Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

trojan "unassigned/ic killer

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

trojan "unassigned/ic killer

Unread postby peterh1 » October 13th, 2008, 5:26 am

:? please help i'm not sure what to make of this but on my hacker watch section of mCaffe security it is telling me that "has or is being used by unassigned/ic killer i'm in over my head with this so any help would be greatfully appriciated i've put my log report from hijack this soooooooo ????
You do not have the required permissions to view the files attached to this post.
peterh1
Active Member
 
Posts: 7
Joined: October 13th, 2008, 4:21 am
Advertisement
Register to Remove

Re: trojan "unassigned/ic killer

Unread postby Katana » October 20th, 2008, 6:12 pm

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.


Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
1. If you don't know, stop and ask! Don't keep going on.
2. Please reply to this thread. Do not start a new topic.
3. Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those three things, everything should go smoothly :D

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe


----------------------------------------------------------------------------------------

I apologize for the delay in responding, but as you can probably see the forums are quite busy.
Unfortunately there are far more people needing help than there are helpers.

If you still require help please do the following


Download and Run RSIT
  • Please download Random's System Information Tool by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open:
    • log.txt will be opened maximized.
    • info.txt will be opened minimized.
  • Please post the contents of both log.txt and info.txt.




As this is a teaching forum, please could you post any logs rather than attaching them. This makes it easier for the students.
Thank you for your cooperation.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: trojan "unassigned/ic killer

Unread postby peterh1 » October 20th, 2008, 6:57 pm

thankyou for yor help ive put the info and log with this post once again thankyou very very much!!! do i now delete the rsit off my computer ive sent 3months worth of data in my logs has i think the problems i have been have-in started a while back thankyou for your help katana and could you let me know what i should do with regards bank accounts and personal details???has i have only just decovered how to use my encrypting soft ware on my acer 5920.thanking you mr p harrison. P>S i'm not sure how to post these logs back can ya explain please "sorry" i'm not that clever on my laptop yet ha ha "there's wish-in alot. thank you for the help
You do not have the required permissions to view the files attached to this post.
Last edited by peterh1 on October 21st, 2008, 5:10 pm, edited 1 time in total.
peterh1
Active Member
 
Posts: 7
Joined: October 13th, 2008, 4:21 am

Re: trojan "unassigned/ic killer

Unread postby Katana » October 20th, 2008, 8:35 pm

I apologise for not being clear in my previous post..

As this is a teaching forum, please could you include any logs as text in your reply, rather than attaching them to your post.
This makes it easier for the students to research and understand what is happening.
Thank you for your cooperation.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: trojan "unassigned/ic killer

Unread postby peterh1 » October 22nd, 2008, 4:01 am

here is my post with log not sure which one sorry and thank's once again!!!Logfile of random's system information tool 1.04 (written by random/random)
Run by PETE at 2008-10-20 23:39:20
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 22 GB (41%) free of 52 GB
Total RAM: 3061 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:39:37, on 20/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\PETE\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PETE\Desktop\RSIT.exe
C:\Program Files\trend micro\PETE.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sky.com/portal/site/skycom/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided By Sky Broadband
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [kdx] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com (file missing)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: StumbleUpon - {75C9223A-409A-4795-A3CA-08DE6B075B4B} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxce_device - - C:\Windows\system32\lxcecoms.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Inc. - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11896 bytes

======Scheduled tasks folder======

C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
C:\Windows\tasks\User_Feed_Synchronization-{35B7A6FD-B630-4CEC-AA99-F2205BDE78D4}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{145B29F4-A56B-4b90-BBAC-45784EBEBBB7}]
StumbleUpon Launcher - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll [2008-07-29 1041744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mcapbho.dll [2007-11-26 324936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-11-09 58688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-17 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-01-03 155184]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{5093EB4C-3E93-40AB-9266-B607BA87BDC8} - StumbleUpon Toolbar - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll [2008-07-29 1041744]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2008-01-30 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-01-30 8501792]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-01-30 81920]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-23 4702208]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2008-01-23 102400]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-01-03 521776]
"eAudio"=C:\Acer\Empowering Technology\eAudio\eAudio.exe [2007-10-10 1286144]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-01-02 707080]
"Acer Product Registration"=C:\Program Files\Acer\Acer Registration\ACE1.exe [2007-11-26 3387392]
"Acer Assist Launcher"=C:\Program Files\Acer\Acer Assist\launcher.exe [2007-11-19 1261568]
"PLFSet"=C:\Windows\PLFSet.dll [2007-04-25 45056]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-11-01 582992]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"kdx"=C:\Program Files\Kontiki\KHost.exe [2007-04-23 1032640]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [2008-02-18 200704]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-04-11 56080]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"LXCECATS"=rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCEtime.dll []
"lxcemon.exe"=C:\Program Files\Lexmark 4300 Series\lxcemon.exe [2007-05-17 205744]
"EzPrint"=C:\Program Files\Lexmark 4300 Series\ezprint.exe [2007-05-17 103344]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"kdx"=C:\Program Files\Kontiki\KHost.exe [2007-04-23 1032640]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-28 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zzz_ImInstaller_Magentic]
[]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption"
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2008-10-20 23:39:20 ----D---- C:\rsit
2008-10-20 10:45:56 ----D---- C:\Program Files\StumbleUpon
2008-10-14 22:51:39 ----A---- C:\Windows\system32\EncDec.dll
2008-10-14 22:51:33 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-14 22:50:31 ----A---- C:\Windows\system32\mshtml.dll
2008-10-14 22:50:30 ----A---- C:\Windows\system32\urlmon.dll
2008-10-14 22:50:30 ----A---- C:\Windows\system32\ieframe.dll
2008-10-14 22:50:28 ----A---- C:\Windows\system32\wininet.dll
2008-10-14 22:50:28 ----A---- C:\Windows\system32\iertutil.dll
2008-10-14 22:50:27 ----A---- C:\Windows\system32\mstime.dll
2008-10-14 22:50:25 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-14 22:50:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-14 22:50:15 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-13 23:34:35 ----D---- C:\ProgramData\TEMP
2008-10-13 09:09:08 ----D---- C:\Program Files\Trend Micro
2008-10-09 23:42:17 ----D---- C:\ProgramData\Malwarebytes
2008-10-09 23:42:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-09 22:48:42 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2008-10-09 22:48:26 ----D---- C:\Users\PETE\AppData\Roaming\SUPERAntiSpyware.com
2008-10-09 22:48:26 ----D---- C:\Program Files\SUPERAntiSpyware
2008-10-06 11:09:28 ----A---- C:\Windows\system32\javaws.exe
2008-10-06 11:09:28 ----A---- C:\Windows\system32\javaw.exe
2008-10-06 11:09:27 ----A---- C:\Windows\system32\java.exe
2008-10-06 11:08:38 ----D---- C:\Program Files\Java
2008-10-06 11:08:16 ----D---- C:\Program Files\Common Files\Java
2008-10-02 23:17:26 ----D---- C:\Program Files\Mozilla Firefox
2008-10-01 22:21:32 ----D---- C:\Program Files\Lexmark 4300 Series
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxceutil.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxceusb1.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxceserv.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxceprox.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcepplc.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcepmui.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcelmpm.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcejswr.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxceinst.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxceinsr.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxceinsb.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxceins.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxceinpa.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxceih.exe
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxceiesc.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcehcp.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcehbn3.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcegf.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcecur.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcecub.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcecu.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcecoms.exe
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcecomm.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcecomc.dll
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcecfg.exe
2008-10-01 22:21:20 ----A---- C:\Windows\system32\lxcecfg.dll
2008-09-30 23:15:51 ----D---- C:\ProgramData\Kiwee Toolbar
2008-09-30 23:15:37 ----D---- C:\Users\PETE\AppData\Roaming\agi
2008-09-30 23:15:13 ----D---- C:\Program Files\AGI
2008-09-28 00:29:28 ----D---- C:\Users\PETE\AppData\Roaming\Google
2008-09-28 00:28:42 ----D---- C:\ProgramData\Google
2008-09-28 00:28:25 ----D---- C:\ProgramData\Google Updater
2008-09-28 00:28:23 ----D---- C:\Program Files\Google
2008-09-27 00:55:06 ----D---- C:\Program Files\Common Files\Scanner
2008-09-25 07:21:11 ----D---- C:\Users\PETE\AppData\Roaming\Mozilla
2008-09-23 23:18:14 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-09-23 23:04:19 ----D---- C:\Program Files\Common Files\Adobe
2008-09-23 23:04:18 ----D---- C:\Program Files\Adobe
2008-09-23 23:00:34 ----D---- C:\ProgramData\NOS
2008-09-23 23:00:33 ----D---- C:\Program Files\NOS
2008-09-23 15:27:31 ----SHD---- C:\$RECYCLE.BIN
2008-09-20 11:04:23 ----D---- C:\Users\PETE\AppData\Roaming\Logitech
2008-09-20 11:01:17 ----D---- C:\ProgramData\Logitech
2008-09-20 11:01:16 ----D---- C:\Program Files\Logitech
2008-09-20 11:01:13 ----D---- C:\Program Files\Common Files\Logitech
2008-09-17 13:01:34 ----R---- C:\Windows\bwUnin-8.1.1.50-8876480SL.exe
2008-09-16 20:50:07 ----A---- C:\Windows\system32\KemXML.dll
2008-09-16 20:50:07 ----A---- C:\Windows\system32\KemWnd.dll
2008-09-16 20:50:07 ----A---- C:\Windows\system32\KemUtil.dll
2008-09-16 20:50:07 ----A---- C:\Windows\system32\kemutb.dll
2008-09-16 20:48:09 ----D---- C:\ProgramData\LogiShrd
2008-09-13 07:06:43 ----D---- C:\ProgramData\DriverScanner
2008-09-12 09:42:39 ----D---- C:\Users\PETE\AppData\Roaming\McAfee
2008-09-10 03:36:15 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-09-10 03:36:13 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-09-10 03:36:09 ----A---- C:\Windows\system32\wmpeffects.dll
2008-09-10 03:36:04 ----A---- C:\Windows\system32\emdmgmt.dll
2008-09-10 03:36:03 ----A---- C:\Windows\system32\dataclen.dll
2008-09-10 03:36:02 ----A---- C:\Windows\system32\cdd.dll
2008-09-09 23:31:01 ----RH---- C:\Windows\system32\NTIBUN4.dll
2008-09-09 23:30:02 ----RA---- C:\Windows\system32\msls2.dll
2008-09-09 23:27:36 ----RA---- C:\Windows\system32\hlp95en.dll
2008-09-09 22:05:07 ----RAS---- C:\BOOTSECT.BAK
2008-09-07 11:19:02 ----D---- C:\Users\PETE\AppData\Roaming\NCH Software
2008-09-07 11:17:55 ----D---- C:\ProgramData\NCH Software
2008-09-07 08:11:26 ----D---- C:\Users\PETE\AppData\Roaming\NCH Swift Sound
2008-09-07 08:11:24 ----D---- C:\ProgramData\NCH Swift Sound
2008-09-05 07:04:52 ----D---- C:\Program Files\Windows Live Safety Center
2008-09-04 23:09:48 ----DC---- C:\Windows\system32\DRVSTORE
2008-09-04 23:09:23 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-09-04 23:09:02 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2008-09-04 23:07:25 ----D---- C:\Program Files\Windows Live Toolbar
2008-09-04 23:05:20 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-04 23:05:14 ----D---- C:\Program Files\Windows Live
2008-09-04 23:04:47 ----D---- C:\ProgramData\WLInstaller
2008-09-02 20:14:52 ----D---- C:\ProgramData\Ezprint
2008-09-02 20:14:38 ----D---- C:\Program Files\Lx_cats
2008-09-02 20:04:57 ----D---- C:\drivers
2008-09-01 22:45:19 ----D---- C:\Program Files\ErrorSmart
2008-08-28 22:37:00 ----A---- C:\Windows\system32\wups2.dll
2008-08-28 22:37:00 ----A---- C:\Windows\system32\wucltux.dll
2008-08-28 22:37:00 ----A---- C:\Windows\system32\wuaueng.dll
2008-08-28 22:37:00 ----A---- C:\Windows\system32\wuauclt.exe
2008-08-28 22:36:36 ----A---- C:\Windows\system32\wups.dll
2008-08-28 22:36:36 ----A---- C:\Windows\system32\wudriver.dll
2008-08-28 22:36:36 ----A---- C:\Windows\system32\wuapi.dll
2008-08-28 22:36:25 ----A---- C:\Windows\system32\wuwebv.dll
2008-08-28 22:36:25 ----A---- C:\Windows\system32\wuapp.exe
2008-08-27 23:15:31 ----D---- C:\Users\PETE\AppData\Roaming\Template
2008-08-23 22:50:49 ----N---- C:\junction.exe
2008-08-23 21:55:41 ----D---- C:\ProgramData\Xerox
2008-08-22 23:09:52 ----D---- C:\Users\PETE\AppData\Roaming\SoundSpectrum
2008-08-22 23:08:31 ----D---- C:\Program Files\SoundSpectrum
2008-08-22 20:25:39 ----D---- C:\ProgramData\Kontiki
2008-08-22 20:25:22 ----D---- C:\ProgramData\Sky
2008-08-22 20:25:22 ----D---- C:\Program Files\Sky
2008-08-22 20:25:22 ----D---- C:\Program Files\Kontiki
2008-08-21 23:49:48 ----SHD---- C:\Users\PETE\AppData\Roaming\.#
2008-08-21 11:02:41 ----D---- C:\Users\PETE\AppData\Roaming\Morpheus Software
2008-08-20 20:41:22 ----D---- C:\Program Files\Microsoft Silverlight
2008-08-20 02:50:52 ----D---- C:\Users\PETE\AppData\Roaming\CyberLink
2008-08-20 01:35:48 ----A---- C:\Windows\system32\dunzip32.dll
2008-08-19 23:12:45 ----A---- C:\Windows\AFirst.cmd
2008-08-19 23:12:43 ----A---- C:\Windows\eRy.exe
2008-08-19 23:12:37 ----A---- C:\Windows\SetPanel.ini
2008-08-19 23:12:28 ----A---- C:\Windows\SetSpkDefault.exe
2008-08-19 23:12:26 ----A---- C:\Windows\system32\NETw4r32.dll
2008-08-19 23:12:25 ----A---- C:\Windows\devcon.exe
2008-08-19 23:12:25 ----A---- C:\Windows\CLEANUP.INI
2008-08-19 23:12:25 ----A---- C:\Windows\CLEANUP.CMD
2008-08-19 16:38:34 ----D---- C:\Program Files\McAfee.com
2008-08-19 16:38:32 ----D---- C:\Program Files\Common Files\McAfee
2008-08-19 16:38:25 ----D---- C:\Program Files\McAfee
2008-08-19 16:37:35 ----D---- C:\ProgramData\McAfee
2008-08-19 16:25:22 ----D---- C:\Program Files\Citrix
2008-08-19 15:22:50 ----D---- C:\Users\PETE\AppData\Roaming\Adobe
2008-08-19 15:13:45 ----D---- C:\Program Files\Sky Broadband
2008-08-19 15:06:19 ----D---- C:\Users\PETE\AppData\Roaming\Leadertech
2008-08-19 15:06:19 ----D---- C:\Users\PETE\AppData\Roaming\Acer
2008-08-19 15:05:20 ----D---- C:\Users\PETE\AppData\Roaming\InstallShield
2008-08-19 14:19:12 ----D---- C:\Windows\SoftwareDistribution
2008-08-19 14:18:58 ----D---- C:\Windows\system32\Lang
2008-08-19 14:18:57 ----D---- C:\Windows\system32\x64
2008-08-19 14:18:57 ----A---- C:\Windows\system32\igxpun.exe
2008-08-19 14:18:52 ----A---- C:\Windows\system32\difxapi.dll
2008-08-19 12:58:55 ----A---- C:\Windows\system32\Remove_eRecovery.exe
2008-08-19 12:58:55 ----A---- C:\Windows\system32\LauncheRyAgentUser.exe
2008-08-19 12:58:55 ----A---- C:\Windows\system32\ClearEvent.exe
2008-08-19 12:58:55 ----A---- C:\Windows\system32\CheckD2DSystem.exe
2008-08-19 12:58:55 ----A---- C:\Windows\system32\Acer EULA.txt
2008-08-19 12:58:12 ----D---- C:\Program Files\SUYIN
2008-08-19 12:58:12 ----D---- C:\Program Files\ACER CrystalEye webcam
2008-08-19 12:58:04 ----A---- C:\Windows\system32\tzres.dll
2008-08-19 12:57:05 ----A---- C:\Windows\system32\msshooks.dll
2008-08-19 12:57:05 ----A---- C:\Windows\system32\msscb.dll
2008-08-19 12:57:04 ----D---- C:\Windows\SUYIN NB Cam
2008-08-19 12:57:03 ----D---- C:\Program Files\Common Files\snp2uvc
2008-08-19 12:57:03 ----A---- C:\Windows\system32\vsnp2uvc.dll
2008-08-19 12:57:03 ----A---- C:\Windows\system32\thawbrkr.dll
2008-08-19 12:57:03 ----A---- C:\Windows\system32\srchadmin.dll
2008-08-19 12:57:03 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-08-19 12:57:03 ----A---- C:\Windows\system32\rsnp2uvc.dll
2008-08-19 12:57:03 ----A---- C:\Windows\system32\propsys.dll
2008-08-19 12:57:03 ----A---- C:\Windows\system32\propdefs.dll
2008-08-19 12:57:03 ----A---- C:\Windows\system32\msstrc.dll
2008-08-19 12:57:03 ----A---- C:\Windows\system32\mssprxy.dll
2008-08-19 12:57:03 ----A---- C:\Windows\system32\mssitlb.dll
2008-08-19 12:57:03 ----A---- C:\Windows\system32\msshsq.dll
2008-08-19 12:57:03 ----A---- C:\Windows\system32\korwbrkr.dll
2008-08-19 12:57:03 ----A---- C:\Windows\system32\csnp2uvc.dll
2008-08-19 12:57:02 ----A---- C:\Windows\system32\xmlfilter.dll
2008-08-19 12:57:02 ----A---- C:\Windows\system32\wsepno.dll
2008-08-19 12:57:02 ----A---- C:\Windows\system32\rtffilt.dll
2008-08-19 12:57:02 ----A---- C:\Windows\system32\offfilt.dll
2008-08-19 12:57:02 ----A---- C:\Windows\system32\nlhtml.dll
2008-08-19 12:57:02 ----A---- C:\Windows\system32\mimefilt.dll
2008-08-19 12:57:01 ----A---- C:\Windows\system32\tquery.dll
2008-08-19 12:57:01 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-08-19 12:57:01 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-08-19 12:57:01 ----A---- C:\Windows\system32\mssvp.dll
2008-08-19 12:57:01 ----A---- C:\Windows\system32\mssrch.dll
2008-08-19 12:57:01 ----A---- C:\Windows\system32\mssphtb.dll
2008-08-19 12:57:01 ----A---- C:\Windows\system32\mssph.dll
2008-08-19 12:57:01 ----A---- C:\Windows\system32\msscntrs.dll
2008-08-19 12:57:01 ----A---- C:\Windows\system32\chtbrkr.dll
2008-08-19 12:57:01 ----A---- C:\Windows\system32\chsbrkr.dll
2008-08-19 12:55:47 ----D---- C:\Program Files\Acer
2008-08-19 12:54:23 ----D---- C:\CLSetup
2008-08-19 12:54:23 ----A---- C:\Medion.ini
2008-08-19 12:50:36 ----D---- C:\Program Files\MSXML 4.0
2008-08-19 12:47:06 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-08-19 12:47:02 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-08-19 12:46:49 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-08-19 12:46:38 ----A---- C:\Partition.txt
2008-08-19 12:45:10 ----A---- C:\Windows\system32\shell32.dll
2008-08-19 12:45:05 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-08-19 12:45:02 ----A---- C:\Windows\system32\rpcrt4.dll
2008-08-19 12:45:01 ----A---- C:\Windows\system32\pacerprf.dll
2008-08-19 12:45:00 ----A---- C:\Windows\system32\es.dll
2008-08-19 12:44:44 ----A---- C:\Windows\system32\gdiplus.dll
2008-08-19 12:44:14 ----A---- C:\Windows\system32\fsquirt.exe
2008-08-19 12:43:06 ----A---- C:\Windows\system32\gameux.dll
2008-08-19 12:42:52 ----A---- C:\Windows\system32\kd1394.dll
2008-08-19 12:42:51 ----A---- C:\Windows\system32\winresume.exe
2008-08-19 12:42:51 ----A---- C:\Windows\system32\winload.exe
2008-08-19 12:42:51 ----A---- C:\Windows\system32\ci.dll
2008-08-19 12:42:50 ----A---- C:\Windows\system32\srcore.dll
2008-08-19 12:42:50 ----A---- C:\Windows\system32\srclient.dll
2008-08-19 12:42:50 ----A---- C:\Windows\system32\setbcdlocale.dll
2008-08-19 12:42:49 ----A---- C:\Windows\system32\srdelayed.exe
2008-08-19 12:42:49 ----A---- C:\Windows\system32\rstrui.exe
2008-08-19 12:42:49 ----A---- C:\Windows\system32\kbd106n.dll
2008-08-19 12:42:42 ----D---- C:\Program Files\Launch Manager
2008-08-19 12:42:39 ----A---- C:\Windows\system32\gdi32.dll
2008-08-19 12:42:37 ----A---- C:\Windows\system32\inetcomm.dll
2008-08-19 12:42:35 ----A---- C:\Windows\system32\quartz.dll
2008-08-19 12:42:34 ----A---- C:\Windows\system32\vbscript.dll
2008-08-19 12:42:33 ----A---- C:\Windows\system32\wshext.dll
2008-08-19 12:42:33 ----A---- C:\Windows\system32\wscript.exe
2008-08-19 12:42:33 ----A---- C:\Windows\system32\scrrun.dll
2008-08-19 12:42:33 ----A---- C:\Windows\system32\scrobj.dll
2008-08-19 12:42:33 ----A---- C:\Windows\system32\jscript.dll
2008-08-19 12:42:33 ----A---- C:\Windows\system32\cscript.exe
2008-08-19 12:41:44 ----D---- C:\Users\PETE\AppData\Roaming\Symantec
2008-08-19 12:39:32 ----A---- C:\Windows\system32\acer.exe
2008-08-19 12:39:31 ----D---- C:\Users\PETE\AppData\Roaming\Macromedia
2008-08-19 12:39:19 ----D---- C:\Program Files\Acer Inc
2008-08-19 12:39:08 ----D---- C:\Windows\ACER
2008-08-19 12:38:12 ----SD---- C:\Users\PETE\AppData\Roaming\Microsoft
2008-08-19 12:38:12 ----D---- C:\Users\PETE\AppData\Roaming\Media Center Programs
2008-08-19 12:38:12 ----D---- C:\Users\PETE\AppData\Roaming\Acer GameZone Console

======List of files/folders modified in the last 3 months======

2008-10-20 23:39:37 ----D---- C:\Windows\Prefetch
2008-10-20 23:39:32 ----D---- C:\Windows\Temp
2008-10-20 23:31:24 ----SHD---- C:\Windows\Installer
2008-10-20 23:31:01 ----SHD---- C:\System Volume Information
2008-10-20 23:04:37 ----D---- C:\Windows\System32
2008-10-20 23:04:37 ----D---- C:\Windows\inf
2008-10-20 23:04:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-10-20 18:00:29 ----SD---- C:\Windows\Downloaded Program Files
2008-10-20 10:45:56 ----RD---- C:\Program Files
2008-10-20 07:21:41 ----D---- C:\Windows
2008-10-20 07:12:18 ----D---- C:\Windows\system32\catroot
2008-10-19 21:16:47 ----D---- C:\Windows\system32\drivers
2008-10-15 08:15:46 ----D---- C:\Program Files\Acer GameZone
2008-10-15 08:05:04 ----D---- C:\Program Files\Common Files
2008-10-15 00:08:26 ----D---- C:\Windows\Microsoft.NET
2008-10-15 00:08:04 ----RSD---- C:\Windows\assembly
2008-10-14 23:13:13 ----D---- C:\Windows\winsxs
2008-10-14 23:00:10 ----D---- C:\Windows\ehome
2008-10-14 23:00:10 ----D---- C:\Program Files\Windows Mail
2008-10-14 23:00:07 ----D---- C:\Windows\system32\migration
2008-10-14 22:57:35 ----D---- C:\Windows\system32\catroot2
2008-10-14 22:54:03 ----D---- C:\ProgramData\Microsoft Help
2008-10-14 22:41:38 ----D---- C:\Windows\system32\Msdtc
2008-10-14 22:41:32 ----D---- C:\Windows\system32\wbem
2008-10-14 22:40:52 ----D---- C:\Windows\system32\config
2008-10-14 22:40:29 ----D---- C:\Windows\Tasks
2008-10-14 22:40:29 ----D---- C:\Windows\system32\spool
2008-10-14 22:40:29 ----D---- C:\Windows\system32\CodeIntegrity
2008-10-14 22:40:15 ----D---- C:\Windows\registration
2008-10-13 23:34:35 ----HD---- C:\ProgramData
2008-10-13 20:17:10 ----D---- C:\Windows\system32\Tasks
2008-10-07 12:19:40 ----A---- C:\Windows\system32\mrt.exe
2008-10-06 07:16:14 ----D---- C:\PerfLogs
2008-10-01 22:52:22 ----D---- C:\Program Files\Yahoo!
2008-10-01 21:30:12 ----D---- C:\Windows\system32\Macromed
2008-09-23 23:12:45 ----D---- C:\ProgramData\Adobe
2008-09-20 11:01:14 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-10 04:21:09 ----D---- C:\Windows\AppPatch
2008-09-10 04:16:48 ----D---- C:\Program Files\Microsoft Works
2008-09-10 00:33:09 ----D---- C:\Windows\Logs
2008-09-04 23:07:15 ----D---- C:\Program Files\Common Files\microsoft shared
2008-09-03 07:01:53 ----D---- C:\Windows\system32\WDI
2008-09-02 20:13:15 ----D---- C:\Windows\twain_32
2008-09-01 23:13:23 ----D---- C:\Windows\rescache
2008-08-29 09:26:03 ----D---- C:\Windows\system32\en-US
2008-08-26 14:57:17 ----D---- C:\ProgramData\CyberLink
2008-08-23 22:50:52 ----D---- C:\Program Files\Acer Arcade Deluxe
2008-08-22 19:53:11 ----SD---- C:\ProgramData\Microsoft
2008-08-20 06:31:32 ----D---- C:\Windows\system32\NDF
2008-08-20 01:51:02 ----D---- C:\Windows\Debug
2008-08-19 23:12:25 ----D---- C:\DRV
2008-08-19 16:31:22 ----SD---- C:\Windows\system32\Microsoft
2008-08-19 15:31:15 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-08-19 15:29:11 ----D---- C:\ProgramData\Symantec
2008-08-19 15:07:12 ----A---- C:\Windows\Alaunch.ini
2008-08-19 15:07:05 ----D---- C:\Windows\system32\OEM
2008-08-19 15:07:05 ----D---- C:\Acer
2008-08-19 14:23:13 ----D---- C:\Windows\Panther
2008-08-19 13:01:22 ----D---- C:\Windows\PolicyDefinitions
2008-08-19 13:01:18 ----D---- C:\Windows\system32\Boot
2008-08-19 12:40:24 ----D---- C:\Intel
2008-08-19 12:38:49 ----D---- C:\Windows\system32\restore
2008-08-19 12:38:01 ----RD---- C:\Users
2008-08-19 12:37:07 ----D---- C:\Windows\system32\LogFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-02-18 61424]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-01-23 12672]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-01-03 16432]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-01-03 59952]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2008-01-23 8704]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-20 19456]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-20 92160]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-28 29184]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-20 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-01-23 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-01-23 208384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-23 1950552]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2007-11-22 33832]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2007-12-02 40488]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-30 2252800]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-02-05 6144]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-20 49664]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-20 88576]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-06-12 1729152]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-20 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-23 192816]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-01-23 660480]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2008-01-23 43008]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-20 11264]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-23 179712]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-28 220160]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-20 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-20 2225664]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-01-30 7629504]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-20 35328]
S3 WSVD;WSVD; \??\C:\Windows\system32\drivers\WSVD.sys [2006-09-19 80744]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-20 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-01-23 277784]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-20 21504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-01-03 506416]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-10-01 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-12-20 131072]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-17 168432]
R2 KService;KService; C:\Program Files\Kontiki\KService.exe [2007-04-23 3068352]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 lxce_device;lxce_device; C:\Windows\system32\lxcecoms.exe [2007-03-08 537520]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\program files\common files\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-11-27 110592]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 MSK80Service;McAfee SpamKiller Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2007-11-26 23880]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-12-03 266343]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2007-09-28 233472]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-09-20 167936]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2008-01-23 386560]
R3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------
here is my info log sorry if its the wrong way round how i have put them together!!! info.txt logfile of random's system information tool 1.04 2008-10-20 23:39:40

======Uninstall list======

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31403E22-2FDB-452F-AE9E-20854633226D}\SetXX.exe" -uninst
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Acer Arcade Deluxe-->C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\Setup.exe -uninstall
Acer Assist-->C:\Program Files\Acer\Acer Assist\uninstall.exe
Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0009 -removeonly -u
Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{AA047D7C-5E7C-4878-B75C-77589151B563}\setup.exe -runfromtemp -l0x0009 -removeonly
Acer eAudio Management-->"C:\Program Files\InstallShield Installation Information\{57265292-228A-41FA-9AEC-4620CBCC2739}\Setup.exe" -uninstall
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL
Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x9 -removeonly
Acer Empowering Technology-->"C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -runfromtemp -l0x0009 -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x9 -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x9 -removeonly
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x9 -removeonly
Acer eSettings Management-->"C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -runfromtemp -l0x0009 -removeonly
Acer GameZone Console 2.0.1.1-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"
Acer GridVista-->C:\Windows\GVUni.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x9 -removeonly
Acer Registration-->C:\Program Files\Acer\Acer Registration\uninstall.exe
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer VCM-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -l0x9 -removeonly
Acrobat.com-->msiexec /qb /x {77DCDCE3-2DED-62F3-8154-05E745472D07}
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}
CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
G-Force-->C:\Program Files\SoundSpectrum\G-Force\Uninstall.exe
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -IAcrZUn32z.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
Launch Manager-->C:\Windows\UnInst32.exe QtZgAcer.UNI
Lexmark 4300 Series-->C:\Program Files\Lexmark 4300 Series\Install\x86\Uninst.exe
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x9 UNINSTALL
Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x0009 -removeonly
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{1598034D-7147-432C-8CA8-888E0632D124}\setup.exe" -removeonly
NTI Backup NOW! 4.7-->C:\Program Files\InstallShield Installation Information\{1598034D-7147-432C-8CA8-888E0632D124}\setup.exe -runfromtemp -l0x0409
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1033 CDM7
Orion-->MsiExec.exe /X{0BF78E88-A7C9-4406-89CF-0BA473BA7821}
PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\Setup.exe" -l0x9 anything
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Sky Anytime-->MsiExec.exe /X{DD30C2FD-F485-46A8-8153-88EC2650BC79}
Sky Broadband-->MsiExec.exe /I{14C35072-D7D0-4B29-B5BF-C94E426D77E9}
StumbleUpon IE Toolbar-->C:\Program Files\StumbleUpon\uninstall.exe
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
WhiteCap-->C:\Program Files\SoundSpectrum\WhiteCap\Uninstall.exe
Winbond CIR Drivers-->MsiExec.exe /X{427967BF-09F8-46D5-9275-37001CCBBA5D}
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Mail-->MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Photo Gallery-->MsiExec.exe /X{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live Writer-->MsiExec.exe /X{9176251A-4CC1-4DDB-B343-B487195EB397}

======Security center information======

AS: Windows Defender

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Acer\Empowering Technology\eDataSecurity\;C:\Acer\Empowering Technology\eDataSecurity\x86;C:\Acer\Empowering Technology\eDataSecurity\x64
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE

-----------------EOF-----------------
im sure this is right please let me know if i have done anything wrong has first time i have ever cut'copy'paste...
peterh1
Active Member
 
Posts: 7
Joined: October 13th, 2008, 4:21 am

Re: trojan "unassigned/ic killer

Unread postby Katana » October 22nd, 2008, 9:36 am

peterh1 wrote:here is my post with log not sure which one sorry and thank's once again!!!

That's fine thanks :)

A couple of questions before we continue ...

I noticed your thread at PC Advisor, hXXp://www.pcadvisor.co.uk/forums/index.cfm?action=showthread&threadid=338779&forumid=20
You are recommended to run MalwareBytes AntiMalware, did you use this at all ?
You mention "as of yet is has not reared up on me so must hav been and gone", does this mean that you are not having any problems at the moment ?
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: trojan "unassigned/ic killer

Unread postby peterh1 » October 22nd, 2008, 4:59 pm

yes i ran the malware bytes last week and it picked up 8 adware cookies so i choose to remove them.also i have been haveing problems on chat windows on facebook,msn messenger,my acer empowering tecnology is not responding when i start my computer and then kicks in after a while. also my c drive kicks in for no reason when im checking e-mail and stuff...It sounds like a boeing 747 at times when im not even doing anything...the hackerwatch port info still gives the same response unassighned/ic-killer-trojan.So am i right in saying it is still there or has been and gone,I did everything that pc advisor told me to do right to the letter katana.I was then told to post my highjack this logs here and the rest is history cos here we are. thanks again and have i done the right thing or not..?
peterh1
Active Member
 
Posts: 7
Joined: October 13th, 2008, 4:21 am

Re: trojan "unassigned/ic killer

Unread postby Katana » October 22nd, 2008, 5:56 pm

peterh1 wrote:1) yes i ran the malware bytes last week
2) hackerwatch port info still gives the same response unassighned/ic-killer-trojan.
3) thanks again and have i done the right thing or not..?


1) That's fine, it's just that I can't see it installed now.
2) Is that old information, or is it still happening ? , ie have you cleared the logs ?
3) You are doing fine :thumbup:


Download and Run ComboFix (by sUBs)
Please visit this webpage for instructions for downloading and running ComboFix:

Bleeping Computer ComboFix Tutorial

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: trojan "unassigned/ic killer

Unread postby peterh1 » October 23rd, 2008, 3:26 am

I'm not sure how to run the combo fix and stuff so gonna contact the techguys in a while and get help installing it and running it. i uninstalled malwarebytes out of my programmes and last night i did another scan full scan C,D,E drive and it came up with nothing so i uninstalled it again.I will get the highjack this logs done and posted when i have run the combo fix and posted the logs.I know ive done wrong and should'nt have run the malwarebytes scanner again but i just wanted to be sure it was'nt showing what my hacker watch report's were telling me.SORRY........... i will get the rest done and get back to you with the logs,I'm a bit weary run-in the combo fix on my own has it say's it could harm my computer basically if i dont know what im doin an i dont so will get some help off techguys 100 pound a year aint goin to waste then ha ha thanks for your help mr p harrison
peterh1
Active Member
 
Posts: 7
Joined: October 13th, 2008, 4:21 am

Re: trojan "unassigned/ic killer

Unread postby peterh1 » October 23rd, 2008, 5:15 pm

sorry for waste-in ya time!!!one of the techguys has had a good look into my system and say's the port information on my mcaffe hackerwatch is not saying i have the trojan but that's were they can get into my computer in genaral so sorry and thank very very much for your help were do i make a donation cos i think you guys do a great job helpining people and once again sorry my mistake???
peterh1
Active Member
 
Posts: 7
Joined: October 13th, 2008, 4:21 am

Re: trojan "unassigned/ic killer

Unread postby Katana » October 23rd, 2008, 6:02 pm

Checking to make sure you are clean when there is unexplained behaviour is never a waste of time :)
Thanks for letting us know :thumbup:

Donations are always appreciated, thank you very much
http://malwareremoval.com/donations.php



Congratulations your logs look clean :)

Let's see if I can help you keep it that way

First lets tidy up


Please delete the following
    RSIT.exe
    C:\RSIT (folder)

Delete any logs we have produced and empty your Recycle bin


----------------------------------------------------------- ----------------------------------------------------------- -----------------------------------------------------------


The following is some info to help you stay safe and clean.
( Vista users must ensure that any programs are Vista compatible BEFORE installing )

You may already have some of the following programs, but I include the full list for the benefit of all the other people who will be reading this thread in the future.

Online Scanners
I would recommend a scan at one or more of the following sites at least once a month.

http://www.pandasecurity.com/activescan
http://www.kaspersky.com/kos/eng/partne ... bscan.html

!!! Make sure that all your programs are updated !!!
Secunia Software Inspector does all the work for you, .... see HERE for details

AntiSpyware
    AntiSpyware is not the same thing as Antivirus.
    Different AntiSpyware programs detect different things, so in this case it is recommended that you have more than one.
    You should only have one running all the time, the other/s should be used "on demand" on a regular basis.
    Most of the programs in this list have a free (for Home Users ) and paid versions,
    it is worth paying for one and having "realtime" protection, unless you intend to do a manual scan often.
  • Spybot - Search & Destroy <<< A must have program
    • It includes host protection and registry protection
    • A hosts file is a bit like a phone book, it points to the actual numeric address (i.e. the IP address) from the human friendly name of a website. This feature can be used to block malicious websites
  • MalwareBytes Anti-malware <<< A New and effective program
  • a-squared Free <<< A good "realtime" or "on demand" scanner
  • superantispyware <<< A good "realtime" or "on demand" scanner

Prevention
    These programs don't detect malware, they help stop it getting on your machine in the first place.
    Each does a different job, so you can have more than one
  • Winpatrol
    • An excellent startup manager and then some !!
    • Notifies you if programs are added to startup
    • Allows delayed startup
    • A must have addition
  • SpywareBlaster 4.0
    • SpywareBlaster sets killbits in the registry to prevent known malicious activex controls from installing themselves on your computer.
  • SpywareGuard 2.2
    • SpywareGuard provides real-time protection against spyware.
    • Not required if you have other "realtime" antispyware or Winpatrol
  • ZonedOut
    • Formerly known as IE-SPYAD, adds a long list of sites and domains associated with known advertisers and marketers to the Restricted sites zone of Internet Explorer.
  • MVPS HOSTS
    • This little program packs a powerful punch as it blocks ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
    • For information on how to download and install, please read this tutorial by WinHelp2002.
    • Not required if you are using other host file protections

Internet Browsers
    Microsoft has worked hard to make IE.7 a more secure browser, unfortunately whilst it is still the leading browser of choice it will always be under attack from the bad guys.
    Using a different web browser can help stop malware getting on your machine.
    • Make your Internet Explorer more secure - This can be done by following these simple instructions:
      1. From within Internet Explorer click on the Tools menu and then click on Options.
      2. Click once on the Security tab
      3. Click once on the Internet icon so it becomes highlighted.
      4. Click once on the Custom Level button.
        • Change the Download signed ActiveX controls to Prompt
        • Change the Download unsigned ActiveX controls to Disable
        • Change the Initialise and script ActiveX controls not marked as safe to Disable
        • Change the Installation of desktop items to Prompt
        • Change the Launching programs and files in an IFRAME to Prompt
        • Change the Navigate sub-frames across different domains to Prompt
        • When all these settings have been made, click on the OK button.
        • If it prompts you as to whether or not you want to save the settings, press the Yes button.
      5. Next press the Apply button and then the OK to exit the Internet Properties page.
    If you are still using IE6 then either update, or get one of the following.
    • FireFox
      • With many addons available that make customization easy this is a very popular choice
      • NoScript and AdBlockPlus addons are essential
    • Opera
      • Another popular alternative
    • Netscape
      • Another popular alternative
      • Also has Addons available

Cleaning Temporary Internet Files and Tracking Cookies
    Temporary Internet Files are mainly the files that are downloaded when you open a web page.
    Unfortunately, if the site you visit is of a dubious nature or has been hacked, they can also be an entry point for malware.
    It is a good idea to empty the Temporary Internet Files folder on a regular basis.

    Tracking Cookies are files that websites use to monitor which sites you visit and how often.
    A lot of Antispyware scanners pick up these tracking cookies and flag them as unwanted.
    CAUTION :- If you delete all your cookies you will lose any autologin information for sites that you visit, and will need your passwords

    Both of these can be cleaned manually, but a quicker option is to use a program
  • ATF Cleaner
    • Free and very simple to use
  • CCleaner
    • Free and very flexible, you can chose which cookies to keep

Also PLEASE read this article.....So How Did I Get Infected In The First Place

The last and most important thing I can tell you is UPDATE.
If you don't update your security programs (Antivirus, Antispyware even Windows) then you are at risk.
Malware changes on a day to day basis. You should update every week at the very least.

If you follow this advice then (with a bit of luck) you will never have to hear from me again :D


If you could post back one more time to let me know everything is OK, then I can have this thread archived.

Happy surfing K'
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: trojan "unassigned/ic killer

Unread postby peterh1 » October 24th, 2008, 5:43 pm

Katana thank you very much my friend for you great wealth knowledge and support.I'm currently in the process of sorting my i e explorer out and setting it up to how you advised me.Also thank you for the advice on spyware and add-ware blockers and temp file cleaners. I'm truely greatfull for your help and advice you guy's are one in a million THANK YOU VERY MUCH.........Mr P Harrison.
peterh1
Active Member
 
Posts: 7
Joined: October 13th, 2008, 4:21 am

Re: trojan "unassigned/ic killer

Unread postby Gary R » October 25th, 2008, 6:10 pm

This topic is now closed.

If you are the originator of this topic, and you need it re-opened please send an email to 'admin at malwareremoval.com', including a link to this topic.

If you have been helped and wish to donate to help with the costs of this volunteer site, please read Donations For Malware Removal

Please do not contact us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.

Gary R
User avatar
Gary R
Administrator
Administrator
 
Posts: 21868
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 41 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware