Not too sure what is slowing me down, but something is.

4Nmissile · March 2009

My computer has been throwing up quite a few "Internet Explorer has encountered a problem and needs to close" windows lately. A lot more than is usual. I'm unsure as to why though as I have not gotten any viruses as far as I know and the computer is running as normal everywhere else. The only other thing that has been a little slow has been the Windows Media Player. It has been freezing up everytime I go to play a new song. It plays the first one fine, but then freezes when I click a second one. I have to close it completely and reload it. The biggest hassle though is the internet. What do you all think? I uploaded a HijackThis log in case there is something in there.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:20:24 PM, on 3/28/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acer\Bio-Protection fingerprint solution\PdtWzd.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\DOCUME~1\BRIANC~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Acer\Bio-Protection fingerprint solution\FPLaunch.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Brian Clark\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aceradvantage.com/stdreg/startpage.jsp?sn=LXTKU0Z00174210E3B2000
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Bio-Protection fingerprint solution\PdtWzd.exe" show
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Bio-Protection fingerprint solution\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Bio-Protection fingerprint solution\PwdBank.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Programs\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Bio-Protection fingerprint solution\WinNotify.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8563 bytes

Katana · March 2009

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:

Please Read All Instructions Carefully
If you don't understand something, stop and ask! Don't keep going on.
Please do not run any other tools or scans whilst I am helping you
Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those few things, everything should go smoothly

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe

There is no obvious sign of infection

Download and Run RSIT

Please download Random's System Information Tool by random/random from here and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open:
- log.txt will be opened maximized.
- info.txt will be opened minimized.
Please post the contents of both log.txt and info.txt.

4Nmissile · April 2009

Thanks for the reply. I ended up doing an entire reformat. I wasn't even able to get on here to check if someone had responded to my post. That and with having college classes online I have to have my internet running smooth. Not an easy task when it is shutting down all the time. I have not had any trouble since the reformat. Can internet explorer become corrupted or anything and cause it to have to close everytime it is opened up? I did run the RSIT just to be on the safe side and here are the logs. I'm not sure if they will do anything since I reformatted. If there is anything in there that I don't need let me know. Thanks for looking. I made this a two part post as with the second log file it said that I had too much text. The second log file is in the next post down.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Brian C at 2009-04-01 21:22:11
Microsoft Windows XP Professional Service Pack 2
System drive C: has 38 GB (72%) free of 52 GB
Total RAM: 766 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:22:19 PM, on 4/1/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acer\Bio-Protection fingerprint solution\PdtWzd.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\DOCUME~1\BRIANC~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Acer\Bio-Protection fingerprint solution\FPLaunch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
D:\Programs\My Programs\Ultimate Mahjongg\Mahjongg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Brian C\Desktop\RSIT.exe
C:\Documents and Settings\Brian C\Desktop\Brian C.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://en.us.acer.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Bio-Protection fingerprint solution\PdtWzd.exe" show
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Bio-Protection fingerprint solution\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Bio-Protection fingerprint solution\PwdBank.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Bio-Protection fingerprint solution\WinNotify.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

End of file - 7411 bytes

=Registry dump=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2007-03-30 106496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Preload"=C:\Windows\RUNXMLPL.exe [2007-04-20 20480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-12-16 761945]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-11 53248]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-28 16132608]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Bio-Protection fingerprint solution\PdtWzd.exe [2009-03-29 3805184]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-01-08 68640]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2007-02-20 61440]
"Acer ePresentation HPD"=C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2007-03-02 208896]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2007-05-24 475136]
"Boot"=C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584]
"eLockMonitor"=C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe []
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-03-30 342528]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2007-07-11 421888]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-06-07 850704]
"AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2009-03-31 590848]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-08-01 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Bio-Protection fingerprint solution\WinNotify.dll [2009-03-29 2803200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Acer\Bio-Protection fingerprint solution\PwdFilter

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8562e7e7-1cc0-11de-9915-001dd9665856}]
shell\AutoRun\command - F:\wd_windows_tools\setup.exe

=List of files/folders created in the last 1 months=

2009-04-01 21:22:11 ----D---- C:\rsit
2009-04-01 19:13:40 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-04-01 19:13:05 ----D---- C:\WINDOWS\LastGood
2009-04-01 16:05:19 ----D---- C:\WINDOWS\system32\KB905474
2009-03-31 15:27:25 ----D---- C:\Program Files\Knowledge Quest
2009-03-31 14:43:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-03-31 14:43:15 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-03-31 14:43:10 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-03-31 14:43:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-03-31 14:42:59 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-03-31 14:42:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2009-03-31 14:42:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-03-31 14:42:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-03-31 14:42:18 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-31 14:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-03-31 14:41:53 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2009-03-31 14:41:46 ----D---- C:\Program Files\MSXML 6.0
2009-03-31 14:41:22 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-31 14:41:16 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-03-31 14:40:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-03-31 14:40:10 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-03-31 14:40:05 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-03-31 14:40:00 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-03-31 14:39:54 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-03-31 14:39:43 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-03-31 14:39:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2009-03-31 14:39:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-03-31 14:39:21 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-31 14:39:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-03-31 14:38:59 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
2009-03-31 14:38:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-03-31 14:38:47 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-03-31 14:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-03-31 14:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-03-31 14:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-03-30 19:09:50 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-03-30 19:07:35 ----D---- C:\WINDOWS\system32\PreInstall
2009-03-30 19:07:34 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-03-30 19:07:33 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-03-30 12:01:20 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-03-29 21:33:16 ----D---- C:\Documents and Settings\Brian C\Application Data\AVG7
2009-03-29 21:32:58 ----D---- C:\Program Files\Grisoft
2009-03-29 21:32:58 ----D---- C:\Documents and Settings\All Users\Application Data\Grisoft
2009-03-29 21:32:58 ----D---- C:\Documents and Settings\All Users\Application Data\avg7
2009-03-29 21:22:01 ----D---- C:\Program Files\Trend Micro
2009-03-29 20:18:48 ----SHD---- C:\RECYCLER
2009-03-29 19:20:28 ----D---- C:\Documents and Settings\Brian C\Application Data\ATI
2009-03-29 19:20:28 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-03-29 19:17:51 ----SHD---- C:\Config.Msi
2009-03-29 19:17:48 ----D---- C:\Program Files\Launch Manager
2009-03-29 19:16:52 ----A---- C:\WINDOWS\system32\Uninstall_eRecovery.exe
2009-03-29 19:16:52 ----A---- C:\WINDOWS\system32\ERUpdateHidden.EXE
2009-03-29 19:16:52 ----A---- C:\WINDOWS\system32\CloseProcessWindow.dll
2009-03-29 19:16:52 ----A---- C:\WINDOWS\system32\ClearEvent.exe
2009-03-29 19:16:52 ----A---- C:\WINDOWS\system32\CheckD2DSystem.exe
2009-03-29 19:16:52 ----A---- C:\WINDOWS\system32\Acer EULA.txt
2009-03-29 19:15:41 ----A---- C:\WINDOWS\system32\NATTraversal.dll
2009-03-29 19:15:05 ----A---- C:\WINDOWS\system32\Epm-Po.dll
2009-03-29 19:15:05 ----A---- C:\WINDOWS\system32\acpimof.dll
2009-03-29 19:14:25 ----A---- C:\WINDOWS\system32\eRecUtil.dll
2009-03-29 19:14:25 ----A---- C:\WINDOWS\system32\Acer.Empowering.Windows.Forms_v820.dll
2009-03-29 19:14:23 ----A---- C:\WINDOWS\system32\SysMonitor.exe
2009-03-29 19:14:23 ----A---- C:\WINDOWS\system32\ScrollBarLib.dll
2009-03-29 19:14:23 ----A---- C:\WINDOWS\system32\Interop.Shell32.dll
2009-03-29 19:14:22 ----A---- C:\WINDOWS\system32\Acer.Empowering.Windows.Forms.dll
2009-03-29 19:14:01 ----D---- C:\Acer
2009-03-29 19:13:42 ----D---- C:\Program Files\Yahoo!
2009-03-29 19:13:16 ----N---- C:\WINDOWS\system32\msxml3a.dll
2009-03-29 19:12:36 ----D---- C:\Program Files\CyberLink
2009-03-29 19:11:39 ----A---- C:\WINDOWS\system32\acer.exe
2009-03-29 19:11:38 ----D---- C:\Documents and Settings\Brian C\Application Data\Macromedia
2009-03-29 19:11:36 ----D---- C:\WINDOWS\ACER
2009-03-29 19:11:12 ----A---- C:\WINDOWS\system32\VMC3KAPI.dll
2009-03-29 19:11:12 ----A---- C:\WINDOWS\system32\VCryptAPI.dll
2009-03-29 19:10:59 ----A---- C:\WINDOWS\system32\ShlCmd.exe
2009-03-29 19:10:58 ----A---- C:\WINDOWS\system32\biologon.dll
2009-03-29 19:10:49 ----A---- C:\WINDOWS\system32\DemoAPI.dll
2009-03-29 19:10:49 ----A---- C:\WINDOWS\system32\AtNav.dll
2009-03-29 19:10:45 ----A---- C:\WINDOWS\system32\PBAGUI.dll
2009-03-29 19:10:42 ----A---- C:\WINDOWS\system32\ATSC70PBA.dll
2009-03-29 19:10:41 ----D---- C:\Program Files\Acer
2009-03-29 19:10:33 ----D---- C:\Program Files\Fingerprint Sensor
2009-03-29 19:08:12 ----D---- C:\Program Files\ATI Technologies
2009-03-29 19:06:50 ----ASH---- C:\Documents and Settings\Brian C\Application Data\desktop.ini
2009-03-29 19:06:49 ----D---- C:\Documents and Settings\Brian C\Application Data\InstallShield
2009-03-29 19:06:49 ----D---- C:\Documents and Settings\Brian C\Application Data\Identities
2009-03-29 19:06:48 ----SD---- C:\Documents and Settings\Brian C\Application Data\Microsoft
2009-03-29 19:04:17 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2009-03-29 19:00:51 ----D---- C:\Program Files\CONEXANT
2009-03-29 18:58:58 ----A---- C:\WINDOWS\UNINST32.EXE
2009-03-29 18:58:58 ----A---- C:\WINDOWS\system32\FILTRCOI.DLL
2009-03-29 18:56:08 ----A---- C:\WINDOWS\system32\UCI32M16.dll
2009-03-29 18:56:08 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\atitvo32.dll
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\atioglxx.dll
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\atioglx2.dll
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\atikvmag.dll
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2009-03-29 18:54:53 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2009-03-29 18:54:52 ----A---- C:\WINDOWS\system32\ati3duag.dll
2009-03-29 18:54:52 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2009-03-29 18:54:52 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2009-03-29 18:54:50 ----D---- C:\WINDOWS\VGA
2009-03-29 18:53:48 ----A---- C:\WINDOWS\PRELAUNCH.EXE
2009-03-29 18:53:47 ----D---- C:\WINDOWS\Lan
2009-03-29 18:53:46 ----A---- C:\WINDOWS\PreLaunch.ini
2009-03-10 22:18:20 ----N---- C:\WINDOWS\system32\LegitCheckControl.dll
2009-03-10 22:18:14 ----N---- C:\WINDOWS\system32\WgaTray.exe
2009-03-10 22:18:00 ----N---- C:\WINDOWS\system32\WgaLogon.dll

=List of files/folders modified in the last 1 months=

2009-04-01 21:22:12 ----D---- C:\WINDOWS\Prefetch
2009-04-01 19:13:55 ----SD---- C:\WINDOWS\Tasks
2009-04-01 19:13:37 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-04-01 19:13:37 ----D---- C:\WINDOWS\system32
2009-04-01 19:13:35 ----D---- C:\WINDOWS
2009-04-01 19:13:06 ----HD---- C:\WINDOWS\inf
2009-04-01 19:13:05 ----D---- C:\WINDOWS\system32\CatRoot2
2009-04-01 19:12:12 ----D---- C:\WINDOWS\Temp
2009-04-01 16:39:26 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-04-01 16:07:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-31 15:27:25 ----D---- C:\Program Files
2009-03-31 14:43:21 ----D---- C:\WINDOWS\system32\drivers
2009-03-31 14:43:20 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-31 14:43:18 ----A---- C:\WINDOWS\imsins.BAK
2009-03-31 14:43:12 ----D---- C:\Program Files\Messenger
2009-03-31 14:42:49 ----D---- C:\Program Files\Internet Explorer
2009-03-31 14:41:49 ----SHD---- C:\WINDOWS\Installer
2009-03-31 14:41:23 ----D---- C:\WINDOWS\WinSxS
2009-03-30 19:23:12 ----D---- C:\WINDOWS\system32\CatRoot
2009-03-30 19:09:50 ----D---- C:\WINDOWS\Debug
2009-03-30 12:01:27 ----D---- C:\WINDOWS\SoftwareDistribution
2009-03-30 12:01:27 ----D---- C:\WINDOWS\Help
2009-03-29 21:32:28 ----D---- C:\WINDOWS\system
2009-03-29 19:25:08 ----D---- C:\ELEMENTS
2009-03-29 19:24:21 ----D---- C:\WINDOWS\security
2009-03-29 19:24:03 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-03-29 19:22:29 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-03-29 19:22:02 ----D---- C:\Program Files\Common Files
2009-03-29 19:20:31 ----D---- C:\WINDOWS\system32\config
2009-03-29 19:19:59 ----D---- C:\Program Files\Acer Inc
2009-03-29 19:17:53 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-03-29 19:17:24 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-29 19:13:32 ----D---- C:\Program Files\NewTech Infosystems
2009-03-29 19:10:22 ----RSD---- C:\WINDOWS\assembly
2009-03-29 19:07:18 ----A---- C:\WINDOWS\OEWABLog.txt
2009-03-29 19:06:47 ----D---- C:\Documents and Settings
2009-03-29 19:05:42 ----A---- C:\WINDOWS\setuplog.txt
2009-03-29 19:05:36 ----SHD---- C:\System Volume Information
2009-03-29 19:05:36 ----D---- C:\WINDOWS\system32\Restore
2009-03-29 19:05:29 ----RASH---- C:\boot.ini
2009-03-29 19:04:30 ----D---- C:\WINDOWS\Registration
2009-03-29 19:04:09 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-03-29 18:52:26 ----RD---- C:\WINDOWS\Web
2009-03-29 18:52:24 ----D---- C:\WINDOWS\twain_32
2009-03-29 18:49:50 ----D---- C:\WINDOWS\system32\wbem
2009-03-29 18:49:40 ----D---- C:\WINDOWS\system32\usmt
2009-03-29 18:49:38 ----D---- C:\WINDOWS\system32\URTTemp
2009-03-29 18:49:36 ----D---- C:\WINDOWS\system32\spool
2009-03-29 18:49:36 ----D---- C:\WINDOWS\system32\Setup
2009-03-29 18:49:35 ----D---- C:\WINDOWS\system32\RTCOM
2009-03-29 18:49:34 ----D---- C:\WINDOWS\system32\ras
2009-03-29 18:49:34 ----D---- C:\WINDOWS\system32\oobe
2009-03-29 18:49:29 ----D---- C:\WINDOWS\system32\oem
2009-03-29 18:49:07 ----D---- C:\WINDOWS\system32\npp
2009-03-29 18:49:06 ----D---- C:\WINDOWS\system32\mui
2009-03-29 18:48:56 ----SD---- C:\WINDOWS\system32\Microsoft
2009-03-29 18:48:56 ----D---- C:\WINDOWS\system32\MsDtc
2009-03-29 18:48:56 ----D---- C:\WINDOWS\system32\Macromed
2009-03-29 18:48:44 ----D---- C:\WINDOWS\system32\IME
2009-03-29 18:48:43 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-03-29 18:48:43 ----D---- C:\WINDOWS\system32\icsxml
2009-03-29 18:48:43 ----D---- C:\WINDOWS\system32\ias
2009-03-29 18:48:43 ----D---- C:\WINDOWS\system32\en-US
2009-03-29 18:44:49 ----D---- C:\WINDOWS\system32\DirectX
2009-03-29 18:44:40 ----D---- C:\WINDOWS\system32\Com
2009-03-29 18:44:37 ----D---- C:\WINDOWS\system32\1033
2009-03-29 18:44:36 ----D---- C:\WINDOWS\srchasst
2009-03-29 18:44:30 ----D---- C:\WINDOWS\SHELLNEW
2009-03-29 18:44:28 ----D---- C:\WINDOWS\Resources
2009-03-29 18:44:27 ----D---- C:\WINDOWS\repair
2009-03-29 18:44:21 ----D---- C:\WINDOWS\Provisioning
2009-03-29 18:44:20 ----D---- C:\WINDOWS\PeerNet
2009-03-29 18:44:06 ----RD---- C:\WINDOWS\Offline Web Pages
2009-03-29 18:44:06 ----D---- C:\WINDOWS\pchealth
2009-03-29 18:44:06 ----D---- C:\WINDOWS\mui
2009-03-29 18:44:06 ----D---- C:\WINDOWS\msapps
2009-03-29 18:44:06 ----D---- C:\WINDOWS\msagent
2009-03-29 18:43:05 ----D---- C:\WINDOWS\Media
2009-03-29 18:43:04 ----D---- C:\WINDOWS\java
2009-03-29 18:41:28 ----D---- C:\WINDOWS\ime
2009-03-29 18:40:07 ----RSD---- C:\WINDOWS\Fonts
2009-03-29 18:38:47 ----D---- C:\WINDOWS\ehome
2009-03-29 18:37:46 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-29 18:37:46 ----D---- C:\WINDOWS\Driver Cache
2009-03-29 18:37:45 ----D---- C:\WINDOWS\Downloaded Installations
2009-03-29 18:37:45 ----D---- C:\WINDOWS\Cursors
2009-03-29 18:36:12 ----D---- C:\WINDOWS\AppPatch
2009-03-29 18:36:11 ----D---- C:\WINDOWS\addins
2009-03-29 18:36:10 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2009-03-29 18:36:10 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2009-03-29 18:36:08 ----HDC---- C:\WINDOWS\$NtUninstallKB931784$
2009-03-29 18:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2009-03-29 18:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2009-03-29 18:36:00 ----HDC---- C:\WINDOWS\$NtUninstallKB929338$
2009-03-29 18:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2009-03-29 18:35:52 ----HDC---- C:\WINDOWS\$NtUninstallKB918005$
2009-03-29 18:35:52 ----HDC---- C:\WINDOWS\$NtUninstallKB914642$
2009-03-29 18:35:51 ----HDC---- C:\WINDOWS\$NtUninstallKB912945$
2009-03-29 18:35:46 ----HDC---- C:\WINDOWS\$NtUninstallKB909667$
2009-03-29 18:35:44 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
2009-03-29 18:35:43 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-03-29 18:35:43 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
2009-03-29 18:35:42 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-03-29 18:35:29 ----RD---- C:\valueadd
2009-03-29 18:35:24 ----D---- C:\sysinfo
2009-03-29 18:35:15 ----RD---- C:\support
2009-03-29 18:35:15 ----D---- C:\Program Files\xerox
2009-03-29 18:35:15 ----D---- C:\Program Files\Windows NT
2009-03-29 18:35:13 ----D---- C:\Program Files\Windows Media Player
2009-03-29 18:35:01 ----D---- C:\Program Files\Synaptics
2009-03-29 18:34:38 ----D---- C:\Program Files\Realtek
2009-03-29 18:34:38 ----D---- C:\Program Files\Outlook Express
2009-03-29 18:34:36 ----D---- C:\Program Files\Online Services
2009-03-29 18:34:36 ----D---- C:\Program Files\O2Micro Oz128 Driver
2009-03-29 18:33:56 ----D---- C:\Program Files\NetMeeting
2009-03-29 18:33:53 ----D---- C:\Program Files\MSN Gaming Zone
2009-03-29 18:33:39 ----D---- C:\Program Files\MSN
2009-03-29 18:33:39 ----D---- C:\Program Files\Movie Maker
2009-03-29 18:33:33 ----D---- C:\Program Files\Microsoft.NET
2009-03-29 18:33:32 ----D---- C:\Program Files\Microsoft Works
2009-03-29 18:33:31 ----D---- C:\Program Files\Microsoft Visual Studio
2009-03-29 18:32:51 ----D---- C:\Program Files\Microsoft SQL Server
2009-03-29 18:32:37 ----D---- C:\Program Files\Microsoft Small Business
2009-03-29 18:32:14 ----D---- C:\Program Files\Microsoft Office
2009-03-29 18:28:14 ----D---- C:\Program Files\microsoft frontpage
2009-03-29 18:28:03 ----D---- C:\Program Files\DIFX
2009-03-29 18:28:03 ----D---- C:\Program Files\Common Files\System
2009-03-29 18:26:24 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-03-29 18:26:24 ----D---- C:\Program Files\Common Files\Services
2009-03-29 18:26:24 ----D---- C:\Program Files\Common Files\ODBC
2009-03-29 18:26:24 ----D---- C:\Program Files\Common Files\NewTech Infosystems
2009-03-29 18:26:20 ----D---- C:\Program Files\Common Files\muvee Technologies
2009-03-29 18:26:20 ----D---- C:\Program Files\Common Files\MSSoap
2009-03-29 18:26:18 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-03-29 18:24:51 ----D---- C:\Program Files\Common Files\LightScribe
2009-03-29 18:24:46 ----D---- C:\Program Files\Common Files\InstallShield
2009-03-29 18:24:45 ----D---- C:\Program Files\Common Files\DESIGNER
2009-03-29 18:24:45 ----D---- C:\Program Files\Common Files\Adobe
2009-03-29 18:24:15 ----D---- C:\Program Files\Adobe
2009-03-29 18:24:15 ----D---- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
2009-03-29 18:19:17 ----RHD---- C:\MSOCache
2009-03-29 18:19:17 ----D---- C:\I386
2009-03-29 18:13:23 ----RD---- C:\dotnetfx
2009-03-29 18:12:38 ----D---- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2009-03-29 18:12:20 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-03-29 18:12:19 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-03-29 18:12:18 ----RD---- C:\docs
2009-03-29 18:12:18 ----D---- C:\BOOK

=List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)=

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-02 36864]
R1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys [2009-03-30 821856]
R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys [2009-03-29 4224]
R1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2009-03-29 27776]
R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\System32\Drivers\avgclean.sys [2009-03-30 10760]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R2 Int15;int15; \??\C:\WINDOWS\System32\drivers\int15.sys []
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys []
R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-08-01 2371584]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2007-06-16 146824]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2007-06-07 17408]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-12-22 988800]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-12-22 209664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-30 4424192]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-04 28672]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2007-06-28 6144]
R3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
R3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-12-16 191936]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-04-19 30080]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-02-20 58240]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-04-19 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-12-22 730112]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-04-17 255232]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-04 67584]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-04-19 20608]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]

=List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)=

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-08-01 483328]
R2 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2009-03-30 418816]
R2 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2009-03-29 49664]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-03-01 24576]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 171040]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-04 267776]
S2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416]

EOF

4Nmissile · April 2009

Here is the other log file.

info.txt logfile of random's system information tool 1.06 2009-04-01 21:22:21

=Uninstall list=

-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer English Online Help Creator\Uninst.isu"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
Acer Bio-Protection fingerprint solution 3.0.1.1-->"C:\Program Files\Acer\Bio-Protection fingerprint solution\Setup.exe" /u
Acer eDataSecurity Management 2.0.4086-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{4AD13F68-CADA-4C6B-9759-C33753F89908} /l1033
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDStbmngr.exe UNINSTALL 1
Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x9 -removeonly
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x9 -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x9 -removeonly
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x9 -removeonly
Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}\setup.exe" -l0x9 -removeonly
Acer GridVista-->C:\WINDOWS\UnInst32.exe GridV.UNI
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Activation Assistant for the 2007 Microsoft Office suites-->"C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AuthenTec Fingerprint Sensor Minimum Install-->MsiExec.exe /I{EEBFB406-5846-4F33-96B5-C7BA8FC50F69}
AVG 7.5-->C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
Business Contact Manager for Outlook 2007-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {B32C4059-6E7A-41EF-AD20-56DF1872B923}
Business Contact Manager for Outlook 2007-->MsiExec.exe /X{B32C4059-6E7A-41EF-AD20-56DF1872B923}
Catalyst Control Center - Branding-->MsiExec.exe /I{C3B3BB74-B49D-4B15-A5D4-863426EB96E0}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -IAcZUnM5k.inf
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\Brian C\Desktop\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 2.0 (KB922981)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {A1D5A6B2-B620-41F9-B435-10A4FF3C18A2} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Hotfix for Microsoft .NET Framework 2.0 (KB923319)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {3C87D1CF-1592-4BFA-9B3E-380580EFAF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Hotfix for Windows XP (KB896256)-->"C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB909667)-->"C:\WINDOWS\$NtUninstallKB909667$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB914642)-->"C:\WINDOWS\$NtUninstallKB914642$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB918005)-->"C:\WINDOWS\$NtUninstallKB918005$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Launch Manager-->C:\WINDOWS\UnInst32.exe LManager.UNI
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9}
Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1033 CDM7
NTI Shadow-->"C:\Program Files\InstallShield Installation Information\{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}\setup.exe" -removeonly
O2Micro Flash Memory Card Reader Driver Installer(x86)-->MsiExec.exe /X{78764173-3805-4916-B3CE-B433702B8870}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Security Update for Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Security Update for Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Security Update for Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Security Update for Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Office 2007 (KB934528)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}
Update for Office System 2007 Setup (KB929722)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {D8E9BEBD-655F-467D-8176-CA9959C140A3}
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB912945)-->"C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
Update for Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C074F64CC74B03BC354BB5DC973CCF768D5A7194\amdk8.inf
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows XP Hotfix - KB885855-->C:\WINDOWS\$NtUninstallKB885855$\spuninst\spuninst.exe

=Security center information=

AV: AVG 7.5.557

=System event log=

Computer Name: BRIAN
Event Code: 29
Message: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Record Number: 88
Source Name: W32Time
Time Written: 20090329213616.000000-300
Event Type: error
User:

Computer Name: BRIAN
Event Code: 17
Message: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Record Number: 87
Source Name: W32Time
Time Written: 20090329213616.000000-300
Event Type: error
User:

Computer Name: BRIAN
Event Code: 7009
Message: Timeout (30000 milliseconds) waiting for the eLock Service service to connect.

Record Number: 54
Source Name: Service Control Manager
Time Written: 20090329192059.000000-300
Event Type: error
User:

Computer Name: BRIAN
Event Code: 7024
Message: The SQL Server (MSSMLBIZ) service terminated with service-specific error 17058 (0x42A2).

Record Number: 53
Source Name: Service Control Manager
Time Written: 20090329192059.000000-300
Event Type: error
User:

Computer Name: BRIAN
Event Code: 7024
Message: The SQL Server (MSSMLBIZ) service terminated with service-specific error 17058 (0x42A2).

Record Number: 5
Source Name: Service Control Manager
Time Written: 20090329190710.000000-300
Event Type: error
User:

=Application event log=

Computer Name: BRIAN
Event Code: 1002
Message: Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Record Number: 85
Source Name: Application Hang
Time Written: 20090329200917.000000-300
Event Type: error
User:

Computer Name: BRIAN
Event Code: 1002
Message: Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Record Number: 84
Source Name: Application Hang
Time Written: 20090329200834.000000-300
Event Type: error
User:

Computer Name: BRIAN
Event Code: 40
Message: WMI ADAP was unable to create the object Win32_PerfFormattedData_MSSQLMSSMLBIZ_MSSQLMSSMLBIZBufferManager for Performance Library MSSQL$MSSMLBIZ because error 0x80041002 was returned

Record Number: 78
Source Name: WinMgmt
Time Written: 20090329192258.000000-300
Event Type: warning
User:

Computer Name: BRIAN
Event Code: 40
Message: WMI ADAP was unable to create the object Win32_PerfFormattedData_MSSQLMSSMLBIZ_MSSQLMSSMLBIZBufferManager for Performance Library MSSQL$MSSMLBIZ because error 0x80041002 was returned

Record Number: 77
Source Name: WinMgmt
Time Written: 20090329192258.000000-300
Event Type: warning
User:

Computer Name: BRIAN
Event Code: 1517
Message: Windows saved user BRIAN\Brian C registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 61
Source Name: Userenv
Time Written: 20090329191817.000000-300
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4802
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-EOF

Katana · April 2009

There are no problems showing there

Can internet explorer become corrupted or anything and cause it to have to close everytime it is opened up?

All programs are open to glitches, so the simple answer is -- Yes :lol:

Your log shows that :-
1) Adobe needs updating
2) You need an AntiSpyware program ( see AntiSpyware below )....

Your Adobe Acrobat Reader is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Adobe Reader is a large program and uses unnecessary space.
If you prefer a smaller program you can get Foxit 3.0 from http://www.foxitsoftware.com/pdf/rd_intro.php << Recommended

There is a newer version of Adobe Acrobat Reader available.

Please go to this link Adobe Acrobat Reader Download Link
Click Download
On the right Untick Adobe Phototshop Album Starter Edition if you do not wish to include this in the installation.
Click the Continue button
Click Run, and click Run again
Next click the Install Now button and follow the on screen prompts

Congratulations your logs look clean

Let's see if I can help you keep it that way

First lets tidy up

Please delete RSIT.exe and C:\RSIT (entire folder)
You can also delete any logs we have produced, and empty your Recycle bin.

The following is some info to help you stay safe and clean.

You may already have some of the following programs, but I include the full list for the benefit of all the other people who will be reading this thread in the future.
( Vista users must ensure that any programs are Vista compatible BEFORE installing )

Online Scanners
I would recommend a scan at one or more of the following sites at least once a month.

http://www.pandasecurity.com/activescan
http://www.kaspersky.com/kos/eng/partner/71706/kavwebscan.html

!!! Make sure that all your programs are updated !!!
Secunia Software Inspector does all the work for you, .... see HERE for details

AntiSpyware

AntiSpyware is not the same thing as Antivirus.
Different AntiSpyware programs detect different things, so in this case it is recommended that you have more than one.
You should only have one running all the time, the other/s should be used "on demand" on a regular basis.
Most of the programs in this list have a free (for Home Users ) and paid versions,
it is worth paying for one and having "realtime" protection, unless you intend to do a manual scan often.
Spybot - Search & Destroy <<< A must have program
- It includes host protection and registry protection
- A hosts file is a bit like a phone book, it points to the actual numeric address (i.e. the IP address) from the human friendly name of a website. This feature can be used to block malicious websites
MalwareBytes Anti-malware <<< A New and effective program
a-squared Free <<< A good "realtime" or "on demand" scanner
superantispyware <<< A good "realtime" or "on demand" scanner

Prevention

These programs don't detect malware, they help stop it getting on your machine in the first place.
Each does a different job, so you can have more than one
Winpatrol
- An excellent startup manager and then some !!
- Notifies you if programs are added to startup
- Allows delayed startup
- A must have addition
SpywareBlaster 4.0
- SpywareBlaster sets killbits in the registry to prevent known malicious activex controls from installing themselves on your computer.
SpywareGuard 2.2
- SpywareGuard provides real-time protection against spyware.
- Not required if you have other "realtime" antispyware or Winpatrol
ZonedOut
- Formerly known as IE-SPYAD, adds a long list of sites and domains associated with known advertisers and marketers to the Restricted sites zone of Internet Explorer.
MVPS HOSTS
- This little program packs a powerful punch as it blocks ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
- For information on how to download and install, please read this tutorial by WinHelp2002.
- Not required if you are using other host file protections

Internet Browsers

Microsoft has worked hard to make IE.7 a more secure browser, unfortunately whilst it is still the leading browser of choice it will always be under attack from the bad guys.
Using a different web browser can help stop malware getting on your machine.
- Make your Internet Explorer more secure - This can be done by following these simple instructions:
  1. From within Internet Explorer click on the Tools menu and then click on Options.
  2. Click once on the Security tab
  3. Click once on the Internet icon so it becomes highlighted.
  4. Click once on the Custom Level button.
    - Change the Download signed ActiveX controls to Prompt
    - Change the Download unsigned ActiveX controls to Disable
    - Change the Initialise and script ActiveX controls not marked as safe to Disable
    - Change the Installation of desktop items to Prompt
    - Change the Launching programs and files in an IFRAME to Prompt
    - Change the Navigate sub-frames across different domains to Prompt
    - When all these settings have been made, click on the OK button.
    - If it prompts you as to whether or not you want to save the settings, press the Yes button.
  5. Next press the Apply button and then the OK to exit the Internet Properties page.
If you are still using IE6 then either update, or get one of the following.
- FireFox
  - With many addons available that make customization easy this is a very popular choice
  - NoScript and AdBlockPlus addons are essential
- Opera
  - Another popular alternative
- Netscape
  - Another popular alternative
  - Also has Addons available

Cleaning Temporary Internet Files and Tracking Cookies

Temporary Internet Files are mainly the files that are downloaded when you open a web page.
Unfortunately, if the site you visit is of a dubious nature or has been hacked, they can also be an entry point for malware.
It is a good idea to empty the Temporary Internet Files folder on a regular basis.

Tracking Cookies are files that websites use to monitor which sites you visit and how often.
A lot of Antispyware scanners pick up these tracking cookies and flag them as unwanted.
CAUTION :- If you delete all your cookies you will lose any autologin information for sites that you visit, and will need your passwords

Both of these can be cleaned manually, but a quicker option is to use a program
ATF Cleaner
- Free and very simple to use
CCleaner
- Free and very flexible, you can chose which cookies to keep

Also PLEASE read this article.....So How Did I Get Infected In The First Place

The last and most important thing I can tell you is UPDATE.
If you don't update your security programs (Antivirus, Antispyware even Windows) then you are at risk.
Malware changes on a day to day basis. You should update every week at the very least.

If you follow this advice then (with a bit of luck) you will never have to hear from me again

If you could post back one more time to let me know everything is OK, then I can have this thread archived.

Happy surfing K'

4Nmissile · April 2009

Thank you. I should say that I do have the following programs. I have not fired them up yet as I just got done reformatting two days ago and have only been to this site, hotmail, ebay, and my colleges main site. The programs I have are: Spybot, Malwarebytes, ATF Cleaner, CCleaner. There are others, but I won't put them all on here. I updated the Adobe Reader and will read through the Foxit, WinPatrol, and Secunia after I have posted.

I only have one other question. Everyday when I fire up my laptop AVG does its daily scan (which I let it complete before doing anything). However, I have version 7.5 and it gives me a little window that says after April 12th 7.5 will no longer be updated. I have looked at 8.5, but have found no free versions of it, just a trial version. Now it does work exceptional enough for me to consider buying it, but are there any known free versions of 8.5 till I decide?

Also, I have not installed Internet Explorer 7 yet (I'm not really sure if I want to). I heard from a few people at college that Internet Explorer 8 was just released a week or two ago. Should I install it before or after installing my virus, anti-spyware programs, etc. or will I have to re-install those programs after installing IE8 (after the bugs have been worked out of IE8 of course)?

Other than that my laptop is in tip top shape.

I would like to thank you for helping me keep my computer safe and updated.

Katana · April 2009

AVG is still available free from their main site, http://free.avg.com/download?prd=afe

As for IE, I would update to 7, but I would hold off on 8 for the moment. I've seen many threads about problems with it.
In all honesty, I wouldn't use IE at all for browsing. It is still the most "targeted" browser by malware.

4Nmissile · April 2009

Thanks, I will upgrade my AVG to 8.5. Everything is fine on my end. Thanks for helping me out.

Have you heard anything on the Conflicker worm yet? I have heard that it is quite malicious, but I have had no trouble and no one I know has had trouble with it yet. I'm not even sure what it does. Will AVG 8.5 keep it under control?

Katana · April 2009

4Nmissile wrote:

Have you heard anything on the Conflicker worm yet? I have heard that it is quite malicious, but I have had no trouble and no one I know has had trouble with it yet. I'm not even sure what it does. Will AVG 8.5 keep it under control?

I suspect it was more hype than substance, much like the millenium bug.

I wouldn't worry too much about it

4Nmissile · April 2009

OK. Thanks for helping me. Everything is OK on this end. I upgraded my AVG to 8.5. It is working great. Although, I did like how 7.5 would scan whenever you turned on your computer each day, whereas 8.5 only asked for a specific time to scan. I don't always know when I'll be on my computer so putting in a specific time doesn't help with scanning.

Not too sure what is slowing me down, but something is.

Comments