Advertisement
Advertisement
 Search | |
| |
28-Jul-2012, 01:28 PM
#1 | ||||||
| Funmoods + Babylon Probs (Chrome+) Hi  I have the Funmoods & Babylon probs - I tried the conventional uninstall programs + browser settings etiquette, but I'm still having issues with Google Chrome (my main browser). Using a 64-bit OS. Thanks for your help! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:22:24 AM, on 7/28/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Users\JL\Desktop\HijackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=adk...B&cr=425798436 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O20 - AppInit_DLLs: C:\Windows\SysWOW64\appinit_dll.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.28\AsusFanControlService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10099 bytes . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by JL at 10:22:44 on 2012-07-28 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8145.6340 [GMT -7:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.28\AsusFanControlService.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Windows\system32\IProsetMonitor.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil64_11_3_300_268_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskeng.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\JL\Desktop\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank mStart Page = hxxp://start.funmoods.com/?f=1&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtD0AtCzy0DtC0Dzyzy0E tDtN0D0Tzu0CtBtDzytN1L2XzutBtFtCtFtCtFtAtCtB&cr=425798436 mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{FC7ED8C4-89D8-408E-B760-D05729A4236D} : DhcpNameServer = 192.168.1.1 AppInit_DLLs: C:\Windows\SysWOW64\appinit_dll.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll BHO-X64: WeCareReminder - No File mRun-x64: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 mRun-x64: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray AppInit_DLLs-X64: C:\Windows\SysWOW64\appinit_dll.dll . ============= SERVICES / DRIVERS =============== . R0 asahci64;asahci64;C:\Windows\system32\DRIVERS\asahci64.sys --> C:\Windows\system32\DRIVERS\asahci64.sys [?] R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\system32\DRIVERS\iusb3hcs.sys --> C:\Windows\system32\DRIVERS\iusb3hcs.sys [?] R1 ndisrd;WinpkFilter LightWeight Filter;C:\Windows\system32\DRIVERS\ndisrd.sys --> C:\Windows\system32\DRIVERS\ndisrd.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-3 63928] R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2011-10-28 918448] R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-2-2 951936] R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2012-5-6 586880] R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.28\AsusFanControlService.exe [2012-5-6 1492912] R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-6 13592] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936] R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-5-6 161560] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-15 655944] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272] R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-5-6 363800] R3 ASEUSBCC;ASEUSBCC;C:\Windows\system32\drivers\AseUSBCC.sys --> C:\Windows\system32\drivers\AseUSBCC.sys [?] R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?] R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?] R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?] R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-5-6 160768] R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\system32\DRIVERS\ICCWDT.sys --> C:\Windows\system32\DRIVERS\ICCWDT.sys [?] R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\iusb3hub.sys --> C:\Windows\system32\DRIVERS\iusb3hub.sys [?] R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\system32\DRIVERS\iusb3xhc.sys --> C:\Windows\system32\DRIVERS\iusb3xhc.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2012-4-19 10568] R3 VirtuWDDM;VirtuWDDM;C:\Windows\system32\DRIVERS\VirtuWDDM.sys --> C:\Windows\system32\DRIVERS\VirtuWDDM.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-5-6 1262400] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-9 250056] S3 cphs;Intel(R) Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-5-6 274200] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-5-10 1432400] S3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-07-28 16:58:32 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{769F5E7F-A21C-42C9-B7D1-EE3352F78B07}\offreg.dll 2012-07-28 05:16:36 -------- d-----w- C:\Program Files (x86)\VideoLAN 2012-07-28 05:15:36 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microso ft.MediaCenter.Sports.UI.dll 2012-07-28 05:15:22 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup .dll 2012-07-28 05:15:12 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2012-07-28 05:15:04 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\Spotlight Resources.dll 2012-07-28 05:10:52 -------- d-----w- C:\ProgramData\Tarma Installer 2012-07-28 05:10:24 -------- d-----w- C:\ProgramData\Babylon 2012-07-28 01:34:39 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{769F5E7F-A21C-42C9-B7D1-EE3352F78B07}\mpengine.dll 2012-07-26 04:16:19 -------- d-----w- C:\Users\JL\AppData\Roaming\GrabIt 2012-07-26 04:15:52 -------- d-----w- C:\Program Files (x86)\GrabIt 2012-07-12 05:04:29 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-12 01:33:32 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll . ==================== Find3M ==================== . 2012-07-28 16:46:46 1048576 ----a-w- C:\Windows\PE_Rom.dll 2012-07-28 03:18:04 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-28 03:18:04 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-03 20:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-03 19:12:23 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll 2012-06-03 18:56:45 1142 ----a-w- C:\Windows\SysWow64\ealregsnapshot1.reg 2012-06-03 18:50:56 103736 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-06-03 18:50:51 669184 ----a-w- C:\Windows\SysWow64\pbsvc.exe 2012-06-03 18:50:51 66872 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2012-06-02 22:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-05-31 19:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-05-15 10:48:00 949056 ----a-w- C:\Windows\System32\nvumdshimx.dll 2012-05-15 09:29:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe 2012-05-15 09:29:46 63296 ----a-w- C:\Windows\System32\nvshext.dll 2012-05-15 09:29:46 118080 ----a-w- C:\Windows\System32\nvmctray.dll 2012-05-15 09:29:45 2621723 ----a-w- C:\Windows\System32\nvcoproc.bin 2012-05-15 09:29:25 3149632 ----a-w- C:\Windows\System32\nvsvc64.dll 2012-05-15 09:28:42 6151488 ----a-w- C:\Windows\System32\nvcpl.dll 2012-05-15 09:21:50 423744 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2012-05-08 02:39:33 21840 ----a-w- C:\Windows\SysWow64\SIntfNT.dll 2012-05-08 02:39:33 17212 ----a-w- C:\Windows\SysWow64\SIntf32.dll 2012-05-08 02:39:33 12067 ----a-w- C:\Windows\SysWow64\SIntf16.dll 2012-05-08 02:26:05 94208 ----a-w- C:\Windows\DIIUnin.exe 2012-05-08 02:26:05 2829 ----a-w- C:\Windows\DIIUnin.pif 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll . ============= FINISH: 10:22:52.13 =============== |
30-Jul-2012, 10:54 AM
#5 | ||||||||
| Hi. Sorry for the delay. I notice you don't have an antivirus software installed. It is critical to have one installed to ensure your computer is free from any virus infections. Install Antivirus An anti-virus is essential in keeping your computer safe while surfing the Internet. Please install a (ONE) free anti-virus program from one of the links below: Update It after the installation is complete please and keep it up to date at all times. Next:
I would now like you to run a program called OTL which will scan your machine and produce a log. This will enable me to analyse your machine thoroughly.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of OTL.Txt and the Extras.txt in your next reply. |
04-Aug-2012, 11:41 AM
#7 | ||||||
| Yes Jimbo - here's the contents of the OTL reports (and I installed MS Security Essentials + I have Malwarebytes installed as well). OTL logfile created on: 8/4/2012 8:39:14 AM - Run 1 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\JL\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.95 Gb Total Physical Memory | 6.09 Gb Available Physical Memory | 76.54% Memory free 7.95 Gb Paging File | 5.79 Gb Available in Paging File | 72.83% Paging File free Paging file location(s): [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 119.14 Gb Total Space | 35.15 Gb Free Space | 29.50% Space Free | Partition Type: NTFS Drive D: | 6.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: JL-PC | User Name: JL | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/08/04 08:38:43 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\JL\Desktop\OTL.exe PRC - [2012/07/13 17:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/06/03 11:50:51 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012/04/19 02:13:50 | 000,405,832 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe PRC - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/02/08 19:10:34 | 001,111,680 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe PRC - [2012/02/08 14:05:50 | 003,111,552 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe PRC - [2012/02/07 21:37:27 | 001,492,912 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.28\AsusFanControlService.exe PRC - [2012/02/02 15:20:32 | 000,889,984 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe PRC - [2012/02/02 02:56:35 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe PRC - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2012/02/01 16:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2012/01/20 16:29:28 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012/01/20 16:29:26 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012/01/20 11:45:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe PRC - [2012/01/10 09:39:40 | 001,501,824 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe PRC - [2012/01/04 12:59:50 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2011/12/30 18:42:50 | 001,153,664 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe PRC - [2011/10/31 09:57:48 | 000,465,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe PRC - [2011/10/28 18:59:26 | 000,918,448 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe PRC - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe PRC - [2010/11/26 21:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe PRC - [2010/11/20 20:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe PRC - [2010/10/21 02:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe ========== Modules (No Company Name) ========== MOD - [2012/07/13 17:17:14 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012/06/16 08:29:52 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8ab16b2721684612a 1c9053401797082\IAStorUtil.ni.dll MOD - [2012/06/13 18:09:05 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe6 51c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012/06/13 18:09:02 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f8773 6d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012/05/16 18:02:58 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80 574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012/05/16 18:02:51 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d4 9b407b93663bfed\System.Xml.ni.dll MOD - [2012/05/16 18:02:49 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673 d948179195c\System.ni.dll MOD - [2012/05/16 18:02:49 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c50 6bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012/05/16 18:02:46 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a35 9778ea57d914c\mscorlib.ni.dll MOD - [2012/05/15 02:21:26 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2012/04/19 02:13:50 | 000,405,832 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe MOD - [2012/04/10 02:32:54 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll MOD - [2012/04/10 02:32:50 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll MOD - [2012/04/10 02:32:40 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll MOD - [2012/04/10 02:32:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll MOD - [2012/04/10 02:32:34 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll MOD - [2012/02/03 10:12:22 | 001,122,304 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll MOD - [2012/02/02 15:12:48 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll MOD - [2012/01/20 10:17:16 | 000,150,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll MOD - [2012/01/19 09:39:30 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll MOD - [2011/12/29 20:45:12 | 001,296,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll MOD - [2011/12/29 02:13:20 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll MOD - [2011/12/28 11:18:44 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll MOD - [2011/09/26 19:36:24 | 000,869,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll MOD - [2011/09/26 18:37:26 | 001,616,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll MOD - [2011/09/20 18:11:28 | 000,985,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll MOD - [2011/09/08 15:23:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll MOD - [2011/06/08 11:15:44 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\ThermalRadar.dll MOD - [2011/04/30 08:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll MOD - [2010/09/23 11:51:36 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll MOD - [2010/08/22 19:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll MOD - [2010/02/25 14:01:30 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsZip.dll MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/05/10 20:40:52 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2012/01/10 21:01:52 | 000,627,936 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) Capability Licensing Service Interface) Intel(R) SRV:64bit: - [2011/08/15 17:38:50 | 000,178,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R) PROSet Monitoring Service) Intel(R) SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/07/27 20:18:04 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/07/13 17:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/07/04 07:57:13 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/06/03 11:50:51 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012/05/15 03:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/02/07 21:37:27 | 001,492,912 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.28\AsusFanControlService.exe -- (AsusFanControlService) SRV - [2012/02/02 02:56:35 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc) SRV - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2012/01/20 16:29:28 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2012/01/20 16:29:26 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2012/01/20 11:45:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) Intel(R) SRV - [2011/12/21 03:04:42 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R) SRV - [2011/10/28 18:59:26 | 000,918,448 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe -- (asComSvc) SRV - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) Intel(R) Integrated Clock Controller Service - Intel(R) SRV - [2010/10/21 02:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/04/18 10:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012/03/25 17:55:22 | 000,066,336 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM) DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012/03/09 10:57:36 | 000,023,816 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135) DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2012/01/06 10:44:12 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64) DRV:64bit: - [2012/01/04 12:58:50 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) Intel(R) DRV:64bit: - [2012/01/04 12:58:50 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) Intel(R) DRV:64bit: - [2012/01/04 12:58:50 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) Intel(R) DRV:64bit: - [2011/12/15 02:01:08 | 014,646,560 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011/12/05 12:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2011/11/10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2011/11/03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci) DRV:64bit: - [2011/11/03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3) DRV:64bit: - [2011/08/12 03:13:36 | 000,032,360 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd) DRV:64bit: - [2011/07/19 18:37:56 | 000,342,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R) DRV:64bit: - [2011/05/23 08:39:28 | 000,016,384 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AseUSBCC.sys -- (ASEUSBCC) DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 20:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/08/17 10:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT) Intel(R) Watchdog Timer Driver (Intel(R) WDT) DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2012/04/19 02:13:50 | 000,010,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=adk...B&cr=425798436 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.ph...B&cr=425798436 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=adk...B&cr=425798436 IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.ph...B&cr=425798436 IE - HKLM\..\SearchScopes\{5046F975-4B67-2AF5-365B-075B1563CDDD}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1D 02 11 D9 87 2D CD 01 [binary data] IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={search...00c86000a19d1d IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\..\SearchScopes\{5046F975-4B67-2AF5-365B-075B1563CDDD}: "URL" = http://www.bing.com/search?q={search...ox&FORM=IE8SRC IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\JL\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\JL\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\JL\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\JL\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/28 17:43:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/28 17:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JL\AppData\Roaming\Mozilla\Extensions [2012/07/28 17:43:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/07/13 17:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/07/13 17:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/07/13 17:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggesti on}{google  riginalQueryForSuggestion}{google:searchFieldtrialParameter}sou rceid=chrome&ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chro me&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\JL\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNa ClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\JL\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\JL\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dl l CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Google Update (Enabled) = C:\Users\JL\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: YouTube = C:\Users\JL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\JL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: We-Care Reminder = C:\Users\JL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.25_0\ CHR - Extension: Gmail = C:\Users\JL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [VIRTU MVP] C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe () O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC7ED8C4-89D8-408E-B760-D05729A4236D}: DhcpNameServer = 192.168.1.1 O20:64bit: - AppInit_DLLs: (C:\Windows\system32\appinit_dll.dll) - C:\Windows\SysNative\appinit_dll.dll (Lucidlogix Inc.) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\appinit_dll.dll) - C:\Windows\SysWOW64\appinit_dll.dll (Lucidlogix Inc.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/05/10 20:31:39 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2007/10/24 15:38:50 | 000,000,000 | ---D | M] - D:\autorun -- [ CDFS ] O32 - AutoRun File - [2007/07/19 07:53:44 | 000,000,058 | R--- | M] () - D:\Autorun.inf -- [ CDFS ] O32 - AutoRun File - [2007/10/24 15:11:40 | 004,318,432 | R--- | M] (Crytek) - D:\AutoRunCD.exe -- [ CDFS ] O33 - MountPoints2\{3f38a9f1-9b29-11e1-a7b0-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{3f38a9f1-9b29-11e1-a7b0-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRunCD.exe -- [2007/10/24 15:11:40 | 004,318,432 | R--- | M] (Crytek) O33 - MountPoints2\{67bc0564-97f3-11e1-b340-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{67bc0564-97f3-11e1-b340-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2007/10/24 15:55:21 | 000,316,640 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/08/04 08:38:43 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\JL\Desktop\OTL.exe [2012/08/04 08:34:33 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012/08/04 08:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2012/08/04 08:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client [2012/07/28 17:44:28 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Local\Macromedia [2012/07/28 17:43:44 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Roaming\Mozilla [2012/07/28 17:43:44 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Local\Mozilla [2012/07/28 17:43:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012/07/28 17:43:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012/07/28 10:20:54 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\JL\Desktop\dds.com [2012/07/28 10:12:07 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\JL\Desktop\HijackThis.exe [2012/07/27 22:16:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2012/07/27 22:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2012/07/27 22:10:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012/07/27 22:10:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2012/07/25 21:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012/07/25 21:55:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip [2012/07/25 21:16:19 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Roaming\GrabIt [2012/07/25 21:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt [2012/07/25 21:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GrabIt [2012/07/11 22:03:31 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/07/11 22:03:31 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/07/11 22:03:30 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/07/11 22:03:30 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/07/11 22:03:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/07/11 22:03:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/07/11 22:03:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/07/11 22:03:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/07/11 22:03:29 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/07/11 22:03:29 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/07/11 22:03:29 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/07/11 22:03:29 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/07/11 22:03:29 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/07/11 18:33:32 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012/07/11 18:33:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012/07/11 18:33:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012/07/11 18:33:31 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012/07/11 18:33:31 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/08/04 08:39:34 | 000,795,854 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/08/04 08:39:34 | 000,671,110 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/08/04 08:39:34 | 000,126,196 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/08/04 08:38:43 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\JL\Desktop\OTL.exe [2012/08/04 08:37:18 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/04 08:37:18 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/04 08:36:17 | 000,000,000 | ---- | M] () -- C:\Windows\Path.idx [2012/08/04 08:34:34 | 000,002,315 | ---- | M] () -- C:\Users\JL\Desktop\Google Chrome.lnk [2012/08/04 08:32:12 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif [2012/08/04 08:32:08 | 000,809,512 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/08/04 08:31:14 | 001,048,576 | ---- | M] () -- C:\Windows\PE_Rom.dll [2012/08/04 08:30:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/08/02 19:30:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2564183217-1780356419-2778177185-1000UA.job [2012/08/02 19:20:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2564183217-1780356419-2778177185-1002UA.job [2012/08/02 19:18:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/08/02 18:30:00 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2564183217-1780356419-2778177185-1000Core.job [2012/07/28 17:43:42 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/07/28 14:20:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2564183217-1780356419-2778177185-1002Core.job [2012/07/28 10:20:54 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\JL\Desktop\dds.com [2012/07/28 10:12:07 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\JL\Desktop\HijackThis.exe [2012/07/28 09:49:03 | 000,001,254 | ---- | M] () -- C:\Users\JL\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/07/27 22:10:50 | 000,000,258 | RHS- | M] () -- C:\Users\JL\ntuser.pol [2012/07/27 22:10:35 | 000,000,304 | ---- | M] () -- C:\user.js [2012/07/27 20:18:04 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/07/27 20:18:04 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/07/15 10:54:30 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/07/12 18:56:18 | 000,283,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/07/05 18:45:50 | 000,001,139 | ---- | M] () -- C:\Windows\MB.idx [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/08/04 08:34:34 | 000,002,315 | ---- | C] () -- C:\Users\JL\Desktop\Google Chrome.lnk [2012/08/04 08:32:12 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif [2012/08/04 08:32:09 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2012/07/28 18:20:11 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2564183217-1780356419-2778177185-1000UA.job [2012/07/28 18:20:11 | 000,000,844 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2564183217-1780356419-2778177185-1000Core.job [2012/07/28 17:43:42 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012/07/28 17:43:42 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/07/27 22:10:50 | 000,000,258 | RHS- | C] () -- C:\Users\JL\ntuser.pol [2012/07/27 22:10:35 | 000,000,304 | ---- | C] () -- C:\user.js [2012/07/15 10:54:30 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/06/04 18:35:39 | 000,000,090 | ---- | C] () -- C:\Users\JL\AppData\Local\fusioncache.dat [2012/06/03 11:50:52 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/06/03 11:50:51 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2012/06/03 11:50:51 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012/05/16 18:15:43 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini [2012/05/15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012/05/13 17:45:03 | 000,003,072 | ---- | C] () -- C:\Users\JL\AppData\Local\file__0.localstorage [2012/05/10 20:36:50 | 000,809,512 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/05/07 19:39:33 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll [2012/05/07 19:39:33 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll [2012/05/07 19:39:33 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll [2012/05/07 19:26:06 | 000,038,333 | ---- | C] () -- C:\Windows\DIIUnin.dat [2012/05/06 21:24:16 | 012,985,344 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll [2012/05/06 21:24:16 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin [2012/05/06 21:24:16 | 000,479,528 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin [2012/05/06 21:24:16 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012/05/06 21:20:05 | 001,048,576 | ---- | C] () -- C:\Windows\PE_Rom.dll [2012/05/06 20:49:36 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2012/05/06 20:49:28 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2012/05/06 20:37:03 | 000,054,764 | ---- | C] () -- C:\Windows\Ascd_log.ini [2012/05/06 20:35:11 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012/05/06 20:35:05 | 000,041,687 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2012/01/10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2011/09/19 06:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll [2011/04/10 20:34:56 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config ========== Alternate Data Streams ========== @Alternate Data Stream - 210 bytes -> C:\ProgramData\TEMP:322D2CD3 < End of report > OTL Extras logfile created on: 8/4/2012 8:39:14 AM - Run 1 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\JL\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.95 Gb Total Physical Memory | 6.09 Gb Available Physical Memory | 76.54% Memory free 7.95 Gb Paging File | 5.79 Gb Available in Paging File | 72.83% Paging File free Paging file location(s): [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 119.14 Gb Total Space | 35.15 Gb Free Space | 29.50% Space Free | Partition Type: NTFS Drive D: | 6.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: JL-PC | User Name: JL | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2564183217-1780356419-2778177185-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules] "{2A1CB198-74C2-4433-8591-E779C1A3F53B}" = lport=138 | protocol=17 | dir=in | app=system | "{32E444A1-2E45-45F2-BE79-A7A3AF840713}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{4463DAE8-72A0-466D-A5EC-AE796E63235B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4720E570-9C77-4D68-AA82-BFBEA2A800C8}" = rport=445 | protocol=6 | dir=out | app=system | "{52C06364-124C-413E-BB9D-DDD2FC9C6073}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{5DBFAD1D-3B27-4BF9-B2BB-BA25411E6ECA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{7CA9B733-8FA4-4D0B-9039-60B0D765DD89}" = lport=445 | protocol=6 | dir=in | app=system | "{A0B27C52-64CE-4120-B8A0-B661F4969460}" = rport=138 | protocol=17 | dir=out | app=system | "{A5C90B7E-D7BC-4A28-BC50-F3320E9BCB68}" = lport=139 | protocol=6 | dir=in | app=system | "{C4C233A6-6A86-42EC-886F-0BC328B5F73F}" = rport=137 | protocol=17 | dir=out | app=system | "{C4D2A149-6C41-45BE-867F-6F1E88D91B96}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{DDC7F29C-87A1-4234-AA3A-E5E7FEAEA205}" = lport=137 | protocol=17 | dir=in | app=system | "{DE8CC1E0-B1F6-463E-8FDD-D0AF4C264563}" = rport=139 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules] "{027E8308-BB22-473B-A5DB-C0222FC591EC}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe | "{13CDFC01-0BC5-464F-9E38-114EACCF0DA1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{20411A97-DEFB-45DC-93F3-F5E45F994456}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe | "{265361E5-425E-4E04-92CF-9ADD34AB8034}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe | "{2CC4E496-EBF5-4F96-AD3A-FC7F3BF88D01}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | "{3ACD3790-A94B-40B8-88E0-ECDCD11EC324}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\bin\sdklauncher.exe | "{44E10475-E7A5-4ECC-8DE3-B5BFDBA0D46F}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | "{46141C07-519C-4B28-B87E-6D16911CB576}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{476C89FE-A030-4FF5-95AE-A27DFD3450F9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{4E566805-BA9F-4107-A57F-6F955C527C6A}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe | "{54B5C87C-6D0E-4988-8527-0112B6EDFB45}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | "{5603E085-6859-4BA9-BB81-A3BF604FD1C1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{5F1C6F33-63ED-4531-A88B-E8A2EA2C2146}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{6142339F-98CE-492A-AC07-7A66B69FCC71}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{6D6EB67B-A19C-4720-A286-7E91B1DBDE1F}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe | "{7ADC0D34-66DD-490C-9330-494DB4C56458}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{7E73DE08-31E0-42E9-B700-0F7BC1A20FE3}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | "{87BAB672-A44C-417C-A4C4-82AF789562C3}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe | "{8EE3B3CA-C523-4C42-BDBB-27FF22F58F5A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{920B3326-678F-4ADC-8563-4F4BEC75747A}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe | "{A08B30E6-A92D-416B-84DA-5C3095483D6E}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe | "{AF39F8CA-A267-45EA-9430-362DA70333AC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B599564E-C417-49B4-82F0-1DFA6DA9F701}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\bin\sdklauncher.exe | "{C99E7B27-B660-4514-B704-433D7825D868}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{CA3F9F03-E750-41C8-83D9-A75E3C2B0C27}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | "{E4387AC6-E01D-4467-88F7-95737F44E58F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{E7C4AC4B-465C-4235-8F60-DBCC95BA1432}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | "{EBC8DF89-5492-4ADB-AB47-F23C7B5894D7}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe | "{F2042FB7-D96F-46FE-8645-93713C3DB0D8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{F2900852-B355-4177-AA97-8DA1EC1F4D70}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe | "{FB7C2423-F4FA-422A-A550-CFD2B72C30AE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{FC92DFA0-053B-48BF-BDF7-022D24A137FC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | "TCP Query User{5BBDE6A1-817A-49F1-A552-510100E5C1CE}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | "TCP Query User{D393399B-4155-4ABA-929C-BEF3EE2EBDA7}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "TCP Query User{D545A37F-84D3-4BA6-A7AD-DE1A05090DD0}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "TCP Query User{F91672CF-F7E1-400B-9993-2A13517081F0}C:\program files (x86)\steam\steamapps\jlthrash\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\jlthrash\team fortress 2\hl2.exe | "UDP Query User{4274364D-2A38-4CEA-8C0E-68814EDABAFA}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | "UDP Query User{7B673842-8869-486A-A895-DFAD95B28C81}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | "UDP Query User{A4DE0822-5EE5-4428-ADA6-147FF7695778}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "UDP Query User{B45751EE-A442-4997-A463-694A4B1D121F}C:\program files (x86)\steam\steamapps\jlthrash\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\jlthrash\team fortress 2\hl2.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{357A82F9-B5FF-46C8-ABA2-104695E0F1D1}" = Intel(R) Network Connections 16.6.126.0 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{538B98C3-773F-4F20-9C66-802D104DCBE2}" = Intel® Trusted Connect Service Client "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{7346B4A0-1300-0110-0409-705C0D862004}" = Revit Architecture 2013 "{7346B4A0-1300-0111-0409-705C0D862004}" = Revit Architecture 2013 Language Pack - English "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 301.42 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.16.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Autodesk Revit Architecture 2013" = Autodesk Revit Architecture 2013 "CPUID CPU-Z_is1" = CPUID CPU-Z 1.60.1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Security Client" = Microsoft Security Essentials "PROSetDX" = Intel(R) Network Connections 16.6.126.0 "Unigine Heaven DX11 Benchmark (Basic Edition)_is1" = Heaven DX11 Benchmark version 3.0 "VIRTU MVP_is1" = VIRTU MVP 2.1.112 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R) "{017E831B-D7DA-4C95-AE17-1B3A448D991B}" = Antec CC Driver x64 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 "{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013 "{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver "{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}" = Autodesk Material Library Low Resolution Image Library 2013 "{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT) "{47BBA5AA-CA6F-4A41-858D-A7A776F29A8B}" = Google SketchUp 8 "{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 "{58760EEC-8B6A-43F4-81AA-696E381DFADD}" = Autodesk Material Library Medium Resolution Image Library 2013 "{5F2A7080-CE89-442D-ABF8-5991FF351A09}" = Antec CC "{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade "{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013 "{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6DA2B636-698A-3294-BF4A-B5E11B238CDD}" = Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R) "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}" = Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 "{91221AAC-F2A0-4028-8016-C7DAF63CB6CC}" = FARO LS 1.1.408.2 "{987F1753-1F42-4DF2-A5EA-0CCB777F3EB0}" = CWA Reminder by We-Care.com v4.0.19.3 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI "{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 "{BA31F48A-C811-30B4-AD93-1986C7838442}" = Google Talk Plugin "{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}" = Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}" = WinZip 15.0 "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver "{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}" = Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime "7-Zip" = 7-Zip 9.22beta "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Afterburner" = MSI Afterburner 2.2.0 "BFGC" = Big Fish Games: Game Manager "BFG-Peggle Nights" = Peggle Nights "Crysis WARHEAD(R)" = Crysis WARHEAD(R) "Diablo II" = Diablo II "Diablo III" = Diablo III "EGREEN" = ASUS E-Green Uninstall "E-Hammer1.0.0" = E-Hammer "FARO LS_is1" = FARO LS 4.8.2.25521 "GrabIt_is1" = GrabIt 1.7.2 Beta 6 (build 1008) "InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300 "Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "PrecisionX" = EVGA Precision X 3.0.2 "PunkBusterSvc" = PunkBuster Services "Steam App 440" = Team Fortress 2 "Steam App 620" = Portal 2 "Steam App 629" = Portal 2 Authoring Tools - Beta ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2564183217-1780356419-2778177185-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 8/1/2012 9:49:25 PM | Computer Name = JL-PC | Source = PerfOS | ID = 2011 Description = Error - 8/2/2012 12:21:46 AM | Computer Name = JL-PC | Source = Application Error | ID = 1000 Description = Faulting application name: crysis64.exe, version: 1.1.1.6115, time stamp: 0x47c58f4f Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000d0000001500 Faulting process id: 0xf9c Faulting application start time: 0x01cd705affc3d1c4 Faulting application path: C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\crysis64.exe Faulting module path: unknown Report Id: 91acf31e-dc59-11e1-a312-c86000a19d1d Error - 8/2/2012 8:56:19 PM | Computer Name = JL-PC | Source = WinMgmt | ID = 10 Description = Error - 8/4/2012 11:31:29 AM | Computer Name = JL-PC | Source = PerfOS | ID = 2011 Description = Error - 8/4/2012 11:31:33 AM | Computer Name = JL-PC | Source = PerfOS | ID = 2011 Description = Error - 8/4/2012 11:32:40 AM | Computer Name = JL-PC | Source = WinMgmt | ID = 10 Description = Error - 8/4/2012 11:33:33 AM | Computer Name = JL-PC | Source = PerfOS | ID = 2011 Description = Error - 8/4/2012 11:33:35 AM | Computer Name = JL-PC | Source = PerfOS | ID = 2011 Description = Error - 8/4/2012 11:35:33 AM | Computer Name = JL-PC | Source = PerfOS | ID = 2011 Description = Error - 8/4/2012 11:39:33 AM | Computer Name = JL-PC | Source = PerfOS | ID = 2011 Description = [ Media Center Events ] Error - 7/28/2012 5:17:38 PM | Computer Name = JL-PC | Source = MCUpdate | ID = 0 Description = 2:17:38 PM - Error connecting to the internet. 2:17:38 PM - Unable to contact server.. Error - 7/28/2012 5:17:45 PM | Computer Name = JL-PC | Source = MCUpdate | ID = 0 Description = 2:17:43 PM - Error connecting to the internet. 2:17:43 PM - Unable to contact server.. [ System Events ] Error - 7/31/2012 9:20:51 PM | Computer Name = JL-PC | Source = Service Control Manager | ID = 7038 Description = The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error - 7/31/2012 9:20:51 PM | Computer Name = JL-PC | Source = Service Control Manager | ID = 7000 Description = The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error - 8/1/2012 12:50:02 AM | Computer Name = JL-PC | Source = Service Control Manager | ID = 7038 Description = The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error - 8/1/2012 12:50:02 AM | Computer Name = JL-PC | Source = Service Control Manager | ID = 7000 Description = The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error - 8/1/2012 9:03:19 PM | Computer Name = JL-PC | Source = Service Control Manager | ID = 7038 Description = The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error - 8/1/2012 9:03:19 PM | Computer Name = JL-PC | Source = Service Control Manager | ID = 7000 Description = The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error - 8/2/2012 8:56:29 PM | Computer Name = JL-PC | Source = Service Control Manager | ID = 7038 Description = The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error - 8/2/2012 8:56:29 PM | Computer Name = JL-PC | Source = Service Control Manager | ID = 7000 Description = The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 Error - 8/4/2012 11:32:50 AM | Computer Name = JL-PC | Source = Service Control Manager | ID = 7038 Description = The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: %%1330 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error - 8/4/2012 11:32:50 AM | Computer Name = JL-PC | Source = Service Control Manager | ID = 7000 Description = The NVIDIA Update Service Daemon service failed to start due to the following error: %%1069 < End of report > |
10-Aug-2012, 02:56 PM
#10 | ||||||||
| Hi. Please run adwcleaner.exe again, it should be located on your desktop. Please make sure you close every other program down before running this program, including the browser you are using to read this. I would suggest you copy the instructions below and save to notepad, as it may help.
Please run OTL again.
How is your system behaving now? In your next reply, please post the following: - The log from adwcleaner - New OTL log |
11-Aug-2012, 12:47 PM
#11 | ||||||
| # AdwCleaner v1.800 - Logfile created 08/11/2012 at 09:42:30 # Updated 01/08/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : JL - JL-PC # Running from : C:\Users\JL\Desktop\adwcleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [Registre - GUID] ***** ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v14.0.1 (en-US) Profile name : default File : C:\Users\JL\AppData\Roaming\Mozilla\Firefox\Profiles\b5p6spry.default\prefs .js [OK] File is clean. Profile name : default File : C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\s1d4vw3e.default \prefs.js [OK] File is clean. -\\ Google Chrome v21.0.1180.75 File : C:\Users\JL\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. File : C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [6765 octets] - [07/08/2012 18:32:55] AdwCleaner[S1].txt - [6024 octets] - [11/08/2012 09:41:49] AdwCleaner[S2].txt - [1205 octets] - [11/08/2012 09:42:30] ########## EOF - C:\AdwCleaner[S2].txt - [1333 octets] ########## OTL logfile created on: 8/11/2012 9:45:02 AM - Run 2 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\JL\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.95 Gb Total Physical Memory | 6.63 Gb Available Physical Memory | 83.39% Memory free 7.95 Gb Paging File | 6.43 Gb Available in Paging File | 80.91% Paging File free Paging file location(s): [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 119.14 Gb Total Space | 22.84 Gb Free Space | 19.17% Space Free | Partition Type: NTFS Drive D: | 6.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: JL-PC | User Name: JL | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/08/04 08:38:43 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\JL\Desktop\OTL.exe PRC - [2012/07/03 21:45:20 | 000,084,360 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/06/03 11:50:51 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012/04/19 02:13:50 | 000,405,832 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe PRC - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/02/08 19:10:34 | 001,111,680 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe PRC - [2012/02/08 14:05:50 | 003,111,552 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe PRC - [2012/02/07 21:37:27 | 001,492,912 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.28\AsusFanControlService.exe PRC - [2012/02/02 15:20:32 | 000,889,984 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe PRC - [2012/02/02 02:56:35 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe PRC - [2012/02/01 16:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2012/01/20 11:45:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe PRC - [2012/01/10 09:39:40 | 001,501,824 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe PRC - [2012/01/04 12:59:50 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2011/12/30 18:42:50 | 001,153,664 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe PRC - [2011/10/31 09:57:48 | 000,465,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe PRC - [2011/10/28 18:59:26 | 000,918,448 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe PRC - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe PRC - [2010/11/26 21:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe PRC - [2010/11/20 20:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe PRC - [2010/10/21 02:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe ========== Modules (No Company Name) ========== MOD - [2012/06/16 08:29:52 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8ab16b2721684612a 1c9053401797082\IAStorUtil.ni.dll MOD - [2012/06/13 18:09:05 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe6 51c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012/06/13 18:09:02 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f8773 6d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012/05/16 18:02:58 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80 574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012/05/16 18:02:51 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d4 9b407b93663bfed\System.Xml.ni.dll MOD - [2012/05/16 18:02:49 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673 d948179195c\System.ni.dll MOD - [2012/05/16 18:02:49 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c50 6bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012/05/16 18:02:46 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a35 9778ea57d914c\mscorlib.ni.dll MOD - [2012/04/19 02:13:50 | 000,405,832 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe MOD - [2012/04/10 02:32:54 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll MOD - [2012/04/10 02:32:50 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll MOD - [2012/04/10 02:32:40 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll MOD - [2012/04/10 02:32:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll MOD - [2012/04/10 02:32:34 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll MOD - [2012/02/03 10:12:22 | 001,122,304 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll MOD - [2012/02/02 15:12:48 | 000,786,432 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll MOD - [2012/01/20 10:17:16 | 000,150,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll MOD - [2012/01/19 09:39:30 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll MOD - [2011/12/29 20:45:12 | 001,296,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll MOD - [2011/12/29 02:13:20 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll MOD - [2011/12/28 11:18:44 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll MOD - [2011/09/26 19:36:24 | 000,869,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll MOD - [2011/09/26 18:37:26 | 001,616,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll MOD - [2011/09/20 18:11:28 | 000,985,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll MOD - [2011/09/08 15:23:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll MOD - [2011/07/28 16:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll MOD - [2011/06/08 11:15:44 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\ThermalRadar.dll MOD - [2011/04/30 08:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll MOD - [2010/08/22 19:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/05/10 20:40:52 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2012/01/10 21:01:52 | 000,627,936 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) Capability Licensing Service Interface) Intel(R) SRV:64bit: - [2011/08/15 17:38:50 | 000,178,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R) PROSet Monitoring Service) Intel(R) SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/08/06 18:35:40 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012/08/04 10:18:10 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/07/13 17:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/06/03 11:50:51 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012/05/15 03:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012/04/03 22:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/02/07 21:37:27 | 001,492,912 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.28\AsusFanControlService.exe -- (AsusFanControlService) SRV - [2012/02/02 02:56:35 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc) SRV - [2012/02/01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Start_Pending] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2012/01/20 16:29:28 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2012/01/20 16:29:26 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2012/01/20 11:45:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) Intel(R) SRV - [2011/12/21 03:04:42 | 000,274,200 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) Intel(R) SRV - [2011/10/28 18:59:26 | 000,918,448 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe -- (asComSvc) SRV - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) Intel(R) Integrated Clock Controller Service - Intel(R) SRV - [2010/10/21 02:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/04/18 10:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012/03/25 17:55:22 | 000,066,336 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM) DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012/03/09 10:57:36 | 000,023,816 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135) DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2012/01/06 10:44:12 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64) DRV:64bit: - [2012/01/04 12:58:50 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) Intel(R) DRV:64bit: - [2012/01/04 12:58:50 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) Intel(R) DRV:64bit: - [2012/01/04 12:58:50 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) Intel(R) DRV:64bit: - [2011/12/15 02:01:08 | 014,646,560 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011/12/05 12:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2011/11/10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2011/11/03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci) DRV:64bit: - [2011/11/03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3) DRV:64bit: - [2011/08/12 03:13:36 | 000,032,360 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd) DRV:64bit: - [2011/07/19 18:37:56 | 000,342,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R) DRV:64bit: - [2011/05/23 08:39:28 | 000,016,384 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AseUSBCC.sys -- (ASEUSBCC) DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 20:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/08/17 10:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT) Intel(R) Watchdog Timer Driver (Intel(R) WDT) DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2012/04/19 02:13:50 | 000,010,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008/11/14 03:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=adk...B&cr=425798436 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.ph...B&cr=425798436 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.ph...B&cr=425798436 IE - HKLM\..\SearchScopes\{5046F975-4B67-2AF5-365B-075B1563CDDD}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1D 02 11 D9 87 2D CD 01 [binary data] IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\..\SearchScopes,DefaultScope = {5046F975-4B67-2AF5-365B-075B1563CDDD} IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\..\SearchScopes\{5046F975-4B67-2AF5-365B-075B1563CDDD}: "URL" = http://www.bing.com/search?q={search...ox&FORM=IE8SRC IE - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\JL\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\JL\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\JL\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\JL\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/28 17:43:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/28 17:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JL\AppData\Roaming\Mozilla\Extensions [2012/07/28 17:43:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/07/13 17:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/07/13 17:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/07/13 17:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggesti on}{google riginalQueryForSuggestion}{google:searchFieldtrialParameter}sou rceid=chrome&ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chro me&hl={language}&q={searchTerms}, CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\JL\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNa ClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\JL\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\JL\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dl l CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Google Update (Enabled) = C:\Users\JL\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: YouTube = C:\Users\JL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\JL\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: We-Care Reminder = C:\Users\JL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.25_0\ CHR - Extension: Gmail = C:\Users\JL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [VIRTU MVP] C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe () O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-2564183217-1780356419-2778177185-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC7ED8C4-89D8-408E-B760-D05729A4236D}: DhcpNameServer = 192.168.1.1 O20:64bit: - AppInit_DLLs: (C:\Windows\system32\appinit_dll.dll) - C:\Windows\SysNative\appinit_dll.dll (Lucidlogix Inc.) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\appinit_dll.dll) - C:\Windows\SysWOW64\appinit_dll.dll (Lucidlogix Inc.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/05/10 20:31:39 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2007/10/24 15:38:50 | 000,000,000 | ---D | M] - D:\autorun -- [ CDFS ] O32 - AutoRun File - [2007/07/19 07:53:44 | 000,000,058 | R--- | M] () - D:\Autorun.inf -- [ CDFS ] O32 - AutoRun File - [2007/10/24 15:11:40 | 004,318,432 | R--- | M] (Crytek) - D:\AutoRunCD.exe -- [ CDFS ] O33 - MountPoints2\{3f38a9f1-9b29-11e1-a7b0-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{3f38a9f1-9b29-11e1-a7b0-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRunCD.exe -- [2007/10/24 15:11:40 | 004,318,432 | R--- | M] (Crytek) O33 - MountPoints2\{67bc0564-97f3-11e1-b340-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{67bc0564-97f3-11e1-b340-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2007/10/24 15:55:21 | 000,316,640 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/08/09 19:52:22 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Roaming\Realtime Soft [2012/08/09 19:52:20 | 000,000,000 | ---D | C] -- C:\Program Files\UltraMon [2012/08/09 19:52:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Realtime Soft [2012/08/09 19:52:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Realtime Soft [2012/08/07 21:39:39 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Roaming\vlc [2012/08/07 21:27:21 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Roaming\NVIDIA [2012/08/07 21:26:58 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Roaming\DivX [2012/08/07 21:26:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2012/08/07 21:26:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2012/08/07 21:26:43 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2012/08/07 21:26:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2012/08/07 21:26:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2012/08/07 21:25:33 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2012/08/04 16:27:08 | 000,266,632 | ---- | C] (Realtime Soft Ltd) -- C:\Windows\UltraMon.scr [2012/08/04 08:38:43 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\JL\Desktop\OTL.exe [2012/08/04 08:34:33 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012/08/04 08:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2012/08/04 08:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client [2012/07/28 17:44:28 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Local\Macromedia [2012/07/28 17:43:44 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Roaming\Mozilla [2012/07/28 17:43:44 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Local\Mozilla [2012/07/28 17:43:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012/07/28 17:43:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012/07/28 10:20:54 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\JL\Desktop\dds.com [2012/07/28 10:12:07 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\JL\Desktop\HijackThis.exe [2012/07/27 22:16:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2012/07/27 22:10:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012/07/25 21:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012/07/25 21:55:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip [2012/07/25 21:16:19 | 000,000,000 | ---D | C] -- C:\Users\JL\AppData\Roaming\GrabIt [2012/07/25 21:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt [2012/07/25 21:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GrabIt [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/08/11 09:43:51 | 001,048,576 | ---- | M] () -- C:\Windows\PE_Rom.dll [2012/08/11 09:43:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/08/11 09:42:43 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/11 09:42:43 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/10 22:30:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2564183217-1780356419-2778177185-1000UA.job [2012/08/10 22:20:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2564183217-1780356419-2778177185-1002UA.job [2012/08/10 22:18:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/08/10 21:21:13 | 000,795,918 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/08/10 21:21:13 | 000,671,110 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/08/10 21:21:13 | 000,126,196 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/08/09 19:52:21 | 000,002,585 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk [2012/08/09 18:47:08 | 000,001,139 | ---- | M] () -- C:\Windows\MB.idx [2012/08/09 18:46:15 | 000,000,551 | ---- | M] () -- C:\Windows\Path.idx [2012/08/09 01:30:44 | 000,002,400 | ---- | M] () -- C:\Users\JL\Desktop\Google Chrome.lnk [2012/08/08 18:30:00 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2564183217-1780356419-2778177185-1000Core.job [2012/08/07 18:32:44 | 000,614,903 | ---- | M] () -- C:\Users\JL\Desktop\adwcleaner.exe [2012/08/04 16:27:08 | 000,266,632 | ---- | M] (Realtime Soft Ltd) -- C:\Windows\UltraMon.scr [2012/08/04 14:20:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2564183217-1780356419-2778177185-1002Core.job [2012/08/04 11:36:52 | 000,001,308 | ---- | M] () -- C:\Users\Public\Desktop\Crysis.lnk [2012/08/04 10:18:10 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/08/04 10:18:09 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/08/04 08:38:43 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\JL\Desktop\OTL.exe [2012/08/04 08:32:12 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif [2012/08/04 08:32:08 | 000,809,512 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/07/28 17:43:42 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/07/28 10:20:54 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\JL\Desktop\dds.com [2012/07/28 10:12:07 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\JL\Desktop\HijackThis.exe [2012/07/28 09:49:03 | 000,001,254 | ---- | M] () -- C:\Users\JL\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/07/27 22:10:50 | 000,000,258 | RHS- | M] () -- C:\Users\JL\ntuser.pol [2012/07/27 22:10:35 | 000,000,304 | ---- | M] () -- C:\user.js [2012/07/15 10:54:30 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/07/12 18:56:18 | 000,283,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/08/09 19:52:21 | 000,002,585 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk [2012/08/09 19:52:21 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraMon.lnk [2012/08/07 18:32:44 | 000,614,903 | ---- | C] () -- C:\Users\JL\Desktop\adwcleaner.exe [2012/08/04 08:34:34 | 000,002,400 | ---- | C] () -- C:\Users\JL\Desktop\Google Chrome.lnk [2012/08/04 08:32:12 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif [2012/08/04 08:32:09 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2012/07/28 18:20:11 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2564183217-1780356419-2778177185-1000UA.job [2012/07/28 18:20:11 | 000,000,844 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2564183217-1780356419-2778177185-1000Core.job [2012/07/28 17:43:42 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012/07/28 17:43:42 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/07/27 22:10:50 | 000,000,258 | RHS- | C] () -- C:\Users\JL\ntuser.pol [2012/07/27 22:10:35 | 000,000,304 | ---- | C] () -- C:\user.js [2012/07/15 10:54:30 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/06/04 18:35:39 | 000,000,090 | ---- | C] () -- C:\Users\JL\AppData\Local\fusioncache.dat [2012/06/03 11:50:52 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/06/03 11:50:51 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2012/06/03 11:50:51 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012/05/16 18:15:43 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini [2012/05/15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012/05/13 17:45:03 | 000,003,072 | ---- | C] () -- C:\Users\JL\AppData\Local\file__0.localstorage [2012/05/10 20:36:50 | 000,809,512 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/05/07 19:39:33 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll [2012/05/07 19:39:33 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll [2012/05/07 19:39:33 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll [2012/05/07 19:26:06 | 000,038,333 | ---- | C] () -- C:\Windows\DIIUnin.dat [2012/05/06 21:24:16 | 012,985,344 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll [2012/05/06 21:24:16 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin [2012/05/06 21:24:16 | 000,479,528 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin [2012/05/06 21:24:16 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012/05/06 21:20:05 | 001,048,576 | ---- | C] () -- C:\Windows\PE_Rom.dll [2012/05/06 20:49:36 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2012/05/06 20:49:28 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2012/05/06 20:37:03 | 000,054,764 | ---- | C] () -- C:\Windows\Ascd_log.ini [2012/05/06 20:35:11 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012/05/06 20:35:05 | 000,041,687 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2012/01/10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2011/09/19 06:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll [2011/04/10 20:34:56 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config ========== Alternate Data Streams ========== @Alternate Data Stream - 210 bytes -> C:\ProgramData\TEMP:322D2CD3 < End of report > |
13-Aug-2012, 08:40 AM
#13 | ||||||||
| Hi. Do you have a Google Chrome account? If you do, is it synced with Chrome? Please open MalwareBytes, and run a quick scan. Please make sure you have the latest updates for MalwareBytes.
Run ESET Online Scan
In your next reply, please post the following: - MalwareBytes report - ESET report |
Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.
If you're not already familiar with forums, watch our Welcome Guide to get started.
| |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| |
button.
button.
to download the ESET Smart Installer. Save it to your desktop.
icon on your desktop. 
button.
, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
button.