View Full Version : Ridiculously slow MSN
SofaKingBad
2011-11-27, 21:41
Lately, I've been getting unbearable lag on MSN, and have been resorting to Skype. However, even that is starting to become slow. Do I have an infection? Here is the log.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
Run by Brian at 14:38:14 on 2011-11-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.4008.1427 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://www.bigseekpro.com/tempcleaner/{59847B84-AB2A-4526-ACFA-958E2084E6E6}
uDefault_Page_URL = hxxp://asus.msn.com
uSearch Bar =
mStart Page = hxxp://www.bigseekpro.com/tempcleaner/{59847B84-AB2A-4526-ACFA-958E2084E6E6}
mWinlogon: Userinit=userinit.exe,
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: DhcpNameServer = 64.71.255.198
TCP: Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC} : DhcpNameServer = 64.71.255.198
TCP: Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC}\452554E444E65647635323 : DhcpNameServer = 192.168.10.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
AppInit_DLLs: c:\windows\syswow64\nvinit.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun-x64: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
AppInit_DLLs-X64: c:\windows\syswow64\nvinit.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\67ki3v3h.default\
FF - prefs.js: browser.search.selectedEngine - Search
FF - prefs.js: browser.startup.homepage - hxxp://www.basilmarket.com/
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-10-25 145920]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-10 2009704]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-8-17 1153368]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUVStor.sys --> C:\Windows\system32\Drivers\RtsUVStor.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-11-27 19:21:21 -------- d-----w- C:\Users\Brian\AppData\Local\{4946FE1E-2EC2-4177-9B77-11398C979336}
2011-11-27 19:20:52 -------- d-----w- C:\Users\Brian\AppData\Local\{33FD39EB-7F8B-452D-BBED-F35CC2738FC1}
2011-11-27 07:20:20 -------- d-----w- C:\Users\Brian\AppData\Local\{B9A3B3AA-D3DF-4ABB-B217-4BEDB82DE8E0}
2011-11-27 07:19:51 -------- d-----w- C:\Users\Brian\AppData\Local\{150D51CF-8391-498E-AD33-092789BC1C3C}
2011-11-26 19:19:19 -------- d-----w- C:\Users\Brian\AppData\Local\{0F04A4A3-F536-4196-9680-721FAE4B9220}
2011-11-26 19:18:58 -------- d-----w- C:\Users\Brian\AppData\Local\{7C596655-A573-4D8E-98B2-7E396E704B34}
2011-11-26 04:38:45 -------- d-----w- C:\Users\Brian\AppData\Local\{B0092D95-D9E5-492C-89E6-0B47EDC1E429}
2011-11-26 04:38:27 -------- d-----w- C:\Users\Brian\AppData\Local\{0D1C10C7-3759-456B-95E9-179EF90418B8}
2011-11-24 22:10:36 -------- d-----w- C:\Users\Brian\AppData\Local\{E5CA75FC-3DE3-44E1-BC38-E97749D6DFE8}
2011-11-24 22:10:06 -------- d-----w- C:\Users\Brian\AppData\Local\{ADD1B18F-D060-4436-A0D5-B05C19576240}
2011-11-23 23:44:21 -------- d-----w- C:\Users\Brian\AppData\Local\{1E02DC52-D800-4A83-96B5-34499C7E3AA4}
2011-11-23 23:44:03 -------- d-----w- C:\Users\Brian\AppData\Local\{2A958134-F8AF-461F-BC75-3BEC3E312FC8}
2011-11-22 22:21:59 -------- d-----w- C:\Users\Brian\AppData\Roaming\AVG2012
2011-11-22 22:20:58 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2011-11-22 22:20:18 -------- d-----w- C:\Windows\System32\drivers\AVG
2011-11-22 22:20:18 -------- d-----w- C:\ProgramData\AVG2012
2011-11-22 22:19:28 -------- d-----w- C:\Program Files (x86)\AVG
2011-11-22 22:14:58 -------- d--h--w- C:\ProgramData\Common Files
2011-11-22 22:14:48 -------- d-----w- C:\ProgramData\MFAData
2011-11-22 21:28:41 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4F84BE66-7A49-4693-A89E-758C29EB87F6}\mpengine.dll
2011-11-22 21:24:54 -------- d-----w- C:\Users\Brian\AppData\Local\{EC9CC3CB-E793-49A6-90BB-71712D4012CA}
2011-11-22 21:24:37 -------- d-----w- C:\Users\Brian\AppData\Local\{B6A7D7F7-AE12-4FB2-9AD4-6EFAA61E19A0}
2011-11-21 21:01:28 -------- d-----w- C:\Users\Brian\AppData\Local\{1825E418-EAB1-40E3-8AC7-AB86E6A4AABC}
2011-11-21 21:00:59 -------- d-----w- C:\Users\Brian\AppData\Local\{C073F86B-BE15-49FD-9E3C-43EC24702594}
2011-11-21 06:19:43 -------- d-----w- C:\Users\Brian\AppData\Local\{06057F8B-1315-4B6C-A3FB-2AEBFB1385B7}
2011-11-21 06:19:25 -------- d-----w- C:\Users\Brian\AppData\Local\{1C180720-6066-4115-AEA5-D64E0BC0D670}
2011-11-20 18:19:01 -------- d-----w- C:\Users\Brian\AppData\Local\{1DA03A28-D880-44B0-9DB5-1F1564AE76F8}
2011-11-20 18:18:43 -------- d-----w- C:\Users\Brian\AppData\Local\{73224B6A-B1EA-45E1-8881-2EFDBB41F214}
2011-11-19 19:36:58 -------- d-----w- C:\Users\Brian\AppData\Local\{21259249-CA0D-417C-93BD-15BB38652339}
2011-11-19 19:36:41 -------- d-----w- C:\Users\Brian\AppData\Local\{170E1A69-D3A3-4F1D-8448-17DA561D699E}
2011-11-19 00:36:03 -------- d-----w- C:\Users\Brian\AppData\Local\{11F10860-077F-42FB-AC2C-55F66D5104ED}
2011-11-19 00:35:45 -------- d-----w- C:\Users\Brian\AppData\Local\{D0C1B352-0249-47D1-ABC7-4C93D1633C2C}
2011-11-17 21:15:34 -------- d-----w- C:\Users\Brian\AppData\Local\{774B1385-A7B1-47E0-8C8B-3C8F37AFAA17}
2011-11-17 21:15:16 -------- d-----w- C:\Users\Brian\AppData\Local\{F0CEB201-DA2D-49E5-B114-4CAE24777A98}
2011-11-17 04:44:34 -------- d-----w- C:\Users\Brian\AppData\Roaming\WinPatrol
2011-11-17 04:44:29 -------- d-----w- C:\ProgramData\InstallMate
2011-11-17 04:44:29 -------- d-----w- C:\Program Files (x86)\BillP Studios
2011-11-16 21:45:07 -------- d-----w- C:\Users\Brian\AppData\Local\{BF31B640-F094-4959-9A8E-03843321E1CB}
2011-11-16 21:44:49 -------- d-----w- C:\Users\Brian\AppData\Local\{4FD6CE5D-8EBA-4A45-A543-864A72D28C34}
2011-11-16 00:54:54 -------- d-----w- C:\Users\Brian\AppData\Local\{11AAC489-61C6-427A-AD07-8D213BC26BBD}
2011-11-16 00:54:26 -------- d-----w- C:\Users\Brian\AppData\Local\{C806CB19-BACA-4A8F-BF2E-F9C17D90470D}
2011-11-15 12:53:55 -------- d-----w- C:\Users\Brian\AppData\Local\{EA1C67E9-6928-4BFE-BB0F-C8586C944711}
2011-11-15 12:53:27 -------- d-----w- C:\Users\Brian\AppData\Local\{0DA1EC25-9039-4606-B0CC-D5E7B83EF361}
2011-11-14 22:52:21 -------- d-----w- C:\Users\Brian\AppData\Local\{74ECD097-46AC-44F2-BB17-10A5806D48AD}
2011-11-14 22:52:03 -------- d-----w- C:\Users\Brian\AppData\Local\{54A860EB-BEF6-4F3D-89A1-12BD0CCAEE32}
2011-11-13 19:54:40 -------- d-----w- C:\Users\Brian\AppData\Local\{7393D8B1-D1E2-40F3-9067-FC7AF383F45C}
2011-11-13 19:54:21 -------- d-----w- C:\Users\Brian\AppData\Local\{5B16B176-1434-4935-820C-8C7A93CE4D86}
2011-11-12 21:42:04 -------- d-----w- C:\Users\Brian\AppData\Local\{27BAF616-D62D-46A7-B25B-2CF1E2126E41}
2011-11-12 21:41:47 -------- d-----w- C:\Users\Brian\AppData\Local\{FF88784E-0D76-4FA9-8E92-E0397D1C710E}
2011-11-12 21:37:47 -------- d-----w- C:\Windows\PCHEALTH
2011-11-12 18:43:38 -------- d-----w- C:\Users\Brian\AppData\Local\{7162C5A1-127A-47C9-97F7-1E6566A30F7D}
2011-11-12 18:43:21 -------- d-----w- C:\Users\Brian\AppData\Local\{24752C6B-63EE-4B3F-84D6-6A82A6178284}
2011-11-11 22:36:37 -------- d-----w- C:\Program Files (x86)\Cisco Systems
2011-11-11 22:35:48 -------- d-----w- C:\ProgramData\Cisco Systems
2011-11-11 21:27:38 -------- d-----w- C:\Users\Brian\AppData\Local\{936BFFB2-C316-4A92-A712-A11D641D5D1F}
2011-11-11 03:03:44 -------- d-----w- C:\Users\Brian\AppData\Local\{931A3F90-8691-4944-99B4-A0133752288D}
2011-11-11 03:03:33 -------- d-----w- C:\Users\Brian\AppData\Local\{62418B86-FDAC-4CBB-90C1-9BFA8F8A47C7}
2011-11-10 12:52:12 -------- d-----w- C:\Users\Brian\AppData\Local\{36E7A0BD-FA97-4B14-9254-9F33323B03C4}
2011-11-09 21:17:33 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-09 21:17:33 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 21:17:32 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-09 21:17:31 3144704 ----a-w- C:\Windows\System32\win32k.sys
2011-11-09 21:10:11 -------- d-----w- C:\Users\Brian\AppData\Local\{D3ED0CDE-8831-44B0-8560-586363CFCB4F}
2011-11-09 21:09:54 -------- d-----w- C:\Users\Brian\AppData\Local\{9D8A5233-7F1C-42CB-A185-CC85E19E845A}
2011-11-08 20:58:32 -------- d-----w- C:\Users\Brian\AppData\Local\{41668E1D-5483-42F2-92C4-6269F3B5EAEC}
2011-11-08 20:58:21 -------- d-----w- C:\Users\Brian\AppData\Local\{17B8DA52-A826-4874-9EDA-264F1FE41F64}
2011-11-07 22:50:23 -------- d-----w- C:\Users\Brian\AppData\Local\{FCAD48A6-2E24-4838-B206-C8451766EEB0}
2011-11-07 22:50:12 -------- d-----w- C:\Users\Brian\AppData\Local\{E60C4053-CE9C-40A3-BC9B-14998FF4661C}
2011-11-06 19:15:52 -------- d-----w- C:\Users\Brian\AppData\Local\{96B1CD51-DCC7-4C86-8729-0FE607986016}
2011-11-06 19:15:41 -------- d-----w- C:\Users\Brian\AppData\Local\{25F65A2B-A947-4275-9169-B5FF23E26A2F}
2011-11-05 03:32:23 -------- d-----w- C:\Users\Brian\AppData\Local\{B8E0EC03-DDB1-46AA-8F61-18ADB23E47A9}
2011-11-05 03:32:13 -------- d-----w- C:\Users\Brian\AppData\Local\{5ABDB4BA-84CA-4C47-829F-B32DBA953BCB}
2011-11-04 15:32:12 -------- d-----w- C:\Users\Brian\AppData\Local\{8080568C-BC75-4160-83CC-ACAAA0EE294E}
2011-11-04 01:49:00 -------- d-----w- C:\Users\Brian\AppData\Roaming\HpUpdate
2011-11-04 01:48:42 27704 ------w- C:\Windows\System32\hppfaxprintermon5.dll
2011-11-04 01:48:42 22072 ------w- C:\Windows\System32\hppfaxprintermonui5.dll
2011-11-04 01:48:41 608 --sha-w- C:\Windows\System32\winzvprt5.sys
2011-11-04 01:45:57 -------- d-----w- C:\Users\Brian\AppData\Roaming\Hewlett-Packard Company
2011-11-04 01:44:40 323584 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpcpp103.dll
2011-11-04 01:42:11 976440 ----a-w- C:\Windows\System32\hpxp1410_x64.dll
2011-11-04 01:42:11 751160 ----a-w- C:\Windows\SysWow64\hpptsp08.dll
2011-11-04 01:42:11 217656 ----a-w- C:\Windows\System32\hppscancoins64.dll
2011-11-04 01:42:11 1150520 ----a-w- C:\Windows\System32\hpptsp08_x64.dll
2011-11-04 01:42:00 311296 ----a-w- C:\Windows\System32\hpbcoins64.dll
2011-11-04 01:41:51 193592 ----a-w- C:\Windows\System32\hppdcompio.dll
2011-11-04 01:41:51 167480 ----a-w- C:\Windows\SysWow64\hppccompio.dll
2011-11-04 01:41:44 176640 ----a-w- C:\Windows\System32\hpcpn103.dll
2011-11-04 01:41:35 491008 ----a-w- C:\Windows\SysWow64\hpcdmc32.dll
2011-11-04 01:41:35 305664 ----a-w- C:\Windows\SysWow64\hpcc3103.dll
2011-11-04 01:40:12 -------- d-----w- C:\Program Files (x86)\HP
2011-11-04 01:37:00 -------- d-----w- C:\Users\Brian\AppData\Local\{FB3E18FF-E39E-457B-9131-787A89016389}
2011-11-04 01:36:47 -------- d-----w- C:\Users\Brian\AppData\Local\{1DD542C6-215A-486D-BD47-D199D6BD70C5}
.
==================== Find3M ====================
.
2011-11-22 21:42:44 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2011-11-17 21:15:19 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-07 11:23:46 283728 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2011-10-03 09:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-10-01 03:25:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-01 02:42:56 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-09-13 11:30:08 37456 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2011-08-31 21:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 14:39:21.34 ===============
Hi and Welcome!! :) My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Watch Topic button to the right of your topic title and then choosing the notification method ( Recommended: Inmediate Notification)
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
IMPORTANT NOTE : Please do not delete anything unless instructed to.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.
Doing so could make your system inoperable and could require a full reinstall of your OS losing all your programs and data.
Vista and Windows 7 users:
These tools MUST be run from the executable (.exe) every time you run them
with Admin Rights (Right click, choose "Run as Administrator")
Stay with this topic until I give you the all clean post.
----------
Sorry about your wait but as you can see we are very busy here.
If you still require assistance please run a new scan with DDS.
-----------
Please download aswMBR (http://public.avast.com/~gmerek/aswMBR.exe ) to your desktop.
Right click and Run as Administrator the aswMBR icon to run it.
Click the Scan button to start scan.
When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.
http://i1190.photobucket.com/albums/z454/Blottedisk/aswMBRscan-1.png (http://i1190.photobucket.com/albums/z454/Blottedisk/aswMBRscan.png )
Click the image to enlarge it
----------
In your next reply please post the log created by DDS and aswMBR. :)
SofaKingBad
2011-12-04, 06:23
Ahh, thank you. Here are the logs. MSN is still having the lags, sadly. =[
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
Run by Brian at 23:18:58 on 2011-12-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.4008.1022 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\AsScrPro.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://www.bigseekpro.com/tempcleaner/{59847B84-AB2A-4526-ACFA-958E2084E6E6}
uDefault_Page_URL = hxxp://asus.msn.com
uSearch Bar =
mStart Page = hxxp://www.bigseekpro.com/tempcleaner/{59847B84-AB2A-4526-ACFA-958E2084E6E6}
mWinlogon: Userinit=userinit.exe,
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: DhcpNameServer = 64.71.255.198
TCP: Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC} : DhcpNameServer = 64.71.255.198
TCP: Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC}\452554E444E65647635323 : DhcpNameServer = 192.168.10.1
TCP: Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC}\54E676C696378602445607162747D656E647 : DhcpNameServer = 10.1.0.5 10.1.0.84
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
AppInit_DLLs: c:\windows\syswow64\nvinit.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun-x64: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
AppInit_DLLs-X64: c:\windows\syswow64\nvinit.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\67ki3v3h.default\
FF - prefs.js: browser.search.selectedEngine - Search
FF - prefs.js: browser.startup.homepage - hxxp://www.basilmarket.com/
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-10-25 145920]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-10 2009704]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-8-17 1153368]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUVStor.sys --> C:\Windows\system32\Drivers\RtsUVStor.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-12-03 01:29:12 -------- d-----w- C:\Users\Brian\AppData\Local\{5BD8EABC-DFC6-4251-9055-F95010F24A63}
2011-12-03 01:28:52 -------- d-----w- C:\Users\Brian\AppData\Local\{B9B28850-643B-4B68-852C-9B0030296F5E}
2011-12-03 00:54:38 -------- d-----w- C:\Users\Brian\AppData\Local\{B5F864D6-6628-445F-A0A7-8E0A41379EA8}
2011-12-03 00:54:08 -------- d-----w- C:\Users\Brian\AppData\Local\{6313CBEF-FFF5-4835-8881-336AB28AA25F}
2011-12-02 18:23:59 -------- d-----w- C:\Users\Brian\AppData\Local\{753F6FA5-162B-4EBB-9EE8-48AFA2DE7B4E}
2011-12-02 00:41:33 -------- d-----w- C:\Users\Brian\AppData\Local\{E7A3C84D-CF47-4601-A370-40BC4E56711C}
2011-12-01 04:02:53 -------- d-----w- C:\Users\Brian\AppData\Local\{0DFA6F47-BFFD-481F-84C4-ED5615E8B7DB}
2011-12-01 04:02:33 -------- d-----w- C:\Users\Brian\AppData\Local\{4F99B9C9-7545-4117-911F-12F75E8F3C14}
2011-11-29 03:19:05 -------- d-----w- C:\Users\Brian\AppData\Local\{88E9D963-B1C4-40C0-BA53-713BAE73BECD}
2011-11-29 03:18:40 -------- d-----w- C:\Users\Brian\AppData\Local\{61801DFF-667C-4E03-8E03-F0D64DECBE5E}
2011-11-27 19:21:21 -------- d-----w- C:\Users\Brian\AppData\Local\{4946FE1E-2EC2-4177-9B77-11398C979336}
2011-11-27 19:20:52 -------- d-----w- C:\Users\Brian\AppData\Local\{33FD39EB-7F8B-452D-BBED-F35CC2738FC1}
2011-11-27 07:20:20 -------- d-----w- C:\Users\Brian\AppData\Local\{B9A3B3AA-D3DF-4ABB-B217-4BEDB82DE8E0}
2011-11-27 07:19:51 -------- d-----w- C:\Users\Brian\AppData\Local\{150D51CF-8391-498E-AD33-092789BC1C3C}
2011-11-26 19:19:19 -------- d-----w- C:\Users\Brian\AppData\Local\{0F04A4A3-F536-4196-9680-721FAE4B9220}
2011-11-26 19:18:58 -------- d-----w- C:\Users\Brian\AppData\Local\{7C596655-A573-4D8E-98B2-7E396E704B34}
2011-11-26 04:38:45 -------- d-----w- C:\Users\Brian\AppData\Local\{B0092D95-D9E5-492C-89E6-0B47EDC1E429}
2011-11-26 04:38:27 -------- d-----w- C:\Users\Brian\AppData\Local\{0D1C10C7-3759-456B-95E9-179EF90418B8}
2011-11-24 22:10:36 -------- d-----w- C:\Users\Brian\AppData\Local\{E5CA75FC-3DE3-44E1-BC38-E97749D6DFE8}
2011-11-24 22:10:06 -------- d-----w- C:\Users\Brian\AppData\Local\{ADD1B18F-D060-4436-A0D5-B05C19576240}
2011-11-23 23:44:21 -------- d-----w- C:\Users\Brian\AppData\Local\{1E02DC52-D800-4A83-96B5-34499C7E3AA4}
2011-11-23 23:44:03 -------- d-----w- C:\Users\Brian\AppData\Local\{2A958134-F8AF-461F-BC75-3BEC3E312FC8}
2011-11-22 22:21:59 -------- d-----w- C:\Users\Brian\AppData\Roaming\AVG2012
2011-11-22 22:20:58 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2011-11-22 22:20:18 -------- d-----w- C:\Windows\System32\drivers\AVG
2011-11-22 22:20:18 -------- d-----w- C:\ProgramData\AVG2012
2011-11-22 22:19:28 -------- d-----w- C:\Program Files (x86)\AVG
2011-11-22 22:14:58 -------- d--h--w- C:\ProgramData\Common Files
2011-11-22 22:14:48 -------- d-----w- C:\ProgramData\MFAData
2011-11-22 21:28:41 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4F84BE66-7A49-4693-A89E-758C29EB87F6}\mpengine.dll
2011-11-22 21:24:54 -------- d-----w- C:\Users\Brian\AppData\Local\{EC9CC3CB-E793-49A6-90BB-71712D4012CA}
2011-11-22 21:24:37 -------- d-----w- C:\Users\Brian\AppData\Local\{B6A7D7F7-AE12-4FB2-9AD4-6EFAA61E19A0}
2011-11-21 21:01:28 -------- d-----w- C:\Users\Brian\AppData\Local\{1825E418-EAB1-40E3-8AC7-AB86E6A4AABC}
2011-11-21 21:00:59 -------- d-----w- C:\Users\Brian\AppData\Local\{C073F86B-BE15-49FD-9E3C-43EC24702594}
2011-11-21 06:19:43 -------- d-----w- C:\Users\Brian\AppData\Local\{06057F8B-1315-4B6C-A3FB-2AEBFB1385B7}
2011-11-21 06:19:25 -------- d-----w- C:\Users\Brian\AppData\Local\{1C180720-6066-4115-AEA5-D64E0BC0D670}
2011-11-20 18:19:01 -------- d-----w- C:\Users\Brian\AppData\Local\{1DA03A28-D880-44B0-9DB5-1F1564AE76F8}
2011-11-20 18:18:43 -------- d-----w- C:\Users\Brian\AppData\Local\{73224B6A-B1EA-45E1-8881-2EFDBB41F214}
2011-11-19 19:36:58 -------- d-----w- C:\Users\Brian\AppData\Local\{21259249-CA0D-417C-93BD-15BB38652339}
2011-11-19 19:36:41 -------- d-----w- C:\Users\Brian\AppData\Local\{170E1A69-D3A3-4F1D-8448-17DA561D699E}
2011-11-19 00:36:03 -------- d-----w- C:\Users\Brian\AppData\Local\{11F10860-077F-42FB-AC2C-55F66D5104ED}
2011-11-19 00:35:45 -------- d-----w- C:\Users\Brian\AppData\Local\{D0C1B352-0249-47D1-ABC7-4C93D1633C2C}
2011-11-17 21:15:34 -------- d-----w- C:\Users\Brian\AppData\Local\{774B1385-A7B1-47E0-8C8B-3C8F37AFAA17}
2011-11-17 21:15:16 -------- d-----w- C:\Users\Brian\AppData\Local\{F0CEB201-DA2D-49E5-B114-4CAE24777A98}
2011-11-17 04:44:34 -------- d-----w- C:\Users\Brian\AppData\Roaming\WinPatrol
2011-11-17 04:44:29 -------- d-----w- C:\ProgramData\InstallMate
2011-11-17 04:44:29 -------- d-----w- C:\Program Files (x86)\BillP Studios
2011-11-16 21:45:07 -------- d-----w- C:\Users\Brian\AppData\Local\{BF31B640-F094-4959-9A8E-03843321E1CB}
2011-11-16 21:44:49 -------- d-----w- C:\Users\Brian\AppData\Local\{4FD6CE5D-8EBA-4A45-A543-864A72D28C34}
2011-11-16 00:54:54 -------- d-----w- C:\Users\Brian\AppData\Local\{11AAC489-61C6-427A-AD07-8D213BC26BBD}
2011-11-16 00:54:26 -------- d-----w- C:\Users\Brian\AppData\Local\{C806CB19-BACA-4A8F-BF2E-F9C17D90470D}
2011-11-15 12:53:55 -------- d-----w- C:\Users\Brian\AppData\Local\{EA1C67E9-6928-4BFE-BB0F-C8586C944711}
2011-11-15 12:53:27 -------- d-----w- C:\Users\Brian\AppData\Local\{0DA1EC25-9039-4606-B0CC-D5E7B83EF361}
2011-11-14 22:52:21 -------- d-----w- C:\Users\Brian\AppData\Local\{74ECD097-46AC-44F2-BB17-10A5806D48AD}
2011-11-14 22:52:03 -------- d-----w- C:\Users\Brian\AppData\Local\{54A860EB-BEF6-4F3D-89A1-12BD0CCAEE32}
2011-11-13 19:54:40 -------- d-----w- C:\Users\Brian\AppData\Local\{7393D8B1-D1E2-40F3-9067-FC7AF383F45C}
2011-11-13 19:54:21 -------- d-----w- C:\Users\Brian\AppData\Local\{5B16B176-1434-4935-820C-8C7A93CE4D86}
2011-11-12 21:42:04 -------- d-----w- C:\Users\Brian\AppData\Local\{27BAF616-D62D-46A7-B25B-2CF1E2126E41}
2011-11-12 21:41:47 -------- d-----w- C:\Users\Brian\AppData\Local\{FF88784E-0D76-4FA9-8E92-E0397D1C710E}
2011-11-12 21:37:47 -------- d-----w- C:\Windows\PCHEALTH
2011-11-12 18:43:38 -------- d-----w- C:\Users\Brian\AppData\Local\{7162C5A1-127A-47C9-97F7-1E6566A30F7D}
2011-11-12 18:43:21 -------- d-----w- C:\Users\Brian\AppData\Local\{24752C6B-63EE-4B3F-84D6-6A82A6178284}
2011-11-11 22:36:37 -------- d-----w- C:\Program Files (x86)\Cisco Systems
2011-11-11 22:35:48 -------- d-----w- C:\ProgramData\Cisco Systems
2011-11-11 21:27:38 -------- d-----w- C:\Users\Brian\AppData\Local\{936BFFB2-C316-4A92-A712-A11D641D5D1F}
2011-11-11 03:03:44 -------- d-----w- C:\Users\Brian\AppData\Local\{931A3F90-8691-4944-99B4-A0133752288D}
2011-11-11 03:03:33 -------- d-----w- C:\Users\Brian\AppData\Local\{62418B86-FDAC-4CBB-90C1-9BFA8F8A47C7}
2011-11-10 12:52:12 -------- d-----w- C:\Users\Brian\AppData\Local\{36E7A0BD-FA97-4B14-9254-9F33323B03C4}
2011-11-09 21:17:33 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-09 21:17:33 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 21:17:32 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-09 21:17:31 3144704 ----a-w- C:\Windows\System32\win32k.sys
2011-11-09 21:10:11 -------- d-----w- C:\Users\Brian\AppData\Local\{D3ED0CDE-8831-44B0-8560-586363CFCB4F}
2011-11-09 21:09:54 -------- d-----w- C:\Users\Brian\AppData\Local\{9D8A5233-7F1C-42CB-A185-CC85E19E845A}
2011-11-08 20:58:32 -------- d-----w- C:\Users\Brian\AppData\Local\{41668E1D-5483-42F2-92C4-6269F3B5EAEC}
2011-11-08 20:58:21 -------- d-----w- C:\Users\Brian\AppData\Local\{17B8DA52-A826-4874-9EDA-264F1FE41F64}
2011-11-07 22:50:23 -------- d-----w- C:\Users\Brian\AppData\Local\{FCAD48A6-2E24-4838-B206-C8451766EEB0}
2011-11-07 22:50:12 -------- d-----w- C:\Users\Brian\AppData\Local\{E60C4053-CE9C-40A3-BC9B-14998FF4661C}
2011-11-06 19:15:52 -------- d-----w- C:\Users\Brian\AppData\Local\{96B1CD51-DCC7-4C86-8729-0FE607986016}
2011-11-06 19:15:41 -------- d-----w- C:\Users\Brian\AppData\Local\{25F65A2B-A947-4275-9169-B5FF23E26A2F}
2011-11-05 03:32:23 -------- d-----w- C:\Users\Brian\AppData\Local\{B8E0EC03-DDB1-46AA-8F61-18ADB23E47A9}
2011-11-05 03:32:13 -------- d-----w- C:\Users\Brian\AppData\Local\{5ABDB4BA-84CA-4C47-829F-B32DBA953BCB}
2011-11-04 15:32:12 -------- d-----w- C:\Users\Brian\AppData\Local\{8080568C-BC75-4160-83CC-ACAAA0EE294E}
.
==================== Find3M ====================
.
2011-12-02 18:23:23 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2011-11-17 21:15:19 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-04 01:48:41 608 --sha-w- C:\Windows\System32\winzvprt5.sys
2011-10-07 11:23:46 283728 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2011-10-03 09:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-10-01 03:25:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-01 02:42:56 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-09-13 11:30:08 37456 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
.
============= FINISH: 23:19:50.15 ===============
And here is the Avast log.
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-03 23:09:44
-----------------------------
23:09:44.920 OS Version: Windows x64 6.1.7601 Service Pack 1
23:09:44.920 Number of processors: 8 586 0x2A07
23:09:44.921 ComputerName: BRIAN-PC UserName: Brian
23:09:50.785 Initialize success
23:10:21.987 AVAST engine defs: 11120302
23:10:41.871 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:10:41.873 Disk 0 Vendor: ST950032 0003 Size: 476940MB BusType: 3
23:10:41.884 Disk 0 MBR read successfully
23:10:41.887 Disk 0 MBR scan
23:10:41.889 Disk 0 Windows 7 default MBR code
23:10:41.891 Service scanning
23:10:44.257 Modules scanning
23:10:44.432 Disk 0 trace - called modules:
23:10:44.490 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
23:10:44.491 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80050bc790]
23:10:44.491 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> [0xfffffa8004ad6560]
23:10:44.491 5 ACPI.sys[fffff88000f9b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004dfb050]
23:10:46.161 AVAST engine scan C:\Windows
23:10:50.495 AVAST engine scan C:\Windows\system32
23:12:41.239 AVAST engine scan C:\Windows\system32\drivers
23:12:53.199 AVAST engine scan C:\Users\Brian
23:18:42.885 Disk 0 MBR has been saved successfully to "C:\Users\Brian\Desktop\MBR.dat"
23:18:42.892 The log file has been saved successfully to "C:\Users\Brian\Desktop\aswMBR.txt"
8885
Hi SofaKingBad,
Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Right-click and Run as Administrator on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
SofaKingBad
2011-12-05, 08:59
Okay, thank you for the reply. Here are the logs.
OTL logfile created on: 12/5/2011 1:51:10 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Brian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.91 Gb Total Physical Memory | 2.38 Gb Available Physical Memory | 60.79% Memory free
8.18 Gb Paging File | 6.10 Gb Available in Paging File | 74.61% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186.30 Gb Total Space | 99.96 Gb Free Space | 53.66% Space Free | Partition Type: NTFS
Drive D: | 254.45 Gb Total Space | 254.24 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Computer Name: BRIAN-PC | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Brian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
PRC - C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6f2de1cb69aef1946760a70f355a3075\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\dd2070ee8e6e28ac8dc658404c50ebde\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll ()
MOD - C:\Program Files (x86)\HP\ToolboxFX\bin\NativeUtils.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
========== Win32 Services (SafeList) ==========
SRV:[b]64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (HP LaserJet Service) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/tempcleaner/{59847B84-AB2A-4526-ACFA-958E2084E6E6}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/tempcleaner/{59847B84-AB2A-4526-ACFA-958E2084E6E6}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "http://www.basilmarket.com/"
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011/11/22 17:21:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/10 02:25:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011/08/17 13:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Extensions
[2011/11/08 16:12:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\67ki3v3h.default\extensions
[2011/09/27 15:28:02 | 000,002,380 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\67ki3v3h.default\searchplugins\search.xml
[2011/11/10 02:25:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/10/20 15:27:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/11/22 17:21:02 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4
() (No name found) -- C:\USERS\BRIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\67KI3V3H.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/11/10 02:25:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/10 02:25:06 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/10 02:25:06 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2011/11/22 17:36:21 | 000,438,702 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15087 more lines...
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP LaserJet Professional CM1410 Series Fax] C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC}: DhcpNameServer = 64.71.255.198
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - AppInit_DLLs: (c:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) -c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/05 01:49:14 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTL.exe
[2011/12/04 18:12:19 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{D390DB2A-480D-4D97-AC84-6DF462A6F729}
[2011/12/04 18:11:50 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{C080BE68-6B76-4E15-8A58-0E1072325D3B}
[2011/12/03 23:08:05 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Brian\Desktop\aswMBR.exe
[2011/12/02 20:29:12 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{5BD8EABC-DFC6-4251-9055-F95010F24A63}
[2011/12/02 20:28:52 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B9B28850-643B-4B68-852C-9B0030296F5E}
[2011/12/02 19:54:38 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B5F864D6-6628-445F-A0A7-8E0A41379EA8}
[2011/12/02 19:54:08 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{6313CBEF-FFF5-4835-8881-336AB28AA25F}
[2011/12/02 13:23:59 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{753F6FA5-162B-4EBB-9EE8-48AFA2DE7B4E}
[2011/12/01 19:41:33 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{E7A3C84D-CF47-4601-A370-40BC4E56711C}
[2011/11/30 23:02:53 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{0DFA6F47-BFFD-481F-84C4-ED5615E8B7DB}
[2011/11/30 23:02:33 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{4F99B9C9-7545-4117-911F-12F75E8F3C14}
[2011/11/28 22:19:05 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{88E9D963-B1C4-40C0-BA53-713BAE73BECD}
[2011/11/28 22:18:40 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{61801DFF-667C-4E03-8E03-F0D64DECBE5E}
[2011/11/27 14:38:04 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Brian\Desktop\dds.scr
[2011/11/27 14:21:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{4946FE1E-2EC2-4177-9B77-11398C979336}
[2011/11/27 14:20:52 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{33FD39EB-7F8B-452D-BBED-F35CC2738FC1}
[2011/11/27 02:20:20 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B9A3B3AA-D3DF-4ABB-B217-4BEDB82DE8E0}
[2011/11/27 02:19:51 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{150D51CF-8391-498E-AD33-092789BC1C3C}
[2011/11/26 14:19:19 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{0F04A4A3-F536-4196-9680-721FAE4B9220}
[2011/11/26 14:18:58 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{7C596655-A573-4D8E-98B2-7E396E704B34}
[2011/11/25 23:38:45 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B0092D95-D9E5-492C-89E6-0B47EDC1E429}
[2011/11/25 23:38:27 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{0D1C10C7-3759-456B-95E9-179EF90418B8}
[2011/11/24 17:10:36 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{E5CA75FC-3DE3-44E1-BC38-E97749D6DFE8}
[2011/11/24 17:10:06 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{ADD1B18F-D060-4436-A0D5-B05C19576240}
[2011/11/23 18:44:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{1E02DC52-D800-4A83-96B5-34499C7E3AA4}
[2011/11/23 18:44:03 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{2A958134-F8AF-461F-BC75-3BEC3E312FC8}
[2011/11/22 18:52:30 | 000,000,000 | ---D | C] -- C:\Users\Brian\Documents\PSP Games
[2011/11/22 18:19:03 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Google
[2011/11/22 17:21:59 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\AVG2012
[2011/11/22 17:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2011/11/22 17:20:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2011/11/22 17:20:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011/11/22 17:20:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2011/11/22 17:19:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2011/11/22 17:14:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/11/22 17:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/11/22 16:24:54 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{EC9CC3CB-E793-49A6-90BB-71712D4012CA}
[2011/11/22 16:24:37 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B6A7D7F7-AE12-4FB2-9AD4-6EFAA61E19A0}
[2011/11/21 16:01:28 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{1825E418-EAB1-40E3-8AC7-AB86E6A4AABC}
[2011/11/21 16:00:59 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{C073F86B-BE15-49FD-9E3C-43EC24702594}
[2011/11/21 01:19:43 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{06057F8B-1315-4B6C-A3FB-2AEBFB1385B7}
[2011/11/21 01:19:25 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{1C180720-6066-4115-AEA5-D64E0BC0D670}
[2011/11/20 13:19:01 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{1DA03A28-D880-44B0-9DB5-1F1564AE76F8}
[2011/11/20 13:18:43 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{73224B6A-B1EA-45E1-8881-2EFDBB41F214}
[2011/11/19 14:36:58 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{21259249-CA0D-417C-93BD-15BB38652339}
[2011/11/19 14:36:41 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{170E1A69-D3A3-4F1D-8448-17DA561D699E}
[2011/11/18 19:36:03 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{11F10860-077F-42FB-AC2C-55F66D5104ED}
[2011/11/18 19:35:45 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{D0C1B352-0249-47D1-ABC7-4C93D1633C2C}
[2011/11/17 16:15:34 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{774B1385-A7B1-47E0-8C8B-3C8F37AFAA17}
[2011/11/17 16:15:16 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{F0CEB201-DA2D-49E5-B114-4CAE24777A98}
[2011/11/17 16:15:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/11/16 23:44:34 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\WinPatrol
[2011/11/16 23:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2011/11/16 23:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2011/11/16 23:44:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BillP Studios
[2011/11/16 16:45:07 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{BF31B640-F094-4959-9A8E-03843321E1CB}
[2011/11/16 16:44:49 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{4FD6CE5D-8EBA-4A45-A543-864A72D28C34}
[2011/11/15 19:54:54 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{11AAC489-61C6-427A-AD07-8D213BC26BBD}
[2011/11/15 19:54:26 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{C806CB19-BACA-4A8F-BF2E-F9C17D90470D}
[2011/11/15 07:53:55 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{EA1C67E9-6928-4BFE-BB0F-C8586C944711}
[2011/11/15 07:53:27 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{0DA1EC25-9039-4606-B0CC-D5E7B83EF361}
[2011/11/14 17:52:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{74ECD097-46AC-44F2-BB17-10A5806D48AD}
[2011/11/14 17:52:03 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{54A860EB-BEF6-4F3D-89A1-12BD0CCAEE32}
[2011/11/13 14:54:40 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{7393D8B1-D1E2-40F3-9067-FC7AF383F45C}
[2011/11/13 14:54:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{5B16B176-1434-4935-820C-8C7A93CE4D86}
[2011/11/12 16:42:04 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{27BAF616-D62D-46A7-B25B-2CF1E2126E41}
[2011/11/12 16:41:47 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{FF88784E-0D76-4FA9-8E92-E0397D1C710E}
[2011/11/12 16:37:47 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/11/12 13:43:38 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{7162C5A1-127A-47C9-97F7-1E6566A30F7D}
[2011/11/12 13:43:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{24752C6B-63EE-4B3F-84D6-6A82A6178284}
[2011/11/11 17:36:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems
[2011/11/11 17:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco Systems
[2011/11/11 16:27:38 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{936BFFB2-C316-4A92-A712-A11D641D5D1F}
[2011/11/10 22:03:44 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{931A3F90-8691-4944-99B4-A0133752288D}
[2011/11/10 22:03:33 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{62418B86-FDAC-4CBB-90C1-9BFA8F8A47C7}
[2011/11/10 07:52:12 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{36E7A0BD-FA97-4B14-9254-9F33323B03C4}
[2011/11/09 16:10:11 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{D3ED0CDE-8831-44B0-8560-586363CFCB4F}
[2011/11/09 16:09:54 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{9D8A5233-7F1C-42CB-A185-CC85E19E845A}
[2011/11/08 15:58:32 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{41668E1D-5483-42F2-92C4-6269F3B5EAEC}
[2011/11/08 15:58:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{17B8DA52-A826-4874-9EDA-264F1FE41F64}
[2011/11/07 17:50:23 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{FCAD48A6-2E24-4838-B206-C8451766EEB0}
[2011/11/07 17:50:12 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{E60C4053-CE9C-40A3-BC9B-14998FF4661C}
[2011/11/06 14:15:52 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{96B1CD51-DCC7-4C86-8729-0FE607986016}
[2011/11/06 14:15:41 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{25F65A2B-A947-4275-9169-B5FF23E26A2F}
========== Files - Modified Within 30 Days ==========
[2011/12/05 01:49:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTL.exe
[2011/12/04 22:06:32 | 000,000,719 | ---- | M] () -- C:\Windows\SysWow64\msexcr.ini
[2011/12/04 18:00:02 | 111,394,062 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/12/04 17:59:37 | 000,064,418 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2011/12/03 23:18:42 | 000,000,512 | ---- | M] () -- C:\Users\Brian\Desktop\MBR.dat
[2011/12/03 23:08:06 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Brian\Desktop\aswMBR.exe
[2011/12/02 20:00:23 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/02 20:00:23 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/02 19:52:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/02 19:52:42 | 3151,900,672 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/02 13:36:54 | 000,741,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/02 13:36:54 | 000,639,872 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/02 13:36:54 | 000,114,364 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/02 13:23:23 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/11/28 23:22:19 | 001,387,080 | ---- | M] () -- C:\Users\Brian\Documents\11282011454.JPG
[2011/11/27 20:00:45 | 000,300,063 | ---- | M] () -- C:\Users\Brian\Documents\IMG_27112011_195943.png
[2011/11/27 19:59:42 | 000,297,694 | ---- | M] () -- C:\Users\Brian\Documents\IMG_27112011_195905.png
[2011/11/27 18:07:22 | 003,595,435 | ---- | M] () -- C:\Users\Brian\Documents\calc seminar.tif
[2011/11/27 15:55:05 | 000,001,960 | ---- | M] () -- C:\Users\Brian\Documents\Attach.zip
[2011/11/27 14:38:07 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Brian\Desktop\dds.scr
[2011/11/22 18:52:10 | 000,002,142 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/11/22 18:51:57 | 000,001,229 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/11/22 17:36:21 | 000,438,702 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/22 17:21:03 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/11/22 17:20:58 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2011/11/22 17:20:58 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/11/20 13:16:46 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/11/20 13:16:46 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/11/17 16:15:19 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/11/10 03:24:35 | 000,285,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/10 02:28:36 | 000,438,443 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111122-173621.backup
========== Files Created - No Company Name ==========
[2011/12/04 22:06:31 | 000,000,719 | ---- | C] () -- C:\Windows\SysWow64\msexcr.ini
[2011/12/04 18:00:02 | 111,394,062 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/12/04 17:59:36 | 000,064,418 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2011/12/03 23:18:42 | 000,000,512 | ---- | C] () -- C:\Users\Brian\Desktop\MBR.dat
[2011/11/28 23:21:50 | 001,387,080 | ---- | C] () -- C:\Users\Brian\Documents\11282011454.JPG
[2011/11/27 20:00:23 | 000,300,063 | ---- | C] () -- C:\Users\Brian\Documents\IMG_27112011_195943.png
[2011/11/27 19:59:12 | 000,297,694 | ---- | C] () -- C:\Users\Brian\Documents\IMG_27112011_195905.png
[2011/11/27 18:06:01 | 003,595,435 | ---- | C] () -- C:\Users\Brian\Documents\calc seminar.tif
[2011/11/27 15:55:05 | 000,001,960 | ---- | C] () -- C:\Users\Brian\Documents\Attach.zip
[2011/11/22 17:21:03 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/11/22 17:20:58 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2011/11/22 17:20:58 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/11/12 16:39:58 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/11/11 17:36:42 | 000,002,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Connect.lnk
[2011/10/22 16:41:39 | 000,000,034 | -H-- | C] () -- C:\Windows\SysWow64\Converter_sysquict.dat
[2011/10/22 16:41:20 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/10/22 16:41:18 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2011/10/22 16:41:18 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/10/22 16:41:18 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/10/22 16:41:18 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/09/05 23:55:34 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/08/20 12:58:29 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/08/20 12:58:29 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/08/17 12:41:00 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011/04/08 01:40:56 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/04/08 01:40:54 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/04/08 01:40:53 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2009/10/25 22:38:22 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009/07/29 00:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/08 20:03:02 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003/09/23 07:14:42 | 001,099,264 | ---- | C] () -- C:\Windows\SysWow64\cygxml2-2.dll
[2003/08/10 09:59:20 | 000,980,992 | ---- | C] () -- C:\Windows\SysWow64\cygiconv-2.dll
[2003/08/08 19:28:16 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\cygz.dll
========== LOP Check ==========
[2011/11/09 18:59:38 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\.minecraft
[2011/08/17 12:49:09 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Asus WebStorage
[2011/11/22 17:21:59 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\AVG2012
[2011/11/18 20:01:12 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Dropbox
[2011/11/16 03:39:57 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\foobar2000
[2011/08/17 12:41:42 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Nuance
[2011/11/16 23:44:34 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\WinPatrol
[2011/08/17 12:41:40 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Zeon
[2009/07/14 00:08:49 | 000,026,902 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 12/5/2011 1:51:10 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Brian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.91 Gb Total Physical Memory | 2.38 Gb Available Physical Memory | 60.79% Memory free
8.18 Gb Paging File | 6.10 Gb Available in Paging File | 74.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186.30 Gb Total Space | 99.96 Gb Free Space | 53.66% Space Free | Partition Type: NTFS
Drive D: | 254.45 Gb Total Space | 254.24 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Computer Name: BRIAN-PC | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{5472B943-1C3F-46F9-91D1-C0E2FEE9ABFB}" = AVG 2012
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BEC69493-1732-4F85-B559-CC99CB30665C}" = AVG 2012
"{C788B026-20BD-4E96-B698-533F1D6C5013}" = 64 Bit HP CIO Components Installer
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AVG" = AVG 2012
"Elantech" = ETDWare PS/2-X64 8.0.5.0_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR 4.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{06F8CD93-C722-45E9-A9A4-F48F78E39E84}" = hppFaxUtilityCM1410
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF0EA0D-F945-4958-85CC-60FF1E86D216}" = HP LaserJet Professional CM1410 Series
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}" = HP LJ CM1410 MFP Series HP Scan
"{229D6185-BD7E-494B-A73B-C5215BE0690E}" = HPLJUT
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 29
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery
"{4006E354-3D24-49BA-A36F-7EB75D50D575}" = hppLaserJetService
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7FAB3316-11F4-44F3-8483-7278717496EC}" = hppTLBXFXCM1410
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92F91A05-8241-4651-B9F4-9D04EE1F2634}" = hppSendFaxCM1410
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3A18593-62BE-4AE1-AF3F-E35179CF042E}" = hpzTLBXFX
"{A82D0C46-EBDF-4B27-A731-D06EF2056E81}" = HP FWUpdateEDO3
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{C9C16E4B-4FDD-4A31-8B8F-EC402082407A}" = HPLaserJetHelp_LearnCenter
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D85A16FA-3408-4EEF-973F-05C1D23901B9}" = hppCM1410LaserJetService
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)
"{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}" = Marketsplash Shortcuts
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FFD7B2D9-AC9D-468C-83A2-21017A811623}" = hppFaxDrvCM1410
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ASUS K3 Series ScreenSaver" = ASUS K3 Series ScreenSaver
"ASUS WebStorage" = ASUS WebStorage
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"foobar2000" = foobar2000 v1.1.7
"Game Booster_is1" = Game Booster
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"MapleStory" = MapleStory
"Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US)
"StarCraft II" = StarCraft II
"The KMPlayer" = The KMPlayer 3.0.0.1441R2
"Vindictus" = Vindictus
"WinLiveSuite" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10/27/2011 12:35:13 PM | Computer Name = Brian-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\Brian\Documents\Setups\SoftonicDownloader_for_kmplayer.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 11/3/2011 11:33:51 PM | Computer Name = Brian-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 11/3/2011 11:33:55 PM | Computer Name = Brian-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "c:\program files (x86)\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll".Error in manifest or policy
file "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll"
on line 2. Invalid Xml syntax.
Error - 11/5/2011 10:06:09 AM | Computer Name = Brian-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 11/9/2011 9:11:20 PM | Computer Name = Brian-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 11/10/2011 4:43:03 AM | Computer Name = Brian-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 11/11/2011 9:06:45 PM | Computer Name = Brian-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 11/12/2011 3:29:11 PM | Computer Name = Brian-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\Brian\Documents\Setups\SoftonicDownloader_for_kmplayer.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 11/12/2011 4:02:35 PM | Computer Name = Brian-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 11/12/2011 4:52:09 PM | Computer Name = Brian-PC | Source = Application Hang | ID = 1002
Description = The program msnmsgr.exe version 15.4.3538.513 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: bac Start
Time: 01cca16aeb27ef37 Termination Time: 1010 Application Path: C:\Program Files
(x86)\Windows Live\Messenger\msnmsgr.exe Report Id: 2adc4fd7-0d70-11e1-b54d-f46d043f6e95
[ System Events ]
Error - 11/19/2011 3:36:26 PM | Computer Name = Brian-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.
Error - 11/20/2011 2:18:35 PM | Computer Name = Brian-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.
Error - 11/21/2011 5:00:55 PM | Computer Name = Brian-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.
Error - 11/22/2011 5:24:29 PM | Computer Name = Brian-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.
Error - 11/22/2011 5:43:07 PM | Computer Name = Brian-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.
Error - 11/22/2011 7:52:23 PM | Computer Name = Brian-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.
Error - 11/23/2011 7:44:03 PM | Computer Name = Brian-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.
Error - 11/24/2011 4:01:18 AM | Computer Name = Brian-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack
1 Redistributable Package (KB2538243).
Error - 11/24/2011 6:10:19 PM | Computer Name = Brian-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.
Error - 11/26/2011 12:38:24 AM | Computer Name = Brian-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.
< End of report >
Yay, they both fit in one. =]
Hi SofaKingBad,
Please disable WinPatrol
Right click on the "Scotty Dog" icon in your system tray and select "Exit Program".
----------
Disable Spybot S-D Tea Timer
TeaTimer needs to be disabled so that its protection does not interfere with fixes.
TeaTimer can be re-enabled once the computer is clean. :)
1. Open Spybot-S&D in Advanced Mode.
2. If it is not already set to do this go to the "Mode" menu and select "Advanced Mode".
3. On the left hand side, click on "Tools".
4. Then click on the Resident Icon in the List.
5. Uncheck "Resident TeaTimer" and OK any prompts.
6. Restart your computer.
----------
Please download ERUNT (http://www.snapfiles.com/get/erunt.html) (Emergency Recovery Utility NT). This program allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed. **Remember if you are using Windows Vista as your operating system right-click the executable and Run as Administrator.
----------
Run OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:Services
:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/tempcleaner/{59847B84-AB2A-4526-ACFA-958E2084E6E6}
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "http://www.basilmarket.com/"
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
[2011/12/04 18:12:19 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{D390DB2A-480D-4D97-AC84-6DF462A6F729}
[2011/12/04 18:11:50 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{C080BE68-6B76-4E15-8A58-0E1072325D3B}
[2011/12/02 20:29:12 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{5BD8EABC-DFC6-4251-9055-F95010F24A63}
[2011/12/02 20:28:52 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B9B28850-643B-4B68-852C-9B0030296F5E}
[2011/12/02 19:54:38 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B5F864D6-6628-445F-A0A7-8E0A41379EA8}
[2011/12/02 19:54:08 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{6313CBEF-FFF5-4835-8881-336AB28AA25F}
[2011/12/02 13:23:59 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{753F6FA5-162B-4EBB-9EE8-48AFA2DE7B4E}
[2011/12/01 19:41:33 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{E7A3C84D-CF47-4601-A370-40BC4E56711C}
[2011/11/30 23:02:53 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{0DFA6F47-BFFD-481F-84C4-ED5615E8B7DB}
[2011/11/30 23:02:33 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{4F99B9C9-7545-4117-911F-12F75E8F3C14}
[2011/11/28 22:19:05 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{88E9D963-B1C4-40C0-BA53-713BAE73BECD}
[2011/11/28 22:18:40 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{61801DFF-667C-4E03-8E03-F0D64DECBE5E}
[2011/11/27 14:21:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{4946FE1E-2EC2-4177-9B77-11398C979336}
[2011/11/27 14:20:52 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{33FD39EB-7F8B-452D-BBED-F35CC2738FC1}
[2011/11/27 02:20:20 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B9A3B3AA-D3DF-4ABB-B217-4BEDB82DE8E0}
[2011/11/27 02:19:51 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{150D51CF-8391-498E-AD33-092789BC1C3C}
[2011/11/26 14:19:19 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{0F04A4A3-F536-4196-9680-721FAE4B9220}
[2011/11/26 14:18:58 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{7C596655-A573-4D8E-98B2-7E396E704B34}
[2011/11/25 23:38:45 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B0092D95-D9E5-492C-89E6-0B47EDC1E429}
[2011/11/25 23:38:27 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{0D1C10C7-3759-456B-95E9-179EF90418B8}
[2011/11/24 17:10:36 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{E5CA75FC-3DE3-44E1-BC38-E97749D6DFE8}
[2011/11/24 17:10:06 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{ADD1B18F-D060-4436-A0D5-B05C19576240}
[2011/11/23 18:44:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{1E02DC52-D800-4A83-96B5-34499C7E3AA4}
[2011/11/23 18:44:03 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{2A958134-F8AF-461F-BC75-3BEC3E312FC8}
[2011/11/22 16:24:54 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{EC9CC3CB-E793-49A6-90BB-71712D4012CA}
[2011/11/22 16:24:37 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B6A7D7F7-AE12-4FB2-9AD4-6EFAA61E19A0}
[2011/11/21 16:01:28 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{1825E418-EAB1-40E3-8AC7-AB86E6A4AABC}
[2011/11/21 16:00:59 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{C073F86B-BE15-49FD-9E3C-43EC24702594}
[2011/11/21 01:19:43 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{06057F8B-1315-4B6C-A3FB-2AEBFB1385B7}
[2011/11/21 01:19:25 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{1C180720-6066-4115-AEA5-D64E0BC0D670}
[2011/11/20 13:19:01 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{1DA03A28-D880-44B0-9DB5-1F1564AE76F8}
[2011/11/20 13:18:43 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{73224B6A-B1EA-45E1-8881-2EFDBB41F214}
[2011/11/19 14:36:58 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{21259249-CA0D-417C-93BD-15BB38652339}
[2011/11/19 14:36:41 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{170E1A69-D3A3-4F1D-8448-17DA561D699E}
[2011/11/18 19:36:03 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{11F10860-077F-42FB-AC2C-55F66D5104ED}
[2011/11/18 19:35:45 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{D0C1B352-0249-47D1-ABC7-4C93D1633C2C}
[2011/11/17 16:15:34 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{774B1385-A7B1-47E0-8C8B-3C8F37AFAA17}
[2011/11/17 16:15:16 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{F0CEB201-DA2D-49E5-B114-4CAE24777A98}
[2011/11/16 16:45:07 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{BF31B640-F094-4959-9A8E-03843321E1CB}
[2011/11/16 16:44:49 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{4FD6CE5D-8EBA-4A45-A543-864A72D28C34}
[2011/11/15 19:54:54 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{11AAC489-61C6-427A-AD07-8D213BC26BBD}
[2011/11/15 19:54:26 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{C806CB19-BACA-4A8F-BF2E-F9C17D90470D}
[2011/11/15 07:53:55 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{EA1C67E9-6928-4BFE-BB0F-C8586C944711}
[2011/11/15 07:53:27 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{0DA1EC25-9039-4606-B0CC-D5E7B83EF361}
[2011/11/14 17:52:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{74ECD097-46AC-44F2-BB17-10A5806D48AD}
[2011/11/14 17:52:03 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{54A860EB-BEF6-4F3D-89A1-12BD0CCAEE32}
[2011/11/13 14:54:40 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{7393D8B1-D1E2-40F3-9067-FC7AF383F45C}
[2011/11/13 14:54:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{5B16B176-1434-4935-820C-8C7A93CE4D86}
[2011/11/12 16:42:04 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{27BAF616-D62D-46A7-B25B-2CF1E2126E41}
[2011/11/12 16:41:47 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{FF88784E-0D76-4FA9-8E92-E0397D1C710E}
[2011/11/12 13:43:38 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{7162C5A1-127A-47C9-97F7-1E6566A30F7D}
[2011/11/12 13:43:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{24752C6B-63EE-4B3F-84D6-6A82A6178284}
[2011/11/11 16:27:38 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{936BFFB2-C316-4A92-A712-A11D641D5D1F}
[2011/11/10 22:03:44 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{931A3F90-8691-4944-99B4-A0133752288D}
[2011/11/10 22:03:33 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{62418B86-FDAC-4CBB-90C1-9BFA8F8A47C7}
[2011/11/10 07:52:12 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{36E7A0BD-FA97-4B14-9254-9F33323B03C4}
[2011/11/09 16:10:11 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{D3ED0CDE-8831-44B0-8560-586363CFCB4F}
[2011/11/09 16:09:54 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{9D8A5233-7F1C-42CB-A185-CC85E19E845A}
[2011/11/08 15:58:32 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{41668E1D-5483-42F2-92C4-6269F3B5EAEC}
[2011/11/08 15:58:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{17B8DA52-A826-4874-9EDA-264F1FE41F64}
[2011/11/07 17:50:23 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{FCAD48A6-2E24-4838-B206-C8451766EEB0}
[2011/11/07 17:50:12 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{E60C4053-CE9C-40A3-BC9B-14998FF4661C}
[2011/11/06 14:15:52 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{96B1CD51-DCC7-4C86-8729-0FE607986016}
[2011/11/06 14:15:41 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{25F65A2B-A947-4275-9169-B5FF23E26A2F}
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptyflash]
[emptyjava]
[clearallrestorepoints]
[resethosts]
[emptytemp]
[start explorer]
[Reboot]
Then click the Run Fix button at the top
Let the program run unhindered. There will be a log created when it completes that I will need in your next reply. Reboot when it is done.
Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
SofaKingBad
2011-12-06, 01:20
Hmmm, stuff seems to load faster now, even Firefox. Here's the log you wanted.
All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "Search" removed from browser.search.selectedEngine
Prefs.js: "http://www.basilmarket.com/" removed from browser.startup.homepage
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
C:\Users\Brian\AppData\Local\{D390DB2A-480D-4D97-AC84-6DF462A6F729} folder moved successfully.
C:\Users\Brian\AppData\Local\{C080BE68-6B76-4E15-8A58-0E1072325D3B} folder moved successfully.
C:\Users\Brian\AppData\Local\{5BD8EABC-DFC6-4251-9055-F95010F24A63} folder moved successfully.
C:\Users\Brian\AppData\Local\{B9B28850-643B-4B68-852C-9B0030296F5E} folder moved successfully.
C:\Users\Brian\AppData\Local\{B5F864D6-6628-445F-A0A7-8E0A41379EA8} folder moved successfully.
C:\Users\Brian\AppData\Local\{6313CBEF-FFF5-4835-8881-336AB28AA25F} folder moved successfully.
C:\Users\Brian\AppData\Local\{753F6FA5-162B-4EBB-9EE8-48AFA2DE7B4E} folder moved successfully.
C:\Users\Brian\AppData\Local\{E7A3C84D-CF47-4601-A370-40BC4E56711C} folder moved successfully.
C:\Users\Brian\AppData\Local\{0DFA6F47-BFFD-481F-84C4-ED5615E8B7DB} folder moved successfully.
C:\Users\Brian\AppData\Local\{4F99B9C9-7545-4117-911F-12F75E8F3C14} folder moved successfully.
C:\Users\Brian\AppData\Local\{88E9D963-B1C4-40C0-BA53-713BAE73BECD} folder moved successfully.
C:\Users\Brian\AppData\Local\{61801DFF-667C-4E03-8E03-F0D64DECBE5E} folder moved successfully.
C:\Users\Brian\AppData\Local\{4946FE1E-2EC2-4177-9B77-11398C979336} folder moved successfully.
C:\Users\Brian\AppData\Local\{33FD39EB-7F8B-452D-BBED-F35CC2738FC1} folder moved successfully.
C:\Users\Brian\AppData\Local\{B9A3B3AA-D3DF-4ABB-B217-4BEDB82DE8E0} folder moved successfully.
C:\Users\Brian\AppData\Local\{150D51CF-8391-498E-AD33-092789BC1C3C} folder moved successfully.
C:\Users\Brian\AppData\Local\{0F04A4A3-F536-4196-9680-721FAE4B9220} folder moved successfully.
C:\Users\Brian\AppData\Local\{7C596655-A573-4D8E-98B2-7E396E704B34} folder moved successfully.
C:\Users\Brian\AppData\Local\{B0092D95-D9E5-492C-89E6-0B47EDC1E429} folder moved successfully.
C:\Users\Brian\AppData\Local\{0D1C10C7-3759-456B-95E9-179EF90418B8} folder moved successfully.
C:\Users\Brian\AppData\Local\{E5CA75FC-3DE3-44E1-BC38-E97749D6DFE8} folder moved successfully.
C:\Users\Brian\AppData\Local\{ADD1B18F-D060-4436-A0D5-B05C19576240} folder moved successfully.
C:\Users\Brian\AppData\Local\{1E02DC52-D800-4A83-96B5-34499C7E3AA4} folder moved successfully.
C:\Users\Brian\AppData\Local\{2A958134-F8AF-461F-BC75-3BEC3E312FC8} folder moved successfully.
C:\Users\Brian\AppData\Local\{EC9CC3CB-E793-49A6-90BB-71712D4012CA} folder moved successfully.
C:\Users\Brian\AppData\Local\{B6A7D7F7-AE12-4FB2-9AD4-6EFAA61E19A0} folder moved successfully.
C:\Users\Brian\AppData\Local\{1825E418-EAB1-40E3-8AC7-AB86E6A4AABC} folder moved successfully.
C:\Users\Brian\AppData\Local\{C073F86B-BE15-49FD-9E3C-43EC24702594} folder moved successfully.
C:\Users\Brian\AppData\Local\{06057F8B-1315-4B6C-A3FB-2AEBFB1385B7} folder moved successfully.
C:\Users\Brian\AppData\Local\{1C180720-6066-4115-AEA5-D64E0BC0D670} folder moved successfully.
C:\Users\Brian\AppData\Local\{1DA03A28-D880-44B0-9DB5-1F1564AE76F8} folder moved successfully.
C:\Users\Brian\AppData\Local\{73224B6A-B1EA-45E1-8881-2EFDBB41F214} folder moved successfully.
C:\Users\Brian\AppData\Local\{21259249-CA0D-417C-93BD-15BB38652339} folder moved successfully.
C:\Users\Brian\AppData\Local\{170E1A69-D3A3-4F1D-8448-17DA561D699E} folder moved successfully.
C:\Users\Brian\AppData\Local\{11F10860-077F-42FB-AC2C-55F66D5104ED} folder moved successfully.
C:\Users\Brian\AppData\Local\{D0C1B352-0249-47D1-ABC7-4C93D1633C2C} folder moved successfully.
C:\Users\Brian\AppData\Local\{774B1385-A7B1-47E0-8C8B-3C8F37AFAA17} folder moved successfully.
C:\Users\Brian\AppData\Local\{F0CEB201-DA2D-49E5-B114-4CAE24777A98} folder moved successfully.
C:\Users\Brian\AppData\Local\{BF31B640-F094-4959-9A8E-03843321E1CB} folder moved successfully.
C:\Users\Brian\AppData\Local\{4FD6CE5D-8EBA-4A45-A543-864A72D28C34} folder moved successfully.
C:\Users\Brian\AppData\Local\{11AAC489-61C6-427A-AD07-8D213BC26BBD} folder moved successfully.
C:\Users\Brian\AppData\Local\{C806CB19-BACA-4A8F-BF2E-F9C17D90470D} folder moved successfully.
C:\Users\Brian\AppData\Local\{EA1C67E9-6928-4BFE-BB0F-C8586C944711} folder moved successfully.
C:\Users\Brian\AppData\Local\{0DA1EC25-9039-4606-B0CC-D5E7B83EF361} folder moved successfully.
C:\Users\Brian\AppData\Local\{74ECD097-46AC-44F2-BB17-10A5806D48AD} folder moved successfully.
C:\Users\Brian\AppData\Local\{54A860EB-BEF6-4F3D-89A1-12BD0CCAEE32} folder moved successfully.
C:\Users\Brian\AppData\Local\{7393D8B1-D1E2-40F3-9067-FC7AF383F45C} folder moved successfully.
C:\Users\Brian\AppData\Local\{5B16B176-1434-4935-820C-8C7A93CE4D86} folder moved successfully.
C:\Users\Brian\AppData\Local\{27BAF616-D62D-46A7-B25B-2CF1E2126E41} folder moved successfully.
C:\Users\Brian\AppData\Local\{FF88784E-0D76-4FA9-8E92-E0397D1C710E} folder moved successfully.
C:\Users\Brian\AppData\Local\{7162C5A1-127A-47C9-97F7-1E6566A30F7D} folder moved successfully.
C:\Users\Brian\AppData\Local\{24752C6B-63EE-4B3F-84D6-6A82A6178284} folder moved successfully.
C:\Users\Brian\AppData\Local\{936BFFB2-C316-4A92-A712-A11D641D5D1F} folder moved successfully.
C:\Users\Brian\AppData\Local\{931A3F90-8691-4944-99B4-A0133752288D} folder moved successfully.
C:\Users\Brian\AppData\Local\{62418B86-FDAC-4CBB-90C1-9BFA8F8A47C7} folder moved successfully.
C:\Users\Brian\AppData\Local\{36E7A0BD-FA97-4B14-9254-9F33323B03C4} folder moved successfully.
C:\Users\Brian\AppData\Local\{D3ED0CDE-8831-44B0-8560-586363CFCB4F} folder moved successfully.
C:\Users\Brian\AppData\Local\{9D8A5233-7F1C-42CB-A185-CC85E19E845A} folder moved successfully.
C:\Users\Brian\AppData\Local\{41668E1D-5483-42F2-92C4-6269F3B5EAEC} folder moved successfully.
C:\Users\Brian\AppData\Local\{17B8DA52-A826-4874-9EDA-264F1FE41F64} folder moved successfully.
C:\Users\Brian\AppData\Local\{FCAD48A6-2E24-4838-B206-C8451766EEB0} folder moved successfully.
C:\Users\Brian\AppData\Local\{E60C4053-CE9C-40A3-BC9B-14998FF4661C} folder moved successfully.
C:\Users\Brian\AppData\Local\{96B1CD51-DCC7-4C86-8729-0FE607986016} folder moved successfully.
C:\Users\Brian\AppData\Local\{25F65A2B-A947-4275-9169-B5FF23E26A2F} folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Brian\Desktop\cmd.bat deleted successfully.
C:\Users\Brian\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYFLASH]
User: All Users
User: Brian
->Flash cache emptied: 107892 bytes
User: Default
User: Default User
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0.00 mb
[EMPTYJAVA]
User: All Users
User: Brian
->Java cache emptied: 0 bytes
User: Default
User: Default User
User: Public
User: UpdatusUser
Total Java Files Cleaned = 0.00 mb
Restore point Set: OTL Restore Point
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Brian
->Temp folder emptied: 73249124 bytes
->Temporary Internet Files folder emptied: 50284474 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 1078168596 bytes
->Flash cache emptied: 0 bytes
User: Default
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2058364 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 24140177 bytes
Total Files Cleaned = 1,171.00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 12052011_180437
Files\Folders moved on Reboot...
C:\Users\Brian\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
Thanks again!
Hi SofaKingBad,
I see that you have Malwarebytes on your system. Please open Malwarebytes, update it and then run a Quick Scan. Please save the log that is created for your next reply.
----------
ESET Online Scanner
I'd like us to scan your machine with ESET Online Scan
Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.
Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan (http://eset.com/onlinescan)
Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop.
Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png
Click the Start button.
Accept any security warnings from your browser.
Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png
Make sure that the option "Remove found threats" is Unchecked
Push the Start button.
ESET will then download updates for itself, install itself, and begin
scanning your computer. Please be patient as this can take some time.
When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png
Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as
ESETScan. Include the contents of this report in your next reply.
Push the Back button.
Push Finish
http://www.eset.com/onlinescan/
----------
In your next reply please post the logs created by Malwarebytes and ESET online scanner. :)
SofaKingBad
2011-12-07, 00:42
Okay, here is the log. However, the ESET Online Scan didn't visually say that it produced any logs, would that be a problem? All I got was this screen.
http://img10.imageshack.us/img10/1266/83904819.png (http://imageshack.us/photo/my-images/10/83904819.png/)
And then by digging into my C Drive, I found this. Is this what's needed?
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=0af932c89a9f784cbbc669e315f99723
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-06 05:50:29
# local_time=2011-12-06 12:50:29 (-0500, Eastern Standard Time)
# country="Canada"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 1063015 1063015 0 0
# compatibility_mode=5893 16776574 100 94 1062892 74689633 0 0
# compatibility_mode=6912 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=119870
# found=0
# cleaned=0
# scan_time=4446
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=0af932c89a9f784cbbc669e315f99723
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-06 10:10:29
# local_time=2011-12-06 05:10:29 (-0500, Eastern Standard Time)
# country="Canada"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 1122524 1122524 0 0
# compatibility_mode=5893 16776574 100 94 1122401 74749142 0 0
# compatibility_mode=6912 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=120898
# found=0
# cleaned=0
# scan_time=3737
Anyways, here is the Malwarebytes log.
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8320
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
05/12/2011 11:30:55 PM
mbam-log-2011-12-05 (23-30-55).txt
Scan type: Quick scan
Objects scanned: 181915
Time elapsed: 3 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Hi SKB,
Thanks for those logs. If there is nothing found by ESET than there is no log created. :)
Please download JavaRa (http://raproducts.org/click/click.php?id=1) to your desktop and unzip it to its own
folder
Run JavaRa.exe (double-click for XP/right-click and Run as Administrator for Vista), pick the language of your choice and click Select. Then
click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe (double-click for XP/right-click and Run as Administrator for Vista) again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest
Java Runtime Environment (JRE) version for your computer.
----------
Once that is completed please run DDS once more and post both of the logs into your next reply and let me know how your system is running. :)
SofaKingBad
2011-12-08, 07:24
Hey Jeff! I think the problem lies not on my computer, but rather on MSN itself, cuz MSN still fails to run smoothly. It still takes about 3 minutes to get from the login screen to the contacts list. Also, after running JavaRa and looking at my Programs and Features, I still have the old Java 6 Update 29. Is this supposed to happen?
8915
Anyways, here are the logs you asked for.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
Run by Brian at 0:12:01 on 2011-12-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.4008.1959 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://www.bigseekpro.com/tempcleaner/{59847B84-AB2A-4526-ACFA-958E2084E6E6}
uDefault_Page_URL = hxxp://asus.msn.com
uSearch Bar =
mStart Page =
mLocal Page =
mWinlogon: Userinit=userinit.exe,
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
StartupFolder: C:\Users\Brian\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: DhcpNameServer = 64.71.255.198
TCP: Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC} : DhcpNameServer = 64.71.255.198
TCP: Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC}\2556C6967696F6E602445607162747D656E647 : DhcpNameServer = 10.1.0.5 10.1.0.84
TCP: Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC}\452554E444E65647635323 : DhcpNameServer = 192.168.10.1
TCP: Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC}\54E676C696378602445607162747D656E647 : DhcpNameServer = 10.1.0.5 10.1.0.84
TCP: Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC}\94E63707962756 : DhcpNameServer = 10.1.0.5 10.1.0.84
TCP: Interfaces\{5C7938AB-0FC6-4F8A-BCB9-4DEA9E577787} : DhcpNameServer = 10.1.0.5 10.1.0.84
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
AppInit_DLLs: c:\windows\syswow64\nvinit.dll
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun-x64: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
AppInit_DLLs-X64: c:\windows\syswow64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\67ki3v3h.default\
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-10-25 145920]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-10 2009704]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-8-17 1153368]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUVStor.sys --> C:\Windows\system32\Drivers\RtsUVStor.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-12-08 04:18:25 -------- d-----w- C:\Users\Brian\AppData\Local\{B4D998E6-FB5E-48CB-8B1B-5DB02383B8AF}
2011-12-08 04:18:04 -------- d-----w- C:\Users\Brian\AppData\Local\{786C09C6-9ADA-461E-A3B1-87A98AB8F287}
2011-12-08 04:17:08 627600 ----a-w- C:\Windows\System32\deployJava1.dll
2011-12-08 02:33:09 -------- d-----w- C:\Users\Brian\AppData\Local\{2AC83BC6-A1CF-4A9D-A2F1-EF3D49061779}
2011-12-06 21:03:38 -------- d-----w- C:\Users\Brian\AppData\Local\{87E6DEE0-5A66-4B6C-A1E7-0C6FDB00DBC3}
2011-12-06 21:03:20 -------- d-----w- C:\Users\Brian\AppData\Local\{792668E5-37B8-4311-962C-24E5D4AB14CE}
2011-12-06 14:21:46 -------- d-----w- C:\Users\Brian\AppData\Local\{DF57A85F-B3DA-4220-B388-AE340E1205EB}
2011-12-06 04:32:38 -------- d-----w- C:\Program Files (x86)\ESET
2011-12-05 23:19:08 -------- d-----w- C:\Users\Brian\AppData\Local\{49D240CA-E2C0-49AB-B07F-BB1549D133CF}
2011-12-05 23:04:37 -------- d-----w- C:\_OTL
2011-12-05 23:02:29 -------- d-----w- C:\Users\Brian\AppData\Local\{EB39040D-AD7A-4651-A7A9-6CA6F0E5C331}
2011-12-05 17:23:35 -------- d-----w- C:\Users\Brian\AppData\Local\{96920B75-9D35-456F-8D47-FC8F967856E7}
2011-12-05 15:35:39 -------- d-----w- C:\Users\Brian\AppData\Local\{1DC7C932-1CE6-4C02-AE29-963D581445BA}
2011-12-05 14:15:19 -------- d-----w- C:\Users\Brian\AppData\Local\{9F3A1D8B-5F12-4EA2-AFE6-3E04748E3839}
2011-12-05 14:10:34 -------- d-sh--w- C:\found.000
2011-11-22 22:21:59 -------- d-----w- C:\Users\Brian\AppData\Roaming\AVG2012
2011-11-22 22:20:58 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2011-11-22 22:20:18 -------- d-----w- C:\Windows\System32\drivers\AVG
2011-11-22 22:20:18 -------- d-----w- C:\ProgramData\AVG2012
2011-11-22 22:19:28 -------- d-----w- C:\Program Files (x86)\AVG
2011-11-22 22:14:58 -------- d--h--w- C:\ProgramData\Common Files
2011-11-22 22:14:48 -------- d-----w- C:\ProgramData\MFAData
2011-11-22 21:28:41 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4F84BE66-7A49-4693-A89E-758C29EB87F6}\mpengine.dll
2011-11-17 04:44:34 -------- d-----w- C:\Users\Brian\AppData\Roaming\WinPatrol
2011-11-17 04:44:29 -------- d-----w- C:\ProgramData\InstallMate
2011-11-17 04:44:29 -------- d-----w- C:\Program Files (x86)\BillP Studios
2011-11-12 21:37:47 -------- d-----w- C:\Windows\PCHEALTH
2011-11-11 22:36:37 -------- d-----w- C:\Program Files (x86)\Cisco Systems
2011-11-11 22:35:48 -------- d-----w- C:\ProgramData\Cisco Systems
2011-11-09 21:17:33 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-09 21:17:33 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 21:17:32 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-09 21:17:31 3144704 ----a-w- C:\Windows\System32\win32k.sys
.
==================== Find3M ====================
.
2011-12-08 04:54:05 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2011-11-17 21:15:19 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-04 01:48:41 608 --sha-w- C:\Windows\System32\winzvprt5.sys
2011-10-21 22:41:32 510232 ----a-w- C:\Windows\System32\igfxsrvc.exe
2011-10-21 22:41:32 167704 ----a-w- C:\Windows\System32\igfxtray.exe
2011-10-21 22:41:30 416024 ----a-w- C:\Windows\System32\igfxpers.exe
2011-10-21 22:41:28 239896 ----a-w- C:\Windows\System32\igfxext.exe
2011-10-21 22:41:26 392472 ----a-w- C:\Windows\System32\hkcmd.exe
2011-10-21 22:41:24 4378392 ----a-w- C:\Windows\System32\GfxUI.exe
2011-10-21 22:41:24 184600 ----a-w- C:\Windows\System32\difx64.exe
2011-10-21 22:36:12 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2559.dll
2011-10-21 22:30:04 8313856 ----a-w- C:\Windows\System32\igdumd64.dll
2011-10-21 22:30:04 12310112 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
2011-10-21 22:27:54 963116 ----a-w- C:\Windows\SysWow64\igkrng600.bin
2011-10-21 22:27:54 963116 ----a-w- C:\Windows\System32\igkrng600.bin
2011-10-21 22:27:54 217536 ----a-w- C:\Windows\SysWow64\igfcg600m.bin
2011-10-21 22:27:54 217536 ----a-w- C:\Windows\System32\igfcg600m.bin
2011-10-21 22:27:48 75776 ----a-w- C:\Windows\System32\igdde64.dll
2011-10-21 22:25:02 6323712 ----a-w- C:\Windows\SysWow64\igdumd32.dll
2011-10-21 22:22:54 56832 ----a-w- C:\Windows\SysWow64\igdde32.dll
2011-10-21 22:21:44 581120 ----a-w- C:\Windows\SysWow64\igdumdx32.dll
2011-10-21 22:19:24 14592512 ----a-w- C:\Windows\System32\igd10umd64.dll
2011-10-21 22:13:56 12340224 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2011-10-21 22:08:10 18651648 ----a-w- C:\Windows\System32\ig4icd64.dll
2011-10-21 22:03:04 13903872 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2011-10-21 21:58:58 286720 ----a-w- C:\Windows\System32\igfxrnld.lrc
2011-10-21 21:58:58 286720 ----a-w- C:\Windows\System32\igfxrcsy.lrc
2011-10-21 21:58:58 285696 ----a-w- C:\Windows\System32\igfxrdan.lrc
2011-10-21 21:58:56 285184 ----a-w- C:\Windows\System32\igfxrara.lrc
2011-10-21 21:58:56 282624 ----a-w- C:\Windows\System32\igfxrcht.lrc
2011-10-21 21:58:56 282624 ----a-w- C:\Windows\System32\igfxrchs.lrc
2011-10-21 21:58:54 126976 ----a-w- C:\Windows\System32\igfxcpl.cpl
2011-10-21 21:58:24 375808 ----a-w- C:\Windows\System32\igfxpph.dll
2011-10-21 21:58:20 378368 ----a-w- C:\Windows\System32\igfxTMM.dll
2011-10-21 21:58:14 28672 ----a-w- C:\Windows\System32\igfxexps.dll
2011-10-21 21:57:58 62464 ----a-w- C:\Windows\System32\igfxsrvc.dll
2011-10-21 21:57:24 110080 ----a-w- C:\Windows\System32\hccutils.dll
2011-10-21 21:57:16 146432 ----a-w- C:\Windows\System32\gfxSrvc.dll
2011-10-21 21:57:14 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2011-10-21 21:57:14 390144 ----a-w- C:\Windows\System32\igfxdev.dll
2011-10-21 21:56:36 285696 ----a-w- C:\Windows\System32\igfxrenu.lrc
2011-10-21 21:56:30 9014784 ----a-w- C:\Windows\System32\igfxress.dll
2011-10-21 21:56:30 142336 ----a-w- C:\Windows\System32\igfxdo.dll
2011-10-21 21:52:52 24576 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2011-10-21 21:52:04 294400 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2011-10-21 21:50:00 98304 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
2011-10-21 21:50:00 98304 ----a-w- C:\Windows\System32\iglhcp64.dll
2011-10-21 21:50:00 376832 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
2011-10-21 21:50:00 376832 ----a-w- C:\Windows\System32\iglhsip64.dll
2011-10-21 21:50:00 2177536 ----a-w- C:\Windows\System32\igfxcmjit64.dll
2011-10-21 21:50:00 171520 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll
2011-10-21 21:50:00 1663488 ----a-w- C:\Windows\SysWow64\igfxcmjit32.dll
2011-10-21 21:50:00 148480 ----a-w- C:\Windows\System32\igfxcmrt64.dll
2011-10-07 11:23:46 283728 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2011-10-03 09:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-10-01 03:25:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-01 02:42:56 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-09-13 11:30:08 37456 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
.
============= FINISH: 0:12:22.83 ===============
8914
Hi SofaKingBad,
I still have the old Java 6 Update 29. Is this supposed to happenGo ahead and go to your Control Panel >> Programs and Features and then just delete that.
-----------
Lets get another look with OTL. Please run another scan with OTL and then post the new log into your next reply. :)
SofaKingBad
2011-12-09, 23:43
Alright, I deleted the old Java. Here is the log you requested. =]
OTL logfile created on: 12/9/2011 1:56:20 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Brian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.91 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 58.74% Memory free
7.83 Gb Paging File | 5.64 Gb Available in Paging File | 72.10% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186.30 Gb Total Space | 97.29 Gb Free Space | 52.22% Space Free | Partition Type: NTFS
Drive D: | 254.45 Gb Total Space | 254.24 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Computer Name: BRIAN-PC | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Brian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\IObit\Game Booster\gbtray.exe (IObit)
PRC - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
PRC - C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6f2de1cb69aef1946760a70f355a3075\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\dd2070ee8e6e28ac8dc658404c50ebde\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\IObit\Game Booster\sqlite3.dll ()
MOD - C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll ()
MOD - C:\Program Files (x86)\HP\ToolboxFX\bin\NativeUtils.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
========== Win32 Services (SafeList) ==========
SRV:[b]64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (HP LaserJet Service) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/tempcleaner/{59847B84-AB2A-4526-ACFA-958E2084E6E6}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011/11/22 17:21:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/10 02:25:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011/08/17 13:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Extensions
[2011/12/07 23:28:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\67ki3v3h.default\extensions
[2011/09/27 15:28:02 | 000,002,380 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\67ki3v3h.default\searchplugins\search.xml
[2011/12/08 19:27:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/22 17:21:02 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4
() (No name found) -- C:\USERS\BRIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\67KI3V3H.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BRIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\67KI3V3H.DEFAULT\EXTENSIONS\{DD3D7613-0246-469D-BC65-2A3CC1668ADC}.XPI
[2011/11/10 02:25:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/10 02:25:06 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/10 02:25:06 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2011/12/05 18:05:39 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP LaserJet Professional CM1410 Series Fax] C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - Startup: C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC}: DhcpNameServer = 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C7938AB-0FC6-4F8A-BCB9-4DEA9E577787}: DhcpNameServer = 10.1.0.5 10.1.0.84
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - AppInit_DLLs: (c:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) -c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/08 19:24:06 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{E4AD1951-9DE8-4FCF-BC5D-15B79B30F9E6}
[2011/12/08 19:23:48 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{9BF9B1EE-63C1-412E-9A5F-4704A72A8595}
[2011/12/07 23:18:25 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B4D998E6-FB5E-48CB-8B1B-5DB02383B8AF}
[2011/12/07 23:18:04 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{786C09C6-9ADA-461E-A3B1-87A98AB8F287}
[2011/12/07 23:17:08 | 000,627,600 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2011/12/07 23:17:08 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2011/12/07 23:17:08 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2011/12/07 23:17:08 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2011/12/07 23:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/12/07 23:13:32 | 000,000,000 | ---D | C] -- C:\Users\Brian\Desktop\Java
[2011/12/07 21:33:09 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{2AC83BC6-A1CF-4A9D-A2F1-EF3D49061779}
[2011/12/06 16:03:38 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{87E6DEE0-5A66-4B6C-A1E7-0C6FDB00DBC3}
[2011/12/06 16:03:20 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{792668E5-37B8-4311-962C-24E5D4AB14CE}
[2011/12/06 09:21:46 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{DF57A85F-B3DA-4220-B388-AE340E1205EB}
[2011/12/05 23:32:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/12/05 18:19:08 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{49D240CA-E2C0-49AB-B07F-BB1549D133CF}
[2011/12/05 18:04:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/05 18:03:19 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/12/05 18:02:29 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{EB39040D-AD7A-4651-A7A9-6CA6F0E5C331}
[2011/12/05 17:59:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/12/05 17:59:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011/12/05 12:23:35 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{96920B75-9D35-456F-8D47-FC8F967856E7}
[2011/12/05 10:35:39 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{1DC7C932-1CE6-4C02-AE29-963D581445BA}
[2011/12/05 09:15:19 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{9F3A1D8B-5F12-4EA2-AFE6-3E04748E3839}
[2011/12/05 09:10:34 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/12/05 01:49:14 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTL.exe
[2011/12/03 23:08:05 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Brian\Desktop\aswMBR.exe
[2011/11/27 14:38:04 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Brian\Desktop\dds.scr
[2011/11/22 18:52:30 | 000,000,000 | ---D | C] -- C:\Users\Brian\Documents\PSP Games
[2011/11/22 18:19:03 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Google
[2011/11/22 17:21:59 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\AVG2012
[2011/11/22 17:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2011/11/22 17:20:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2011/11/22 17:20:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011/11/22 17:20:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2011/11/22 17:19:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2011/11/22 17:14:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/11/22 17:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/11/17 16:15:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/11/16 23:44:34 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\WinPatrol
[2011/11/16 23:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2011/11/16 23:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2011/11/16 23:44:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BillP Studios
[2011/11/12 16:37:47 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/11/11 17:36:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems
[2011/11/11 17:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco Systems
========== Files - Modified Within 30 Days ==========
[2011/12/09 13:57:16 | 000,741,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/09 13:57:16 | 000,639,872 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/09 13:57:16 | 000,114,364 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/09 13:53:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/09 08:34:34 | 111,718,544 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/12/08 19:30:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/08 19:30:26 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/08 19:21:16 | 3151,900,672 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/08 00:17:06 | 000,002,260 | ---- | M] () -- C:\Users\Brian\Desktop\Attach.zip
[2011/12/07 23:54:05 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/12/07 23:17:01 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2011/12/07 23:17:01 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2011/12/07 23:17:01 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2011/12/07 23:17:01 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2011/12/06 18:32:00 | 000,065,457 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2011/12/05 19:13:09 | 000,553,414 | ---- | M] () -- C:\Users\Brian\Documents\IMG_05122011_191046.png
[2011/12/05 18:05:39 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/12/05 18:03:04 | 000,002,176 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/12/05 17:59:13 | 000,001,106 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/12/05 17:59:03 | 000,000,907 | ---- | M] () -- C:\Users\Brian\Desktop\ERUNT.lnk
[2011/12/05 01:49:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTL.exe
[2011/12/03 23:18:42 | 000,000,512 | ---- | M] () -- C:\Users\Brian\Desktop\MBR.dat
[2011/12/03 23:08:06 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Brian\Desktop\aswMBR.exe
[2011/11/28 23:22:19 | 001,387,080 | ---- | M] () -- C:\Users\Brian\Documents\11282011454.JPG
[2011/11/27 14:38:07 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Brian\Desktop\dds.scr
[2011/11/22 18:51:57 | 000,001,229 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/11/22 17:21:03 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/11/22 17:20:58 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2011/11/22 17:20:58 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/11/20 13:16:46 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/11/20 13:16:46 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/11/17 16:15:19 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/11/10 03:24:35 | 000,285,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/10 02:28:36 | 000,438,443 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111122-173621.backup
========== Files Created - No Company Name ==========
[2011/12/09 08:34:34 | 111,718,544 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/12/08 00:17:06 | 000,002,260 | ---- | C] () -- C:\Users\Brian\Desktop\Attach.zip
[2011/12/06 18:32:00 | 000,065,457 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2011/12/05 19:10:57 | 000,553,414 | ---- | C] () -- C:\Users\Brian\Documents\IMG_05122011_191046.png
[2011/12/05 17:59:13 | 000,001,106 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/12/05 17:59:03 | 000,000,907 | ---- | C] () -- C:\Users\Brian\Desktop\ERUNT.lnk
[2011/12/03 23:18:42 | 000,000,512 | ---- | C] () -- C:\Users\Brian\Desktop\MBR.dat
[2011/11/28 23:21:50 | 001,387,080 | ---- | C] () -- C:\Users\Brian\Documents\11282011454.JPG
[2011/11/22 17:21:03 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/11/22 17:20:58 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2011/11/22 17:20:58 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/11/12 16:39:58 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/11/11 17:36:42 | 000,002,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Connect.lnk
[2011/10/22 16:41:39 | 000,000,034 | -H-- | C] () -- C:\Windows\SysWow64\Converter_sysquict.dat
[2011/10/22 16:41:20 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/10/22 16:41:18 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2011/10/22 16:41:18 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/10/22 16:41:18 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/10/22 16:41:18 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/10/21 17:27:54 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/10/21 17:27:54 | 000,217,536 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/10/21 17:22:54 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/10/21 17:03:04 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/09/05 23:55:34 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/08/20 12:58:29 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/08/20 12:58:29 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/08/17 12:41:00 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011/04/08 01:40:53 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2009/10/25 22:38:22 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009/07/29 00:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/08 20:03:02 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003/09/23 07:14:42 | 001,099,264 | ---- | C] () -- C:\Windows\SysWow64\cygxml2-2.dll
[2003/08/10 09:59:20 | 000,980,992 | ---- | C] () -- C:\Windows\SysWow64\cygiconv-2.dll
[2003/08/08 19:28:16 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\cygz.dll
< End of report >
Hi SofaKingBad,
Let's give this a try and see if it clears it up for you. You are presently running Internet Explorer 8. The most recent version is Internet Explorer 9. You can update that here (http://windows.microsoft.com/en-US/internet-explorer/products/ie/home).
-----------
Run OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:Services
:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/tempcleaner/{59847B84-AB2A-4526-ACFA-958E2084E6E6}
[2011/12/08 19:24:06 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{E4AD1951-9DE8-4FCF-BC5D-15B79B30F9E6}
[2011/12/08 19:23:48 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{9BF9B1EE-63C1-412E-9A5F-4704A72A8595}
[2011/12/07 23:18:25 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B4D998E6-FB5E-48CB-8B1B-5DB02383B8AF}
[2011/12/07 23:18:04 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{786C09C6-9ADA-461E-A3B1-87A98AB8F287}
[2011/12/07 21:33:09 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{2AC83BC6-A1CF-4A9D-A2F1-EF3D49061779}
[2011/12/06 16:03:38 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{87E6DEE0-5A66-4B6C-A1E7-0C6FDB00DBC3}
[2011/12/06 16:03:20 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{792668E5-37B8-4311-962C-24E5D4AB14CE}
[2011/12/06 09:21:46 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{DF57A85F-B3DA-4220-B388-AE340E1205EB}
[2011/12/05 18:19:08 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{49D240CA-E2C0-49AB-B07F-BB1549D133CF}
[2011/12/05 18:02:29 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{EB39040D-AD7A-4651-A7A9-6CA6F0E5C331}
[2011/12/05 12:23:35 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{96920B75-9D35-456F-8D47-FC8F967856E7}
[2011/12/05 10:35:39 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{1DC7C932-1CE6-4C02-AE29-963D581445BA}
[2011/12/05 09:15:19 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{9F3A1D8B-5F12-4EA2-AFE6-3E04748E3839}
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
SofaKingBad
2011-12-11, 23:00
Okay, I ran the custom fix, and this is the log that was produced after the scan.
OTL logfile created on: 12/11/2011 3:16:12 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Brian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.91 Gb Total Physical Memory | 1.98 Gb Available Physical Memory | 50.71% Memory free
7.83 Gb Paging File | 5.52 Gb Available in Paging File | 70.58% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186.30 Gb Total Space | 96.90 Gb Free Space | 52.01% Space Free | Partition Type: NTFS
Drive D: | 254.45 Gb Total Space | 254.24 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Computer Name: BRIAN-PC | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Brian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
PRC - C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6f2de1cb69aef1946760a70f355a3075\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\dd2070ee8e6e28ac8dc658404c50ebde\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll ()
MOD - C:\Program Files (x86)\HP\ToolboxFX\bin\NativeUtils.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
========== Win32 Services (SafeList) ==========
SRV:[b]64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (HP LaserJet Service) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011/11/22 17:21:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/10 02:25:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011/08/17 13:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Extensions
[2011/12/07 23:28:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\67ki3v3h.default\extensions
[2011/09/27 15:28:02 | 000,002,380 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\67ki3v3h.default\searchplugins\search.xml
[2011/12/08 19:27:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/22 17:21:02 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4
() (No name found) -- C:\USERS\BRIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\67KI3V3H.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BRIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\67KI3V3H.DEFAULT\EXTENSIONS\{DD3D7613-0246-469D-BC65-2A3CC1668ADC}.XPI
[2011/11/10 02:25:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/10 02:25:06 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/10 02:25:06 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2011/12/05 18:05:39 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP LaserJet Professional CM1410 Series Fax] C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - Startup: C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC}: DhcpNameServer = 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C7938AB-0FC6-4F8A-BCB9-4DEA9E577787}: DhcpNameServer = 10.1.0.5 10.1.0.84
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - AppInit_DLLs: (c:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) -c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/11 15:07:53 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{BDE8303D-4816-49FB-9A53-94D5D64816D0}
[2011/12/11 15:07:35 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{13F92F8B-CD59-40E7-8939-0ABA7DA10567}
[2011/12/07 23:17:08 | 000,627,600 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2011/12/07 23:17:08 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2011/12/07 23:17:08 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2011/12/07 23:17:08 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2011/12/07 23:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/12/07 23:13:32 | 000,000,000 | ---D | C] -- C:\Users\Brian\Desktop\Java
[2011/12/05 23:32:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/12/05 18:04:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/05 18:03:19 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/12/05 17:59:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/12/05 17:59:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011/12/05 09:10:34 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/12/05 01:49:14 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTL.exe
[2011/12/03 23:08:05 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Brian\Desktop\aswMBR.exe
[2011/11/27 14:38:04 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Brian\Desktop\dds.scr
[2011/11/22 18:52:30 | 000,000,000 | ---D | C] -- C:\Users\Brian\Documents\PSP Games
[2011/11/22 18:19:03 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Google
[2011/11/22 17:21:59 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\AVG2012
[2011/11/22 17:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2011/11/22 17:20:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2011/11/22 17:20:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011/11/22 17:20:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2011/11/22 17:19:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2011/11/22 17:14:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/11/22 17:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/11/17 16:15:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/11/16 23:44:34 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\WinPatrol
[2011/11/16 23:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2011/11/16 23:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2011/11/16 23:44:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BillP Studios
[2011/11/12 16:37:47 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/11/11 17:36:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems
[2011/11/11 17:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco Systems
========== Files - Modified Within 30 Days ==========
[2011/12/11 15:13:52 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/12/11 15:13:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/11 15:13:21 | 3151,900,672 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/11 15:12:38 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/11 15:12:38 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/11 15:11:47 | 111,839,177 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/12/10 14:39:35 | 000,741,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/10 14:39:35 | 000,639,872 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/10 14:39:35 | 000,114,364 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/09 18:21:51 | 000,065,425 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2011/12/07 23:17:01 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2011/12/07 23:17:01 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2011/12/07 23:17:01 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2011/12/07 23:17:01 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2011/12/05 19:13:09 | 000,553,414 | ---- | M] () -- C:\Users\Brian\Documents\IMG_05122011_191046.png
[2011/12/05 18:05:39 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/12/05 18:03:04 | 000,002,176 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/12/05 17:59:13 | 000,001,106 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/12/05 17:59:03 | 000,000,907 | ---- | M] () -- C:\Users\Brian\Desktop\ERUNT.lnk
[2011/12/05 01:49:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTL.exe
[2011/12/03 23:18:42 | 000,000,512 | ---- | M] () -- C:\Users\Brian\Desktop\MBR.dat
[2011/12/03 23:08:06 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Brian\Desktop\aswMBR.exe
[2011/11/28 23:22:19 | 001,387,080 | ---- | M] () -- C:\Users\Brian\Documents\11282011454.JPG
[2011/11/27 14:38:07 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Brian\Desktop\dds.scr
[2011/11/22 18:51:57 | 000,001,229 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/11/22 17:21:03 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/11/22 17:20:58 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2011/11/22 17:20:58 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/11/20 13:16:46 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/11/20 13:16:46 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/11/17 16:15:19 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
========== Files Created - No Company Name ==========
[2011/12/11 15:11:47 | 111,839,177 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/12/09 18:21:51 | 000,065,425 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2011/12/05 19:10:57 | 000,553,414 | ---- | C] () -- C:\Users\Brian\Documents\IMG_05122011_191046.png
[2011/12/05 17:59:13 | 000,001,106 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/12/05 17:59:03 | 000,000,907 | ---- | C] () -- C:\Users\Brian\Desktop\ERUNT.lnk
[2011/12/03 23:18:42 | 000,000,512 | ---- | C] () -- C:\Users\Brian\Desktop\MBR.dat
[2011/11/28 23:21:50 | 001,387,080 | ---- | C] () -- C:\Users\Brian\Documents\11282011454.JPG
[2011/11/22 17:21:03 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/11/22 17:20:58 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2011/11/22 17:20:58 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/11/12 16:39:58 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/11/11 17:36:42 | 000,002,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Connect.lnk
[2011/10/22 16:41:39 | 000,000,034 | -H-- | C] () -- C:\Windows\SysWow64\Converter_sysquict.dat
[2011/10/22 16:41:20 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/10/22 16:41:18 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2011/10/22 16:41:18 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/10/22 16:41:18 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/10/22 16:41:18 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/10/21 17:27:54 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/10/21 17:27:54 | 000,217,536 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/10/21 17:22:54 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/10/21 17:03:04 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/09/05 23:55:34 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/08/20 12:58:29 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/08/20 12:58:29 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/08/17 12:41:00 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011/04/08 01:40:53 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2009/10/25 22:38:22 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009/07/29 00:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/08 20:03:02 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003/09/23 07:14:42 | 001,099,264 | ---- | C] () -- C:\Windows\SysWow64\cygxml2-2.dll
[2003/08/10 09:59:20 | 000,980,992 | ---- | C] () -- C:\Windows\SysWow64\cygiconv-2.dll
[2003/08/08 19:28:16 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\cygz.dll
< End of report >
Hi SofaKingBad,
I noticed that you still have Internet Explorer 8? Have you updated to IE9 yet?
How is everything running? Is MSN better?
SofaKingBad
2011-12-12, 00:26
Oh, I assumed that since I was using Firefox 8.0, I wouldn't need to upgrade IE8 to IE9. Should I do so anyways?
Hi,
Please yes do so. :) Internet Explorer is the browser that Windows is updated through. We certainly don't want an insecure browser downloading the updates for our operating system.
Are there still problems with MSN?
SofaKingBad
2011-12-14, 02:21
Okay, I updated my IE to IE9, but MSN still doesn't run. Anything to do at this point?
Hi SofaKingBad,
I don't see any malware on your system that is jumping out at me. Are you having any other issues with your computer other than MSN? I am going to keep looking around at what I can find. I will be back as quick as I can.
SofaKingBad
2011-12-15, 08:42
Hey Jeff,
My MSN still refuses to run. However, I can login using the online messenger on Hotmail, so it's not my account that has this problem. I even reinstalled MSN today, and the same issue persists. If you could look into this, please do. Thanks. =]
Hi,
Ok...so I know what to look for describe to me exactly what is going on with your MSN. How is the rest of your system behaving? Are you having any other problems?
SofaKingBad
2011-12-16, 01:28
The rest of my machine runs smoothly, without problems. It's only MSN, which is really strange. I open it, and it takes about... 2 minutes to get to the contacts list. MSN refuses to load up, like this...
8965
And when it finally does load, I click on a contact, and it takes another 2 minutes or so to open it up. And when the screen finally shows up, it shows up at "Not Responding".
8966
It takes another minute or so to actually work, and even then, really slowly. I've had to resort to Skype these past weeks. I really don't know what I can do now. =[
Sorry about the delay in response. I am getting with some colleagues about your problem with MSN.
Hi,
I am sorry about the delay in response. Have you tried to access MSN from another profile that is on this system by chance? If there is another profile see if that one is having the same problem and let me know. :)
SofaKingBad
2011-12-22, 00:57
Yeah, the same thing happens with my old MSN account. I'm pretty sure it's just my computer, since I can log in on other computers just fine.
Hi SofaKingBad,
Please run a new scan with OTL so I can take a look at a couple entries that may have changed since updating Internet Explorer. :)
SofaKingBad
2011-12-23, 02:34
Okay, I ran OTL and this is the log it produced. However, today when turning on the computer, I noticed something strange with my Start button. It gave me this looking screen.
9002
Something seems wrong. Anyways, here is log.
OTL logfile created on: 12/22/2011 7:29:55 PM - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Brian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.91 Gb Total Physical Memory | 1.70 Gb Available Physical Memory | 43.49% Memory free
7.83 Gb Paging File | 5.13 Gb Available in Paging File | 65.54% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186.30 Gb Total Space | 94.00 Gb Free Space | 50.46% Space Free | Partition Type: NTFS
Drive D: | 254.45 Gb Total Space | 254.24 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Computer Name: BRIAN-PC | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Brian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
PRC - C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6f2de1cb69aef1946760a70f355a3075\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\dd2070ee8e6e28ac8dc658404c50ebde\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll ()
MOD - C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax ()
MOD - C:\Program Files (x86)\HP\ToolboxFX\bin\NativeUtils.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\Nuance\PDF Reader\bin\Plug-Ins\banner.zxt ()
MOD - C:\Program Files (x86)\Nuance\PDF Reader\bin\Plug-Ins\ZeonForm.zxt ()
MOD - C:\Program Files (x86)\Nuance\PDF Reader\bin\Plug-Ins\annot.zxt ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Nuance\PDF Reader\bin\Plug-Ins\ZDigSig.zxt ()
MOD - C:\Program Files (x86)\Nuance\PDF Reader\bin\Plug-Ins\PPKLite.zxt ()
========== Win32 Services (SafeList) ==========
SRV:[b]64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (HP LaserJet Service) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011/12/22 19:26:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/10 02:25:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011/08/17 13:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Extensions
[2011/12/15 01:33:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\67ki3v3h.default\extensions
[2011/09/27 15:28:02 | 000,002,380 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\67ki3v3h.default\searchplugins\search.xml
[2011/12/08 19:27:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/12/22 19:26:30 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4
() (No name found) -- C:\USERS\BRIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\67KI3V3H.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BRIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\67KI3V3H.DEFAULT\EXTENSIONS\{DD3D7613-0246-469D-BC65-2A3CC1668ADC}.XPI
[2011/11/10 02:25:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/10 02:25:06 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/10 02:25:06 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2011/12/05 18:05:39 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP LaserJet Professional CM1410 Series Fax] C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - Startup: C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26B50FD2-3950-420F-B692-426EC88221BC}: DhcpNameServer = 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C7938AB-0FC6-4F8A-BCB9-4DEA9E577787}: DhcpNameServer = 10.1.0.5 10.1.0.84
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - AppInit_DLLs: (c:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) -c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/22 19:26:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/12/21 17:56:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{45DE643C-E5F2-4A48-B1F2-7FFBA92CCAFE}
[2011/12/21 17:55:53 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{9DBD3CD9-71DA-4F5C-A86A-6B3E5FABE469}
[2011/12/20 18:34:01 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{63DF127E-6A0E-4D3B-8A22-42B248E123FC}
[2011/12/20 18:33:43 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{C43DA9A4-C220-442C-89F1-FB55C443B001}
[2011/12/19 20:02:07 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{889FDBF6-4DB0-462B-A165-C69029E2504A}
[2011/12/19 20:01:37 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{75218A6A-09D8-481D-8BAE-D4745812C5D5}
[2011/12/19 09:10:25 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{DEA829C9-8915-40A9-BCBB-04A26BC6FA84}
[2011/12/16 22:26:21 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{F28AAA8B-DF60-44EE-9AC9-035460D6B562}
[2011/12/16 22:26:04 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{B35D3CED-E075-472C-A5EE-E9DFC12C1274}
[2011/12/16 00:58:27 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2011/12/15 17:53:46 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{4C84BBF6-02D6-41BC-89DC-72C0B2099A6F}
[2011/12/15 17:53:13 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{7C837B11-472F-4429-A8B3-4B5231FC1433}
[2011/12/14 17:54:14 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{C1A65353-E218-4B18-9AB8-70833CC823F6}
[2011/12/14 17:53:56 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{69BC3DD6-603E-4146-8250-F1648ADAE00A}
[2011/12/14 17:49:09 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/12/14 17:49:08 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2011/12/14 17:48:58 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/12/14 17:48:51 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/12/13 18:56:58 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/12/13 18:56:58 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/13 18:56:58 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/13 18:56:58 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/12/13 18:56:58 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/12/13 18:56:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/13 18:56:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/13 18:56:58 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/12/13 18:56:58 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/12/13 18:56:58 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/12/13 18:56:58 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/12/13 18:56:58 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/12/13 18:56:58 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/12/13 18:56:58 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/12/13 18:56:58 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/12/13 18:56:58 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/12/13 18:56:58 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/12/13 18:56:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/12/13 18:56:58 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/12/13 18:56:58 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/12/13 18:56:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/12/13 18:56:58 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/12/13 18:56:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/12/13 18:56:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/12/13 18:56:57 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/12/13 18:56:57 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/13 18:56:57 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/13 18:56:57 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/12/13 18:56:57 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/12/13 18:56:57 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/12/13 18:56:57 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/12/13 18:56:57 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/12/13 18:56:57 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/13 18:56:57 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/13 18:56:57 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/12/13 18:56:57 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/12/13 18:56:57 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/12/13 18:56:57 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/12/13 18:56:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/12/13 18:56:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/12/13 18:56:57 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/12/13 18:56:57 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/12/13 18:56:57 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/12/13 18:56:57 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/12/13 18:56:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/12/13 18:56:57 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/12/13 18:56:57 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/12/13 18:56:57 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/12/13 18:56:57 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/12/13 18:56:57 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/12/13 18:56:57 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/12/13 18:56:57 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/12/13 18:56:57 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/12/13 18:56:57 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/12/13 18:56:57 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/12/13 18:56:57 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/12/13 18:56:57 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/13 18:56:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011/12/13 18:56:57 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/12/13 18:56:57 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/12/13 18:56:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/12/13 18:56:57 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/12/13 18:56:57 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/12/13 18:56:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/12/13 18:56:56 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/13 18:56:56 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/13 18:56:56 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/12/13 18:56:56 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/12/13 18:56:56 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/12/13 18:56:56 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/12/13 18:56:56 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/13 18:56:56 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/12/13 18:42:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/13 18:42:27 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/13 18:42:27 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/13 18:33:24 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{47EF6C63-9621-41E0-8D57-51FA5AF6B377}
[2011/12/13 18:33:06 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{711714F6-86F9-4D77-9C1D-A2C615AE4AE7}
[2011/12/11 15:07:53 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{BDE8303D-4816-49FB-9A53-94D5D64816D0}
[2011/12/11 15:07:35 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\{13F92F8B-CD59-40E7-8939-0ABA7DA10567}
[2011/12/07 23:17:08 | 000,627,600 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2011/12/07 23:17:08 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2011/12/07 23:17:08 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2011/12/07 23:17:08 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2011/12/07 23:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/12/07 23:13:32 | 000,000,000 | ---D | C] -- C:\Users\Brian\Desktop\Java
[2011/12/05 23:32:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/12/05 18:04:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/05 18:03:19 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/12/05 17:59:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011/12/05 17:59:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011/12/05 09:10:34 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/12/05 01:49:14 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTL.exe
[2011/12/03 23:08:05 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Brian\Desktop\aswMBR.exe
[2011/11/27 14:38:04 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Brian\Desktop\dds.scr
========== Files - Modified Within 30 Days ==========
[2011/12/22 19:31:20 | 000,213,915 | ---- | M] () -- C:\Users\Brian\Desktop\1.png
[2011/12/22 19:26:31 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/12/22 19:23:41 | 084,969,900 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/12/22 19:23:15 | 000,128,835 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2011/12/22 19:22:59 | 000,741,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/22 19:22:59 | 000,639,872 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/22 19:22:59 | 000,114,364 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/22 19:20:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/21 17:56:44 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/21 17:56:44 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/21 17:49:10 | 3151,900,672 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/20 23:26:12 | 000,000,081 | ---- | M] () -- C:\Users\Brian\Documents\PW.rar
[2011/12/19 09:09:46 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/12/13 19:13:47 | 000,001,439 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/13 19:12:37 | 000,285,208 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/13 18:56:58 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/12/13 18:56:58 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/13 18:56:58 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/13 18:56:58 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/12/13 18:56:58 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/12/13 18:56:58 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/13 18:56:58 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/13 18:56:58 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/12/13 18:56:58 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/12/13 18:56:58 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/12/13 18:56:58 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/12/13 18:56:58 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/12/13 18:56:58 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/12/13 18:56:58 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/12/13 18:56:58 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/12/13 18:56:58 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/12/13 18:56:58 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/12/13 18:56:58 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/12/13 18:56:58 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/13 18:56:58 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/12/13 18:56:58 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/12/13 18:56:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/12/13 18:56:58 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/12/13 18:56:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/12/13 18:56:58 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/12/13 18:56:57 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/12/13 18:56:57 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/13 18:56:57 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/13 18:56:57 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/12/13 18:56:57 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/12/13 18:56:57 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/12/13 18:56:57 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/12/13 18:56:57 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/12/13 18:56:57 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/13 18:56:57 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/13 18:56:57 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/12/13 18:56:57 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/12/13 18:56:57 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/12/13 18:56:57 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/12/13 18:56:57 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/12/13 18:56:57 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/12/13 18:56:57 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/12/13 18:56:57 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/12/13 18:56:57 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/12/13 18:56:57 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/12/13 18:56:57 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/12/13 18:56:57 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/12/13 18:56:57 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/12/13 18:56:57 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/12/13 18:56:57 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/12/13 18:56:57 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/12/13 18:56:57 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/12/13 18:56:57 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/12/13 18:56:57 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/12/13 18:56:57 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/12/13 18:56:57 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/12/13 18:56:57 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/12/13 18:56:57 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/13 18:56:57 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/13 18:56:57 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011/12/13 18:56:57 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/12/13 18:56:57 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/12/13 18:56:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/12/13 18:56:57 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/12/13 18:56:57 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/12/13 18:56:57 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/12/13 18:56:56 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/13 18:56:56 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/13 18:56:56 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/12/13 18:56:56 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/12/13 18:56:56 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/12/13 18:56:56 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/12/13 18:56:56 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/13 18:56:56 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/12/07 23:17:01 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2011/12/07 23:17:01 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2011/12/07 23:17:01 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2011/12/07 23:17:01 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2011/12/05 19:13:09 | 000,553,414 | ---- | M] () -- C:\Users\Brian\Documents\IMG_05122011_191046.png
[2011/12/05 18:05:39 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/12/05 18:03:04 | 000,002,176 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/12/05 17:59:13 | 000,001,106 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/12/05 17:59:03 | 000,000,907 | ---- | M] () -- C:\Users\Brian\Desktop\ERUNT.lnk
[2011/12/05 01:49:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTL.exe
[2011/12/03 23:18:42 | 000,000,512 | ---- | M] () -- C:\Users\Brian\Desktop\MBR.dat
[2011/12/03 23:08:06 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Brian\Desktop\aswMBR.exe
[2011/11/28 23:22:19 | 001,387,080 | ---- | M] () -- C:\Users\Brian\Documents\11282011454.JPG
[2011/11/27 14:38:07 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Brian\Desktop\dds.scr
========== Files Created - No Company Name ==========
[2011/12/22 19:31:20 | 000,213,915 | ---- | C] () -- C:\Users\Brian\Desktop\1.png
[2011/12/20 23:26:12 | 000,000,081 | ---- | C] () -- C:\Users\Brian\Documents\PW.rar
[2011/12/14 17:50:29 | 000,001,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/12/14 17:50:02 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/12/13 19:13:47 | 000,001,411 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/12/13 19:13:44 | 000,001,445 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/12/13 19:13:44 | 000,001,439 | ---- | C] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/13 18:56:58 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/13 18:56:57 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/05 19:10:57 | 000,553,414 | ---- | C] () -- C:\Users\Brian\Documents\IMG_05122011_191046.png
[2011/12/05 17:59:13 | 000,001,106 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011/12/05 17:59:03 | 000,000,907 | ---- | C] () -- C:\Users\Brian\Desktop\ERUNT.lnk
[2011/12/03 23:18:42 | 000,000,512 | ---- | C] () -- C:\Users\Brian\Desktop\MBR.dat
[2011/11/28 23:21:50 | 001,387,080 | ---- | C] () -- C:\Users\Brian\Documents\11282011454.JPG
[2011/10/22 16:41:39 | 000,000,034 | -H-- | C] () -- C:\Windows\SysWow64\Converter_sysquict.dat
[2011/10/22 16:41:20 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/10/22 16:41:18 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2011/10/22 16:41:18 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/10/22 16:41:18 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/10/22 16:41:18 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/10/21 17:27:54 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/10/21 17:27:54 | 000,217,536 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/10/21 17:22:54 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/10/21 17:03:04 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/09/05 23:55:34 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/08/20 12:58:29 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/08/20 12:58:29 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/08/17 12:41:00 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011/04/08 01:40:53 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2009/10/25 22:38:22 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009/07/29 00:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/08 20:03:02 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2003/09/23 07:14:42 | 001,099,264 | ---- | C] () -- C:\Windows\SysWow64\cygxml2-2.dll
[2003/08/10 09:59:20 | 000,980,992 | ---- | C] () -- C:\Windows\SysWow64\cygiconv-2.dll
[2003/08/08 19:28:16 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\cygz.dll
< End of report >
Hi,
Do you have your Windows 7 CD or can you borrow one from a friend? If so, get it out as we may need this during the following steps:
Click on Start, type cmd in the Start Search bar.
Right click on Command Prompt at the top of the window and select Run as Administrator.
In the Command Prompt Window, type (or copy and paste) sfc /scannow and press Enter.
The scan may take some time, so be patient. Windows will repair any corrupted or missing files that it finds. If information from the installation CD is needed to repair the problem, you may be prompted to insert your Windows 7 CD.
Hi,
Do you still need help? :)
SofaKingBad
2011-12-27, 20:20
Sorry, I was on vacation for 3 days and forgot to tell you. I know for sure that my computer came with Windows 7 pre-installed; I only bought it in August. How would I get an installation CD?
Hi,
I hope you enjoyed your vacation. :)
---------
Go ahead and run sfc /scannow anyway. You may not need the disk at all.
SofaKingBad
2011-12-28, 22:50
Okay, I ran what you wanted me to, and got this screen.
9035
What should I do with it now?
Hi SofaKingBad,
Lets run chkdsk.
Please go to Start >> in Start Search bar type in CMD >> when it populates above right-click and run as administrator and this will open the command prompt. In the command prompt type chkdsk /r and press Enter. If you are asked to set it to start on the next reboot select Yes. Reboot your system.
Let me know what the results are.
SofaKingBad
2011-12-31, 20:09
I ran the scan and went out for a bit, and when I came back my computer was already at the login screen. Does that mean there's nothing wrong with it, or do I have to monitor the scan as well?
Hi,
Happy New Year!
Please download HD Tune (http://www.hdtune.com/download.html) (the free version not the trial), run an error scan on your primary harddrive (full not quick) and report back if any blocks aren't green. It tests your hard drive for bad sectors.
Let me know if there are any bad sectors or if you can take a screen shot of the scan when it was finished.
SofaKingBad
2012-01-02, 01:11
Nope, there are no red (damaged) blocks. It's all good.
9055
Hi SofaKingBad,
I hope your New Years was nice. :)
------------
Run OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:Services
:OTL
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary...r.cab56986.cab (Checkers Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary...t.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary...r.cab56986.cab (Minesweeper Flags Class)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done
Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
SofaKingBad
2012-01-02, 22:33
And yours too! =]
Okay, the fix ran successfully, and this is what came of it.
All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
Starting removal of ActiveX control {20A60F0D-9AFA-4515-A0FD-83BD84642501}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{20A60F0D-9AFA-4515-A0FD-83BD84642501}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{20A60F0D-9AFA-4515-A0FD-83BD84642501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20A60F0D-9AFA-4515-A0FD-83BD84642501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{20A60F0D-9AFA-4515-A0FD-83BD84642501}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20A60F0D-9AFA-4515-A0FD-83BD84642501}\ not found.
Starting removal of ActiveX control {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}\ not found.
Starting removal of ActiveX control {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Brian\Desktop\cmd.bat deleted successfully.
C:\Users\Brian\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Brian
->Temp folder emptied: 18612960 bytes
->Temporary Internet Files folder emptied: 10688354 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 1077265517 bytes
->Flash cache emptied: 1394707 bytes
User: Default
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 21232 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 1425731 bytes
Total Files Cleaned = 1,058.00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 01022012_152407
Files\Folders moved on Reboot...
C:\Users\Brian\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
Are you still having problems with your MSN?
SofaKingBad
2012-01-03, 06:25
Sadly. I'm getting the same screen as we started with. Is it possible that it's not my computer's problem, but with Windows Live Messenger?
Hi SofaKingBad,
As MSN seems to be the only problem and I don't see any malware issues in your logs you might be better served by posting a new topic here (http://forums.whatthetech.com/index.php?showforum=119). You will need to register, it's free, and start a new topic. Please be sure to post the link to the topic here so that they can what we have done.
The tech there are very knowledgeable and will be better able to help you with this problem than I am. You will be in exceptional hands there. :)
I will leave this topic open until you finish there. When you are done there come back and we will clean up our tools and I will give you some good computer security information.
Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.
If you are the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
----------