as Norton's or McAfee's?

Can you connect Wirelessly? Did you install the driver for the wireless device?

nerwnas · « **Reply #6 on:** July 04, 2009, 11:52:43 AM »

[quote name=\'guestolo\' post=\'463829\' date=\'Jul 4 2009, 03:27 PM\']If you go into Device Manager, do you see any problems?

Can you try Safe mode with Networking, can you connect?
Did you have any trial Security software installed, such as Norton's or McAfee's?

Can you connect Wirelessly? Did you install the driver for the wireless device?[/quote]

The device manager shows that every device is working properly.
When i go to safe mode with networking,the problem persists as usual...
I had McAfee installed every time i did the reset to factory conditions through Acer eRecovery.After the last format that i installed a new version of Vista Ultimate,i didn't install any firewall.

I installed every driver for every device while i can't test my wireless networking since i don't have any disposable networks near....

TheTechGuide Forum

News:

Author Topic: Internet problem (Read 1386 times)

nerwnas

Internet problem

guestolo

Internet problem

nerwnas

Internet problem

guestolo

Internet problem

nerwnas

Internet problem

guestolo

Internet problem

nerwnas

Internet problem