Inactive BSOD Page_Nonpaged Error. - Logs Attatched

Malessick · Oct 23, 2010

==================================================
Dump File : Mini102210-06.dmp
Crash Time : 10/22/2010 11:59:47 PM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa6562ead
Parameter 2 : 0x00000000
Parameter 3 : 0x8053ce42
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+800
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini102210-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini102210-05.dmp
Crash Time : 10/22/2010 10:46:36 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa6562ead
Parameter 2 : 0x00000000
Parameter 3 : 0x8053ce42
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+800
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini102210-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini102210-04.dmp
Crash Time : 10/22/2010 9:51:18 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa6562ead
Parameter 2 : 0x00000000
Parameter 3 : 0x8053ce42
Parameter 4 : 0x00000000
Caused By Driver : eLock2FSCTLDriver.sys
Caused By Address : eLock2FSCTLDriver.sys+10ec6
File Description : eLock2FSCTLDriver Filter Driver
Product Name : Windows (R) 2000 DDK driver
Company : Windows (R) 2000 DDK provider
File Version : 5.1.2600.1106 built by: WinDDK
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini102210-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini102210-03.dmp
Crash Time : 10/22/2010 9:27:15 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa6562ead
Parameter 2 : 0x00000000
Parameter 3 : 0x8053ce42
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+800
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini102210-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini102210-02.dmp
Crash Time : 10/22/2010 9:25:40 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa6562ead
Parameter 2 : 0x00000000
Parameter 3 : 0x8053ce42
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+800
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini102210-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini102210-01.dmp
Crash Time : 10/22/2010 9:23:50 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa6562ead
Parameter 2 : 0x00000000
Parameter 3 : 0x8053ce42
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+800
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini102210-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini011808-04.dmp
Crash Time : 1/18/2008 1:15:15 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa6562ead
Parameter 2 : 0x00000000
Parameter 3 : 0x8053ce42
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+800
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini011808-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini011808-03.dmp
Crash Time : 1/18/2008 1:07:12 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa6562ead
Parameter 2 : 0x00000000
Parameter 3 : 0x8053ce42
Parameter 4 : 0x00000000
Caused By Driver : eLock2FSCTLDriver.sys
Caused By Address : eLock2FSCTLDriver.sys+10ec6
File Description : eLock2FSCTLDriver Filter Driver
Product Name : Windows (R) 2000 DDK driver
Company : Windows (R) 2000 DDK provider
File Version : 5.1.2600.1106 built by: WinDDK
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini011808-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini011808-02.dmp
Crash Time : 1/18/2008 1:04:41 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa6562ead
Parameter 2 : 0x00000000
Parameter 3 : 0x8053ce42
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+800
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini011808-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini011808-01.dmp
Crash Time : 1/18/2008 1:01:25 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa6562ead
Parameter 2 : 0x00000000
Parameter 3 : 0x8053ce42
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+800
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini011808-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini011708-02.dmp
Crash Time : 1/18/2008 12:25:24 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa6562ead
Parameter 2 : 0x00000000
Parameter 3 : 0x8053ce42
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+800
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini011708-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini011708-01.dmp
Crash Time : 1/18/2008 12:03:29 AM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xa6562ead
Parameter 2 : 0x00000000
Parameter 3 : 0x8053ce42
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+800
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini011708-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

Broni · Oct 23, 2010

PAGE_FAULT_IN_NONPAGED_AREA error, in most cases, may be caused by RAM problem, or some infection.

When you said, you tested RAM, did you test it with some software, like memtest, or you actually physically removed some RAM and you tried to run your computer with one RAM stick at a time (that's the most reliable test)?

We're almost done with malware checking, but we'll go back there.

Now, BSV mentions eLock2FSCTLDriver.sys file couple of times.
Let's try something...
Uninstall Acer eLock Management, restart computer and see how it goes.

Malessick · Oct 23, 2010

I did a physical removal of ram test

Malessick · Oct 23, 2010

also can I go ahead and remove most Acer programs as they are pretty F*#king horrible anyway.

Broni · Oct 23, 2010

Uninstall whatever you want, but make sure, Acer eLock Management goes first.

Malessick · Oct 23, 2010

I got rid of acer elock and im back in regular mode! you are a legend. whats next

Broni · Oct 23, 2010

Excellent!

Now, I want you to re-run OTL from normal mode with a same custom script as in my reply #13.
It'll produce just one log.

Malessick · Oct 23, 2010

OTL logfile created on: 10/24/2010 3:25:35 AM - Run 2
OTL by OldTimer - Version 3.2.17.0 Folder = C:\Documents and Settings\admin\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 385.00 Mb Available Physical Memory | 38.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.88 Gb Total Space | 85.33 Gb Free Space | 58.50% Space Free | Partition Type: NTFS
Drive D: | 146.32 Gb Total Space | 146.28 Gb Free Space | 99.97% Space Free | Partition Type: FAT32

Computer Name: ACER-347B5B97EB | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/24 03:21:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\My Documents\Downloads\OTL.exe
PRC - [2010/10/24 03:17:31 | 003,137,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgmfapx.exe
PRC - [2010/10/09 11:03:47 | 001,704,448 | ---- | M] (Curse) -- C:\Documents and Settings\admin\Local Settings\Apps\2.0\PJ2E9K8H.J4D\QY7LLD8A.A0Q\curs..tion_eee711038731a406_0004.0000_1829574f2226d088\CurseClient.exe
PRC - [2010/09/20 22:40:50 | 000,977,976 | ---- | M] (Google Inc.) -- C:\Documents and Settings\admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010/09/15 05:29:10 | 003,987,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgui.exe
PRC - [2010/09/15 05:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/09/10 01:44:22 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/09/09 04:46:42 | 000,652,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/09/07 03:50:14 | 000,647,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/09/07 03:50:08 | 000,745,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgam.exe
PRC - [2010/04/16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/11/26 01:31:06 | 002,375,680 | ---- | M] () -- C:\Program Files\LowerPing\LP.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/07/11 14:07:46 | 000,421,888 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007/06/24 15:25:38 | 000,342,528 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2007/05/22 10:59:58 | 001,459,992 | ---- | M] (OSA Technologies Inc., An Avocent Company) -- C:\Acer\LANScope Agent\awtray.exe
PRC - [2007/04/26 09:51:52 | 000,055,064 | ---- | M] (OSA Technologies Inc., An Avocent Company) -- C:\Acer\LANScope Agent\lockkm.exe
PRC - [2007/04/26 09:51:50 | 000,075,032 | ---- | M] (OSA Technologies Inc., An Avocent Company) -- C:\Acer\LANScope Agent\awServ.exe
PRC - [2006/09/14 12:06:48 | 000,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe

========== Modules (SafeList) ==========

MOD - [2010/10/24 03:21:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\My Documents\Downloads\OTL.exe
MOD - [2008/04/13 17:12:01 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2007/06/24 15:24:14 | 000,028,160 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\MSNChatHook.dll
MOD - [2007/06/24 15:23:06 | 000,077,824 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\ShowErrMsg.dll
MOD - [2007/06/24 15:23:04 | 000,167,936 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\sysenv.dll
MOD - [2007/01/04 15:04:52 | 000,199,168 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\CryptoAPI.dll
MOD - [2006/02/22 11:19:46 | 001,047,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc71u.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009/11/26 01:31:06 | 002,375,680 | ---- | M] () [On_Demand | Running] -- C:\Program Files\LowerPing\LP.exe -- (LP)
SRV - [2007/04/26 09:51:50 | 000,075,032 | ---- | M] (OSA Technologies Inc., An Avocent Company) [Auto | Running] -- C:\Acer\LANScope Agent\awServ.exe -- (AWService)
SRV - [2006/09/14 12:06:48 | 000,028,672 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/09/13 16:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2008/04/13 09:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/09/29 18:31:34 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2007/08/27 10:14:20 | 000,026,768 | ---- | M] (OSA Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys -- (OsaFsLoc)
DRV - [2007/07/31 10:43:44 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007/07/31 10:43:44 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2007/07/17 21:26:04 | 004,547,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/07/03 03:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2007/06/24 15:24:20 | 000,060,416 | ---- | M] (HiTRUST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psdvdisk.sys -- (psdvdisk)
DRV - [2007/06/24 15:23:32 | 000,012,800 | ---- | M] (HiTRUST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psdfilter.sys -- (psdfilter)
DRV - [2007/06/21 12:14:20 | 005,762,208 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2007/06/12 19:29:38 | 000,015,640 | ---- | M] (OSA Technologies, An Avocent Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osaio.sys -- (osaio)
DRV - [2007/05/30 15:30:02 | 000,014,616 | ---- | M] (OSA Technologies, An Avocent Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\NetLock.sys -- (netlock)
DRV - [2007/04/12 15:33:34 | 000,254,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2006/11/08 21:13:06 | 000,010,944 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\osanbm.sys -- (osanbm)
DRV - [2006/10/11 17:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006/10/03 11:03:14 | 000,018,072 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\NetLimiter.sys -- (netlimiter)
DRV - [2006/08/27 21:30:04 | 000,013,952 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.au.acer.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://au.rd.yahoo.com/customize/ycomp/defaults/sp/*http://au.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.au.acer.yahoo.com
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/12 18:41:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/12 18:40:49 | 000,000,000 | ---D | M]

[2010/10/12 18:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\Mozilla\Extensions
[2010/10/12 18:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\y8n27gch.default\extensions
[2010/10/12 18:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\Mozilla\Firefox\Profiles\y8n27gch.default\extensions\battlefieldheroespatcher@ea.com
[2010/10/16 23:10:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/16 23:10:07 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

O1 HOSTS File: ([2004/08/03 22:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AdminWorks Tray] C:\Acer\LANScope Agent\awtray.exe (OSA Technologies Inc., An Avocent Company)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\admin\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\lp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\lp.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\lp.dll ()
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1285890025921 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/09/29 17:57:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)

========== Files/Folders - Created Within 30 Days ==========

[2010/10/24 03:24:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/10/22 23:41:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/10/22 23:37:00 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/10/22 23:35:58 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/10/22 23:35:58 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/10/22 23:35:57 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/10/22 23:35:57 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/10/22 23:35:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/22 23:32:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/22 10:45:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Malwarebytes
[2010/10/22 10:06:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/22 10:06:23 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/22 10:06:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/22 10:06:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/22 09:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\KC Softwares
[2010/10/22 09:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\AutocompletePro
[2010/10/22 09:08:58 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/10/18 00:49:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\vlc
[2010/10/18 00:41:21 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/10/17 23:36:19 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/10/17 23:36:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\uTorrent
[2010/10/16 23:10:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\skypePM
[2010/10/16 23:09:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/10/16 23:09:37 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/10/16 23:09:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Skype
[2010/10/16 23:09:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/10/12 19:22:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\PunkBuster
[2010/10/12 19:07:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\My Documents\Battlefield Heroes
[2010/10/12 19:05:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/10/12 18:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\EA Games
[2010/10/12 18:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Mozilla
[2010/10/12 18:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Mozilla
[2010/10/12 18:40:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/10/10 18:03:45 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft Public Test
[2010/10/10 17:53:17 | 000,000,000 | ---D | C] -- C:\Program Files\PTR Installer 4.0.0.12824 enUS
[2010/10/07 20:31:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Lowerping
[2010/10/07 20:31:21 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\admin\wc
[2010/10/07 20:31:14 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\admin\Application Data\wyUpdate AU
[2010/10/07 18:40:03 | 000,000,000 | ---D | C] -- C:\Program Files\LowerPing
[2010/10/07 08:56:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/10/07 01:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/10/07 01:53:00 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/10/07 01:51:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2010/10/07 01:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010/10/03 22:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Wowhead
[2010/10/03 14:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Deployment
[2010/10/03 14:06:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Tracing
[2010/10/03 14:04:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/10/03 14:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2010/10/03 14:04:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/10/03 14:03:48 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/10/03 13:59:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/10/03 13:30:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Ventrilo
[2010/10/03 13:30:28 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2010/10/03 13:30:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/10/02 13:21:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
[2010/10/02 08:24:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\My Documents\Downloads
[2010/10/02 00:05:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Blizzard Entertainment
[2010/10/01 18:22:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/10/01 16:42:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Desktop\Downloads
[2010/10/01 16:36:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Adobe
[2010/10/01 16:30:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Temp
[2010/10/01 16:29:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Google
[2010/10/01 14:36:53 | 000,000,000 | ---D | C] -- C:\$AVG
[2010/10/01 14:20:22 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2010/10/01 13:19:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/10/01 13:18:58 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010/10/01 13:18:51 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010/10/01 12:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2010/10/01 12:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010/10/01 11:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2010/09/30 18:03:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\OpenOffice.org
[2010/09/30 17:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010/09/30 17:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010/09/30 17:58:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/09/30 17:58:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/09/30 17:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/09/30 17:57:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Sun
[2010/09/30 17:57:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\OpenOffice.org 3.2 (en-US) Installation Files
[2010/09/30 17:51:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\AVG10
[2010/09/30 17:50:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/09/30 17:50:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/09/30 17:50:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2010/09/30 17:50:19 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/09/30 17:49:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/09/30 17:21:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/09/30 17:13:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/09/30 17:13:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/09/30 17:13:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/09/30 17:13:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/09/30 17:11:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010/09/30 17:09:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/09/30 17:07:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/09/30 16:41:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010/09/30 16:41:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010/09/30 16:37:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010/09/30 16:37:21 | 000,000,000 | --SD | C] -- C:\Documents and Settings\admin\UserData
[2010/09/30 16:37:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2010/09/30 16:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Macromedia
[2010/09/30 16:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\commercial
[2010/09/30 16:19:59 | 000,258,048 | ---- | C] (Acer Inc.) -- C:\WINDOWS\System32\Uninstall_eRecovery.exe
[2010/09/30 16:19:59 | 000,258,048 | ---- | C] (Acer Inc.) -- C:\WINDOWS\System32\CheckD2DSystem.exe
[2010/09/30 16:19:59 | 000,159,744 | ---- | C] (acer inc.) -- C:\WINDOWS\System32\CloseProcessWindow.dll
[2010/09/30 16:19:59 | 000,016,384 | ---- | C] ( ) -- C:\WINDOWS\System32\ClearEvent.exe
[2010/09/30 16:17:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\admin\Application Data\Microsoft
[2010/09/30 16:17:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\admin\Cookies
[2010/09/30 16:17:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\Favorites
[2010/09/30 16:17:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\admin\Application Data
[2010/09/30 16:17:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Identities
[2010/09/30 16:17:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Desktop
[2010/09/30 16:17:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Application Data\Avocent AdminWorks
[2010/09/30 16:17:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\admin\SendTo
[2010/09/30 16:17:28 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\admin\Recent
[2010/09/30 16:17:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\My Documents\My Pictures
[2010/09/30 16:17:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\My Documents\My Music
[2010/09/30 16:17:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\My Documents
[2010/09/30 16:17:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\admin\Templates
[2010/09/30 16:17:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\admin\PrintHood
[2010/09/30 16:17:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\admin\NetHood
[2010/09/30 16:17:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\admin\Local Settings
[2010/09/30 16:17:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Start Menu
[2010/09/30 16:17:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Seven Zip
[2010/09/30 16:17:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft Help
[2010/09/30 16:17:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft
[2010/09/30 16:17:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\ApplicationHistory
[2010/09/30 16:17:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Application Data\Adobe

Malessick · Oct 23, 2010

========== Files - Modified Within 30 Days ==========

[2010/10/24 03:25:07 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/10/24 03:17:36 | 000,000,814 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/10/24 03:16:18 | 000,519,338 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/24 03:16:18 | 000,101,524 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/24 03:15:36 | 097,485,034 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/10/24 03:11:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/24 03:11:05 | 1063,571,456 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/24 02:55:20 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/22 23:37:05 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010/10/22 10:06:26 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/22 09:17:51 | 000,002,048 | ---- | M] () -- C:\Cleanup at Techspot.bkf
[2010/10/22 07:40:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2958225914-775782117-1526257697-1008UA.job
[2010/10/21 20:40:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2958225914-775782117-1526257697-1008Core.job
[2010/10/19 11:34:31 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\admin\Local Settings\Application Data\PUTTY.RND
[2010/10/18 00:49:28 | 000,007,168 | ---- | M] () -- C:\Documents and Settings\admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/18 00:42:17 | 000,000,723 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/10/17 23:36:20 | 000,000,652 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/10/17 23:36:20 | 000,000,634 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/10/16 23:10:46 | 000,000,048 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/10/16 23:09:39 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/10/13 14:36:21 | 000,532,927 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\Owned.jpg
[2010/10/12 19:23:14 | 000,138,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/10/12 19:22:55 | 000,215,016 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010/10/12 19:06:00 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\PnkBstrK.sys
[2010/10/12 19:05:32 | 002,427,248 | ---- | M] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010/10/12 18:41:25 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/10/12 18:40:51 | 000,001,624 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/12 18:40:51 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/10/09 21:00:45 | 000,001,776 | ---- | M] () -- C:\WINDOWS\System32\LP.ini
[2010/10/09 11:04:16 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\Curse Client.appref-ms
[2010/10/07 18:44:58 | 000,001,568 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\LowerPing.LNK
[2010/10/03 14:26:22 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\admin\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2010/10/03 13:30:30 | 000,000,262 | ---- | M] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/10/03 13:30:29 | 000,000,634 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2010/10/02 16:49:36 | 000,352,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/01 16:36:34 | 000,002,288 | ---- | M] () -- C:\Documents and Settings\admin\Desktop\Google Chrome.lnk
[2010/10/01 16:36:34 | 000,002,266 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/01 13:04:12 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/09/30 17:58:35 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.2.lnk
[2010/09/30 17:23:00 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/09/30 17:22:51 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/30 17:09:19 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/09/30 16:25:13 | 000,000,089 | ---- | M] () -- C:\WINDOWS\ALaunch.ini
[2010/09/30 16:24:58 | 000,000,050 | ---- | M] () -- C:\WINDOWS\commercial.ini
[2010/09/30 16:19:44 | 000,000,128 | ---- | M] () -- C:\Documents and Settings\admin\Local Settings\Application Data\fusioncache.dat
[2010/09/30 16:16:17 | 000,000,733 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/09/30 16:16:15 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/09/30 14:12:12 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/09/30 13:56:04 | 000,000,791 | ---- | M] () -- C:\WINDOWS\CLEANUP.CMD

========== Files Created - No Company Name ==========

[2010/10/24 03:15:36 | 097,485,034 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/10/24 03:11:05 | 1063,571,456 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/22 23:37:05 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/10/22 23:37:02 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/10/22 23:35:58 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/10/22 23:35:58 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/10/22 23:35:58 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/10/22 23:35:58 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/10/22 23:35:58 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/10/22 10:06:26 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/22 09:33:51 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/22 09:17:51 | 000,002,048 | ---- | C] () -- C:\Cleanup at Techspot.bkf
[2010/10/18 00:42:17 | 000,000,723 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2010/10/17 23:36:20 | 000,000,652 | ---- | C] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010/10/17 23:36:20 | 000,000,634 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\µTorrent.lnk
[2010/10/16 23:10:46 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/10/16 23:09:39 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/10/13 14:36:13 | 000,532,927 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\Owned.jpg
[2010/10/12 19:22:55 | 000,215,016 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010/10/12 19:06:01 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/10/12 19:06:00 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\admin\Application Data\PnkBstrK.sys
[2010/10/12 19:05:37 | 000,215,016 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010/10/12 19:05:32 | 002,427,248 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010/10/12 19:05:32 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010/10/12 18:41:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/10/12 18:40:51 | 000,001,624 | ---- | C] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/10/12 18:40:51 | 000,001,606 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/10/08 22:34:04 | 000,001,776 | ---- | C] () -- C:\WINDOWS\System32\LP.ini
[2010/10/07 20:37:24 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\PUTTY.RND
[2010/10/07 18:44:25 | 000,001,568 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\LowerPing.LNK
[2010/10/07 18:40:10 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\lp.dll
[2010/10/07 01:55:36 | 000,378,832 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/10/03 14:26:22 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\admin\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2010/10/03 14:24:56 | 000,000,312 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\Curse Client.appref-ms
[2010/10/03 13:30:29 | 000,000,634 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2010/10/03 13:30:24 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/10/01 16:36:34 | 000,002,288 | ---- | C] () -- C:\Documents and Settings\admin\Desktop\Google Chrome.lnk
[2010/10/01 16:36:34 | 000,002,266 | ---- | C] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/01 16:29:57 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2958225914-775782117-1526257697-1008UA.job
[2010/10/01 16:29:56 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2958225914-775782117-1526257697-1008Core.job
[2010/10/01 13:04:12 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/10/01 13:03:59 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/01 12:00:10 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk
[2010/09/30 17:58:35 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.2.lnk
[2010/09/30 17:50:56 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2010/09/30 16:55:54 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010/09/30 16:55:54 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010/09/30 16:55:54 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010/09/30 16:55:54 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010/09/30 16:55:54 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010/09/30 16:55:54 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010/09/30 16:55:54 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010/09/30 16:55:54 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010/09/30 16:55:54 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010/09/30 16:55:54 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010/09/30 16:55:54 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010/09/30 16:55:54 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2010/09/30 16:55:54 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2010/09/30 16:55:54 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010/09/30 16:55:54 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010/09/30 16:55:54 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010/09/30 16:55:54 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010/09/30 16:55:54 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010/09/30 16:55:54 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010/09/30 16:55:54 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010/09/30 16:55:54 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010/09/30 16:55:54 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010/09/30 16:55:54 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010/09/30 16:55:54 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010/09/30 16:55:54 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010/09/30 16:55:54 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010/09/30 16:55:54 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010/09/30 16:55:54 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010/09/30 16:55:54 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010/09/30 16:55:54 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010/09/30 16:55:53 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010/09/30 16:55:53 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010/09/30 16:55:53 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010/09/30 16:55:53 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010/09/30 16:55:53 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010/09/30 16:55:53 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010/09/30 16:55:53 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010/09/30 16:55:53 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010/09/30 16:55:53 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010/09/30 16:55:53 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010/09/30 16:55:53 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010/09/30 16:55:53 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010/09/30 16:55:52 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010/09/30 16:55:52 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010/09/30 16:55:52 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010/09/30 16:55:52 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010/09/30 16:55:52 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2010/09/30 16:55:52 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2010/09/30 16:55:52 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2010/09/30 16:55:52 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2010/09/30 16:55:52 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2010/09/30 16:55:52 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2010/09/30 16:55:52 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2010/09/30 16:55:52 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2010/09/30 16:55:52 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2010/09/30 16:55:52 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2010/09/30 16:55:52 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2010/09/30 16:55:52 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2010/09/30 16:55:52 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2010/09/30 16:55:52 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2010/09/30 16:55:52 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2010/09/30 16:55:52 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010/09/30 16:55:51 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010/09/30 16:55:51 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010/09/30 16:55:51 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010/09/30 16:55:51 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010/09/30 16:55:51 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010/09/30 16:55:49 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010/09/30 16:55:48 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010/09/30 16:55:48 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010/09/30 16:55:48 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010/09/30 16:55:48 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010/09/30 16:55:48 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010/09/30 16:55:48 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010/09/30 16:55:48 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010/09/30 16:55:48 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010/09/30 16:55:48 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010/09/30 16:55:48 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010/09/30 16:55:48 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010/09/30 16:55:26 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010/09/30 16:24:58 | 000,000,050 | ---- | C] () -- C:\WINDOWS\commercial.ini
[2010/09/30 16:19:59 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\setup.iss
[2010/09/30 16:19:44 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Application Data\fusioncache.dat
[2010/09/30 16:17:29 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/09/30 16:17:29 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2010/09/30 14:12:12 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/09/30 13:56:04 | 000,000,414 | ---- | C] () -- C:\WINDOWS\RESNDVD9TO5.REG
[2010/09/30 13:56:04 | 000,000,410 | ---- | C] () -- C:\WINDOWS\RESWVEDIT.REG
[2010/09/30 13:56:03 | 000,000,220 | ---- | C] () -- C:\WINDOWS\ERY-RUN.REG
[2007/09/29 18:51:58 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/09/29 18:32:18 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2007/09/29 18:31:36 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2007/09/29 18:31:36 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2007/09/29 18:31:36 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2007/09/29 17:57:42 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/07/31 10:43:44 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2007/06/24 15:25:36 | 001,411,584 | ---- | C] () -- C:\WINDOWS\System32\UIVCL.dll
[2007/06/24 15:24:02 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll
[2007/06/24 15:23:20 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\InstallCheck.dll
[2007/06/21 12:57:16 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4847.dll
[2007/01/04 15:10:22 | 000,003,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\WINIO.sys
[2006/10/03 11:03:14 | 000,018,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\NetLimiter.sys
[2006/08/27 21:30:04 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2005/10/25 23:25:28 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/05 22:08:38 | 000,000,089 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
[2004/08/03 22:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2010/09/30 17:51:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\AVG10
[2010/09/30 13:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\Avocent AdminWorks
[2010/09/30 18:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\OpenOffice.org
[2010/10/22 08:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Application Data\uTorrent
[2010/10/07 20:31:26 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\admin\Application Data\wyUpdate AU
[2010/09/30 17:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/09/30 13:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avocent AdminWorks
[2010/09/30 17:50:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/09/30 13:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2010/09/30 17:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/10/03 22:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wowhead
[2010/09/30 13:50:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2007/09/29 17:57:50 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/09/30 16:16:15 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/10/22 23:37:05 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010/10/22 09:17:51 | 000,002,048 | ---- | M] () -- C:\Cleanup at Techspot.bkf
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2010/10/22 23:41:00 | 000,020,111 | ---- | M] () -- C:\ComboFix.txt
[2007/09/29 17:57:50 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/10/24 03:11:05 | 1063,571,456 | -HS- | M] () -- C:\hiberfil.sys
[2007/09/29 17:57:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2007/09/29 17:57:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/03 22:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/09/30 17:09:19 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/10/24 03:11:03 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2007/04/25 01:45:56 | 000,000,631 | ---- | M] () -- C:\PDVD.iss
[2007/09/29 18:54:32 | 000,000,080 | RHS- | M] () -- C:\Preload.aaa
[2007/09/29 18:18:30 | 000,000,575 | ---- | M] () -- C:\RHDSetup.log
[2007/09/29 18:32:24 | 000,000,032 | ---- | M] () -- C:\setup.log

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2007/09/29 17:57:34 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 05:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/07/06 03:50:04 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2006/03/31 16:50:58 | 000,187,392 | ---- | M] () -- C:\WINDOWS\commercial.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2010/10/01 12:23:33 | 000,001,682 | -H-- | M] () -- C:\Documents and Settings\admin\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2007/09/29 10:50:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007/09/29 10:50:52 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007/09/29 10:50:52 | 000,897,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2010/09/30 17:13:46 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/09/30 17:22:58 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2007/09/29 18:17:08 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2004/08/03 22:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/09/30 17:22:58 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\admin\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2010/10/24 03:13:27 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\admin\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2008/04/13 17:12:38 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/13 17:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 01:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 01:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 07:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 10:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/13 17:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/04 01:06:36 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004/08/04 01:06:36 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004/08/04 01:06:36 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 01:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 01:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >
[1998/12/24 00:15:38 | 000,345,983 | ---- | M] () -- C:\WINDOWS\system\RCDSETUP.EXE

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >

Broni · Oct 23, 2010

Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.

=======================================================================

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4 - HKLM..\Run: [KernelFaultCheck] File not found


:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.

======================================================================

Update MBAM, run "Quick scan", post fresh log.

=======================================================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

2. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

Disable your antivirus program
Tick the box next to YES, I accept the Terms of Use
Click Start
IMPORTANT! UN-check Remove found threats
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push List of found threats
Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
NOTE. If Eset won't find any threats, it won't produce any log.

Broni · Oct 30, 2010

Are you still out there?

Inactive BSOD Page_Nonpaged Error. - Logs Attatched

Malessick

Posts: 23 +0

Broni

Posts: 56,041 +516

Malessick

Posts: 23 +0

Malessick

Posts: 23 +0

Broni

Posts: 56,041 +516

Malessick

Posts: 23 +0

Broni

Posts: 56,041 +516

Malessick

Posts: 23 +0

Malessick

Posts: 23 +0

Broni

Posts: 56,041 +516

Broni

Posts: 56,041 +516

Similar threads

Latest posts