Jump to content

Argent

Members
  • Content Count

    13
  • Joined

  • Last visited

About Argent

  • Rank
    Member
  1. I deleted the 1st one with all of those empty folders. Every one of those was a virus that Avira or Anti-Malware cleared up, they just left the directories. As to the other, I can see it normally, but it does not show up when I use the list from the Virus Total site. Oh, also your Exterminate ran a full scan last night with 0 threats detected if that helps as well.
  2. Unless you see something in that wall of text I just added to our conversation I think you can close this out. I got exterminate to work finally, with 0 hits on the quick scan even. I was able to play a custom League of Legends game with normal fps. Still the same old crappy lag, but that is well documented from Riot. (Think you could fix them? That would be awesome because I miss playing League). After the laggy League game I moved to Counter-Strike and that worked like a champ. Thanks Juliet! +10000 cool points have been added to your account.
  3. I was talking about the dllhost.exe taking up all that memory, but I also read that this process could be memory intensive but that is crazy intensive especially since my computer was not doing anything. Anyway here is the print out from the latest utility: ComboFix 13-12-10.01 - Mike 12/10/2013 12:36:07.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4095.1892 [GMT -8:00] Running from: c:usersMikeDesktopComboFix.exe AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:programdata820117h0i710d867s425c6gdk4b1 c:programdataism_0_llatsni.pad c:programdataMicrosoftWindowsDRM7BDD.tmp c:programdataMicrosoftWindowsDRM7C1F.tmp c:usersMikeAppDataRoaminginst.exe c:windowsmsvcr71.dll . . ((((((((((((((((((((((((( Files Created from 2013-11-10 to 2013-12-10 ))))))))))))))))))))))))))))))) . . 2013-12-10 21:02 . 2013-12-10 21:02 69000 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{D9B3EE00-62EF-4FBD-8803-FA2C864857E1}offreg.dll 2013-12-10 21:00 . 2013-12-10 21:00 -------- d-----w- c:usersDefaultAppDataLocaltemp 2013-12-10 01:33 . 2013-12-10 01:33 -------- d-----w- c:windowsERUNT 2013-12-10 01:16 . 2013-12-10 01:20 -------- d-----w- C:AdwCleaner 2013-12-09 00:00 . 2013-09-20 18:49 21040 ----a-w- c:windowssystem32sdnclean64.exe 2013-12-08 23:59 . 2013-12-09 00:03 -------- d-----w- c:program files (x86)Spybot - Search & Destroy 2 2013-12-08 05:14 . 2013-12-08 05:14 -------- d-----w- c:windowsMigration 2013-12-02 03:08 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingOspiqud 2013-12-02 03:06 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingIvbiam 2013-12-02 03:05 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingYqguir 2013-12-02 03:05 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingAlfifeo 2013-12-02 03:03 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingMoseupu 2013-12-02 03:03 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingQaleuqc 2013-12-02 03:02 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingHiorofeh 2013-12-02 03:00 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingFaveoswi 2013-12-02 02:59 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingFelooni 2013-12-02 02:59 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingKaqeca 2013-12-02 02:58 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingXemyihl 2013-12-02 02:57 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingIkdiym 2013-12-02 02:56 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingEpabazz 2013-12-02 02:55 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingOmubkiy 2013-12-02 02:54 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingHigucu 2013-12-02 02:54 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingDeavgiq 2013-12-02 02:53 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingZipaxi 2013-12-02 02:51 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingReukyh 2013-12-02 02:51 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingRisiowvy 2013-12-02 02:50 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingNihepio 2013-12-02 02:49 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingOnabwe 2013-12-02 02:48 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingZyveixv 2013-12-02 02:47 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingCavyakk 2013-12-02 02:46 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingZeymozef 2013-12-02 02:45 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingIhozibo 2013-12-02 02:44 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingAgkyuv 2013-12-02 02:43 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingKapiaff 2013-12-02 02:42 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingGaihge 2013-12-02 02:41 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingLucyoca 2013-12-02 02:41 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingXeqeel 2013-12-02 02:40 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingEgfezaca 2013-12-02 02:39 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingOrowgys 2013-12-02 02:38 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingEnhaug 2013-12-02 02:37 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingYtyqylez 2013-12-02 02:36 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingLoiropq 2013-12-02 02:35 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingIlmyygqo 2013-12-02 02:34 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingXozedaf 2013-12-02 02:33 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingTegyel 2013-12-02 02:32 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingOgxizy 2013-12-02 02:31 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingOmkihet 2013-12-02 02:31 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingAwehga 2013-12-02 02:30 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingAsqaoheq 2013-12-02 02:29 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingNenyupax 2013-12-02 02:28 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingUgpyur 2013-12-02 02:27 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingWeohmih 2013-12-02 02:26 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingDanousis 2013-12-02 02:25 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingYcosahy 2013-12-02 02:24 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingUbfoifg 2013-12-02 02:23 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingArkaysxy 2013-12-02 02:22 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingEksucyto 2013-12-02 02:21 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingRabuku 2013-12-02 02:20 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingHoreyv 2013-12-02 02:18 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingEdfouk 2013-12-02 02:17 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingEdyblo 2013-12-02 02:16 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingAwqatoly 2013-12-02 02:14 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingEgvaby 2013-12-02 02:13 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingVoykip 2013-12-02 02:12 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingHokeyszi 2013-12-02 02:11 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingCyxosyb 2013-12-02 02:10 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingNaupuxn 2013-12-02 02:09 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingYzwein 2013-12-02 02:08 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingIzfukae 2013-12-02 02:07 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingZulubu 2013-12-02 02:06 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingNekoeqb 2013-12-02 02:04 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingEtudqyo 2013-12-02 02:02 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingUcohcyse 2013-12-02 02:00 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingEczies 2013-12-02 01:59 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingSuegordu 2013-12-02 01:58 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingUcafarur 2013-12-02 01:57 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingElufypu 2013-12-02 01:56 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingHeukozn 2013-12-02 01:55 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingZoigerob 2013-12-02 01:54 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingAhbeix 2013-12-02 01:53 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingCuywzai 2013-12-02 01:52 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingHyleoc 2013-12-02 01:51 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingBiqycugo 2013-12-02 01:50 . 2013-12-05 00:17 -------- d-----w- c:usersMikeAppDataRoamingOhysdyax 2013-12-02 01:50 . 2013-12-04 23:21 -------- d-----w- c:usersMikeAppDataRoamingWaqeevhy 2013-11-13 03:47 . 2013-10-05 20:25 1474048 ----a-w- c:windowssystem32crypt32.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-12-10 02:30 . 2011-12-24 14:38 45056 ----a-w- c:windowssystem32acovcnt.exe 2013-12-03 08:27 . 2013-06-09 03:49 107416 ----a-w- c:windowssystem32driversavgntflt.sys 2013-11-26 22:22 . 2013-06-09 03:51 83160 ----a-w- c:windowssystem32driversavnetflt.sys 2013-11-26 22:22 . 2013-06-09 03:49 28600 ----a-w- c:windowssystem32driversavkmgr.sys 2013-11-26 22:22 . 2013-06-09 03:49 132600 ----a-w- c:windowssystem32driversavipbb.sys 2013-11-20 03:21 . 2012-04-11 22:19 692616 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2013-11-20 03:21 . 2011-05-27 12:51 71048 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2013-11-08 00:00 . 2010-06-05 01:55 82896128 ----a-w- c:windowssystem32MRT.exe 2013-09-12 05:21 . 2013-09-12 05:21 863344 ----a-w- c:windowsSysWow64msvcr110_clr0400.dll 2013-09-12 05:21 . 2013-09-12 05:21 501872 ----a-w- c:windowsSysWow64msvcp110_clr0400.dll 2013-09-12 05:21 . 2013-09-12 05:21 28776 ----a-w- c:windowsSysWow64aspnet_counters.dll 2013-09-12 05:21 . 2013-09-12 05:21 18000 ----a-w- c:windowsSysWow64msvcr100_clr0400.dll 2013-09-12 03:39 . 2013-09-12 03:39 855664 ----a-w- c:windowssystem32msvcr110_clr0400.dll 2013-09-12 03:39 . 2013-09-12 03:39 614000 ----a-w- c:windowssystem32msvcp110_clr0400.dll 2013-09-12 03:39 . 2013-09-12 03:39 30312 ----a-w- c:windowssystem32aspnet_counters.dll 2013-09-12 03:39 . 2013-09-12 03:39 18000 ----a-w- c:windowssystem32msvcr100_clr0400.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "SDTray"="c:program files (x86)Spybot - Search & Destroy 2SDTray.exe" [2013-07-25 5624784] "avgnt"="c:program files (x86)AviraAntiVir Desktopavgnt.exe" [2013-11-26 683576] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolsession manager] BootExecute REG_MULTI_SZ autocheck autochk *00sdnclean64.exe . R1 MpKsle5a80500;MpKsle5a80500;c:windowssystem32MpEngineStoreMpKsle5a80500.sys;c:windowsSYSNATIVEMpEngineStoreMpKsle5a80500.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [x] R3 AmUStor;AM USB Stroage Driver;c:windowssystem32driversAmUStor.SYS;c:windowsSYSNATIVEdriversAmUStor.SYS [x] R3 Point64;Microsoft IntelliPoint Filter Driver;c:windowssystem32DRIVERSpoint64.sys;c:windowsSYSNATIVEDRIVERSpoint64.sys [x] R3 S3XXx64;SCR3xx USB SmartCardReader64;c:windowssystem32DRIVERSS3XXx64.sys;c:windowsSYSNATIVEDRIVERSS3XXx64.sys [x] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:windowssystem32DRIVERSSiSG664.sys;c:windowsSYSNATIVEDRIVERSSiSG664.sys [x] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys;c:windowsSYSNATIVEdriverstsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe;c:windowsSYSNATIVEWatWatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32DRIVERSwdcsam64.sys;c:windowsSYSNATIVEDRIVERSwdcsam64.sys [x] S0 sptd;sptd;c:windowsSystemRootSystem32Driverssptd.sys;c:windowsSystemRootSystem32Driverssptd.sys [x] S1 avkmgr;avkmgr;c:windowssystem32DRIVERSavkmgr.sys;c:windowsSYSNATIVEDRIVERSavkmgr.sys [x] S2 ac.sharedstore;ActivIdentity Shared Store Service;c:program filesCommon FilesActivIdentityac.sharedstore.exe;c:program filesCommon FilesActivIdentityac.sharedstore.exe [x] S2 AFBAgent;AFBAgent;c:windowssystem32FBAgent.exe;c:windowsSYSNATIVEFBAgent.exe [x] S2 AntiVirSchedulerService;Avira Scheduler;c:program files (x86)AviraAntiVir Desktopsched.exe;c:program files (x86)AviraAntiVir Desktopsched.exe [x] S2 ASMMAP64;ASMMAP64;c:program files (x86)ASUSATK PackageATKGFNEXASMMAP64.sys;c:program files (x86)ASUSATK PackageATKGFNEXASMMAP64.sys [x] S2 MBAMScheduler;MBAMScheduler;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe;c:program files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [x] S2 MBAMService;MBAMService;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe;c:program files (x86)Malwarebytes' Anti-Malwarembamservice.exe [x] S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:program files (x86)Spybot - Search & Destroy 2SDFSSvc.exe;c:program files (x86)Spybot - Search & Destroy 2SDFSSvc.exe [x] S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:program files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe;c:program files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe [x] S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:program files (x86)Spybot - Search & Destroy 2SDWSCSvc.exe;c:program files (x86)Spybot - Search & Destroy 2SDWSCSvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe;c:program files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [x] S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:windowssystem32DRIVERSdtsoftbus01.sys;c:windowsSYSNATIVEDRIVERSdtsoftbus01.sys [x] S3 ETD;ELAN PS/2 Port Input Device;c:windowssystem32DRIVERSETD.sys;c:windowsSYSNATIVEDRIVERSETD.sys [x] S3 MBAMProtector;MBAMProtector;c:windowssystem32driversmbam.sys;c:windowsSYSNATIVEdriversmbam.sys [x] S3 pcouffin;VSO Software pcouffin;c:windowssystem32Driverspcouffin.sys;c:windowsSYSNATIVEDriverspcouffin.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:windowssystem32DRIVERSRt64win7.sys;c:windowsSYSNATIVEDRIVERSRt64win7.sys [x] S3 SPUVCbv;SPUVCb Driver Service;c:windowssystem32DriversSPUVCbv_x64.sys;c:windowsSYSNATIVEDriversSPUVCbv_x64.sys [x] S3 WSDScan;WSD Scan Support via UMB;c:windowssystem32driversWSDScan.sys;c:windowsSYSNATIVEdriversWSDScan.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionsvchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftactive setupinstalled components{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-12-09 03:36 1210320 ----a-w- c:program files (x86)GoogleChromeApplication31.0.1650.63Installerchrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-12-10 c:windowsTasksAdobe Flash Player Updater.job - c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-04-11 03:22] . 2013-12-10 c:windowsTasksGoogleUpdateTaskMachineCore.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2012-03-10 20:18] . 2013-12-10 c:windowsTasksGoogleUpdateTaskMachineUA.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2012-03-10 20:18] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersAsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOTCLSID{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2009-11-26 05:49 70656 ----a-w- c:program files (x86)ASUSASUS WebStorageSERVICEAsusWSShellExt64.dll . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiersAsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOTCLSID{64174815-8D98-4CE6-8646-4C039977D808}] 2009-11-26 05:49 70656 ----a-w- c:program files (x86)ASUSASUS WebStorageSERVICEAsusWSShellExt64.dll . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm mLocal Page = c:windowsSysWOW64blank.htm TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Toolbar-{8660E5B3-6C41-44DE-8503-98D99BBECD41} - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) Notify-SDWinLogon - SDWinLogon.dll HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file) AddRemove-PunkBusterSvc - c:windowssystem32pbsvc.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERSS-1-5-21-345118570-2158966208-1483405875-1001SoftwareSecuROMLicense information*] "datasecu"=hex:20,dc,04,a1,f6,8f,0b,ae,bb,3e,a2,62,3b,18,67,6c,14,16,0b,31,9d, 86,b1,ca,d7,62,d7,c0,fb,48,a2,c4,3c,3c,f5,03,a0,8c,6f,1c,71,56,e5,6e,18,a3, "rkeysecu"=hex:5e,03,37,21,ff,fe,e7,6b,54,a9,2d,04,89,4c,c2,11 . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_9_900_152_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:Windowssystem32MacromedFlashFlashUtil64_11_9_900_152_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_9_900_152_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_9_900_152_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_9_900_152.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_9_900_152.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_9_900_152.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_9_900_152.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:program files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe c:program files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe c:program files (x86)AviraAntiVir Desktopavguard.exe c:windowsSysWOW64PnkBstrA.exe c:program files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exe c:program files (x86)Malwarebytes' Anti-Malwarembamgui.exe c:program files (x86)ASUSControlDeckControlDeckStartUp.exe c:program files (x86)ASUSSmartLogonsensorsrv.exe . ************************************************************************** . Completion time: 2013-12-10 15:44:13 - machine was rebooted ComboFix-quarantined-files.txt 2013-12-10 23:44 . Pre-Run: 24,285,749,248 bytes free Post-Run: 25,330,450,432 bytes free . - - End Of File - - E905DED186CCDDBCDA9A16E9681C0FFB 5C616939100B85E558DA92B899A0FC36
  4. Do you want that other file as well? Also here is a screenie of my task manager with the offender working....
  5. DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 10.0.9200.16736Run by Mike at 18:14:15 on 2013-12-09#Option Extended Search is enabled.Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4095.1287 [GMT -8:00].AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}.============== Running Processes ===============.C:Windowssystem32lsm.exeC:Windowssystem32svchost.exe -k DcomLaunchC:Windowssystem32nvvsvc.exeC:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exeC:Windowssystem32svchost.exe -k RPCSSC:WindowsSystem32svchost.exe -k LocalServiceNetworkRestrictedC:WindowsSystem32svchost.exe -k LocalSystemNetworkRestrictedC:Windowssystem32svchost.exe -k LocalServiceC:Windowssystem32svchost.exe -k netsvcsC:Windowssystem32svchost.exe -k NetworkServiceC:Windowssystem32FBAgent.exeC:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exeC:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exeC:WindowsSystem32spoolsv.exeC:Program FilesCommon FilesActivIdentityac.sharedstore.exeC:Program FilesNVIDIA CorporationDisplaynvxdsync.exeC:Windowssystem32nvvsvc.exeC:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonationC:Program FilesActivIdentityActivClientacevents.exeC:Program Files (x86)AviraAntiVir Desktopsched.exeC:Windowssystem32svchost.exe -k LocalServiceNoNetworkC:Program Files (x86)AviraAntiVir Desktopavguard.exeC:WindowsSysWOW64svchost.exe -k hpdevmgmtC:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exeC:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exeC:WindowsSystem32svchost.exe -k HPZ12C:WindowsSystem32svchost.exe -k HPZ12C:WindowsSysWOW64PnkBstrA.exeC:Windowssystem32svchost.exe -k NetworkServiceNetworkRestrictedC:Program Files (x86)Spybot - Search & Destroy 2SDFSSvc.exeC:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exeC:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXEC:Program Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exeC:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exeC:Program Files (x86)AviraAntiVir Desktopavshadow.exeC:Program FilesWindows Media Playerwmpnetwk.exeC:Windowssystem32SearchIndexer.exeC:Windowssystem32taskhost.exeC:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exeC:Windowssystem32Dwm.exeC:Program Files (x86)ASUSATK PackageATK HotkeyHControl.exeC:Program Files (x86)ASUSATK PackageATK HotkeyATKOSD.exeC:Program Files (x86)ASUSATK PackageATK HotkeyKBFiltr.exeC:Program Files (x86)ASUSATK PackageATK HotkeyWDC.exeC:Program Files (x86)Spybot - Search & Destroy 2SDTray.exeC:Program Files (x86)AviraAntiVir Desktopavgnt.exeC:Windowssystem32taskeng.exeC:Windowssystem32taskeng.exeC:Program Files (x86)ASUSWireless Console 3wcourier.exeC:Program Files (x86)ASUSControlDeckControlDeckStartUp.exeC:Program FilesP4GBatteryLife.exeC:Program Files (x86)ASUSSmartLogonsensorsrv.exeC:Program Files (x86)ASUSSplendidACMON.exeC:Windowssystem32wbemwmiprvse.exeC:WindowsSysWOW64ACEngSvr.exeC:WindowsSystem32svchost.exe -k LocalServicePeerNetC:WindowsSysWOW64ctfmon.exeC:WindowsAsScrPro.exeC:Program FilesRealtekAudioHDARAVCpl64.exeC:Windowssyswow64dllhost.exeC:Windowsexplorer.exeC:WindowsSysWOW64notepad.exeC:Program FilesInternet Exploreriexplore.exeC:Program Files (x86)Internet ExplorerIEXPLORE.EXEC:WindowsSystem32MsSpellCheckingFacility.exeC:WindowsSystem32cscript.exe.============== Pseudo HJT Report ===============.uSearch Bar = PreserveBHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_printenhancer.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dllBHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_bho.dllmRun: [sDTray] "C:Program Files (x86)Spybot - Search & Destroy 2SDTray.exe"mRun: [avgnt] "C:Program Files (x86)AviraAntiVir Desktopavgnt.exe" /minuPolicies-Explorer: NoDriveAutoRun = dword:0mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:Program Files (x86)Microsoft OfficeOffice12ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dllTCP: NameServer = 75.75.75.75 75.75.76.76TCP: Interfaces{42CFE61D-5418-4318-A93F-B000D9FEF8D0} : DHCPNameServer = 75.75.75.75 75.75.76.76TCP: Interfaces{533BB75E-6704-47D8-8A20-99F2C293DA07} : DHCPNameServer = 75.75.75.75 75.75.76.76TCP: Interfaces{533BB75E-6704-47D8-8A20-99F2C293DA07}14F6371696E64737869647 : DHCPNameServer = 192.168.2.1TCP: Interfaces{533BB75E-6704-47D8-8A20-99F2C293DA07}245502E4564777F627B6 : DHCPNameServer = 10.161.30.1TCP: Interfaces{533BB75E-6704-47D8-8A20-99F2C293DA07}34D434F57457563747F505F6274716C6 : DHCPNameServer = 208.67.222.222 208.67.220.220TCP: Interfaces{533BB75E-6704-47D8-8A20-99F2C293DA07}C496E6B637973754874756E64656273303533393 : DHCPNameServer = 192.168.1.1Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:Program Files (x86)Microsoft OfficeOffice12GrooveSystemServices.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dllNotify: SDWinLogon - SDWinLogon.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dllmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:Program Files (x86)GoogleChromeApplication31.0.1650.63Installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dllx64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R1 avkmgr;avkmgr;C:WindowsSystem32driversavkmgr.sys [2013-6-8 28600]R2 ac.sharedstore;ActivIdentity Shared Store Service;C:Program FilesCommon FilesActivIdentityac.sharedstore.exe [2009-6-3 277032]R2 AFBAgent;AFBAgent;C:WindowsSystem32FBAgent.exe [2010-5-6 359552]R2 AntiVirSchedulerService;Avira Scheduler;C:Program Files (x86)AviraAntiVir Desktopsched.exe [2013-6-8 440376]R2 AntiVirService;Avira Real-Time Protection;C:Program Files (x86)AviraAntiVir Desktopavguard.exe [2013-6-8 440376]R2 ASMMAP64;ASMMAP64;C:Program Files (x86)ASUSATK PackageATKGFNEXASMMAP64.sys [2009-7-2 15416]R2 avgntflt;avgntflt;C:WindowsSystem32driversavgntflt.sys [2013-6-8 107416]R2 MBAMScheduler;MBAMScheduler;C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [2013-7-7 418376]R2 MBAMService;MBAMService;C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2013-7-7 701512]R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:Program Files (x86)Spybot - Search & Destroy 2SDFSSvc.exe [2013-12-8 3921880]R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:Program Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe [2013-12-8 1042272]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [2011-10-15 381248]R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:WindowsSystem32driversdtsoftbus01.sys [2011-6-25 272448]R3 ETD;ELAN PS/2 Port Input Device;C:WindowsSystem32driversETD.sys [2009-10-15 117760]R3 MBAMProtector;MBAMProtector;C:WindowsSystem32driversmbam.sys [2013-7-7 25928]R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2010-6-23 344680]R3 SPUVCbv;SPUVCb Driver Service;C:WindowsSystem32driversSPUVCBv_x64.sys [2010-1-31 2495944]R3 WSDScan;WSD Scan Support via UMB;C:WindowsSystem32driversWSDScan.sys [2009-7-13 25088]S1 MpKsle5a80500;MpKsle5a80500;C:WindowsSystem32MpEngineStoreMpKsle5a80500.sys [2013-2-13 35664]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2013-9-11 105144]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2013-9-11 124088]S2 SDWSCService;Spybot-S&D 2 Security Center Service;C:Program Files (x86)Spybot - Search & Destroy 2SDWSCSvc.exe [2013-12-8 171416]S3 AmUStor;AM USB Stroage Driver;C:WindowsSystem32driversAmUStor.sys [2009-8-21 44032]S3 fssfltr;fssfltr;C:WindowsSystem32driversfssfltr.sys [2010-10-24 48488]S3 fsssvc;Windows Live Family Safety Service;C:Program Files (x86)Windows LiveFamily Safetyfsssvc.exe [2010-9-22 1493352]S3 S3XXx64;SCR3xx USB SmartCardReader64;C:WindowsSystem32driversS3XXx64.sys [2013-4-3 74752]S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:WindowsSystem32driversSiSG664.sys [2009-6-10 56832]S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2011-6-28 59392]S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2010-6-4 1255736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:WindowsSystem32driverswdcsam64.sys [2008-5-6 14464].=============== Created Last 60 ================.2013-12-10 01:33:40 -------- d-----w- C:WindowsERUNT2013-12-10 01:16:23 -------- d-----w- C:AdwCleaner2013-12-09 00:00:01 21040 ----a-w- C:WindowsSystem32sdnclean64.exe2013-12-08 23:59:51 -------- d-----w- C:Program Files (x86)Spybot - Search & Destroy 22013-12-08 05:14:19 -------- d-----w- C:WindowsMigration2013-12-02 03:08:17 -------- d-----w- C:UsersMikeAppDataRoamingOspiqud2013-12-02 03:06:37 -------- d-----w- C:UsersMikeAppDataRoamingIvbiam2013-12-02 03:05:42 -------- d-----w- C:UsersMikeAppDataRoamingYqguir2013-12-02 03:05:02 -------- d-----w- C:UsersMikeAppDataRoamingAlfifeo2013-12-02 03:03:55 -------- d-----w- C:UsersMikeAppDataRoamingMoseupu2013-12-02 03:03:18 -------- d-----w- C:UsersMikeAppDataRoamingQaleuqc2013-12-02 03:02:12 -------- d-----w- C:UsersMikeAppDataRoamingHiorofeh2013-12-02 03:00:42 -------- d-----w- C:UsersMikeAppDataRoamingFaveoswi2013-12-02 02:59:46 -------- d-----w- C:UsersMikeAppDataRoamingFelooni2013-12-02 02:59:08 -------- d-----w- C:UsersMikeAppDataRoamingKaqeca2013-12-02 02:58:15 -------- d-----w- C:UsersMikeAppDataRoamingXemyihl2013-12-02 02:57:16 -------- d-----w- C:UsersMikeAppDataRoamingIkdiym2013-12-02 02:56:23 -------- d-----w- C:UsersMikeAppDataRoamingEpabazz2013-12-02 02:55:46 -------- d-----w- C:UsersMikeAppDataRoamingOmubkiy2013-12-02 02:54:54 -------- d-----w- C:UsersMikeAppDataRoamingHigucu2013-12-02 02:54:16 -------- d-----w- C:UsersMikeAppDataRoamingDeavgiq2013-12-02 02:53:23 -------- d-----w- C:UsersMikeAppDataRoamingZipaxi2013-12-02 02:51:47 -------- d-----w- C:UsersMikeAppDataRoamingReukyh2013-12-02 02:51:07 -------- d-----w- C:UsersMikeAppDataRoamingRisiowvy2013-12-02 02:50:08 -------- d-----w- C:UsersMikeAppDataRoamingNihepio2013-12-02 02:49:25 -------- d-----w- C:UsersMikeAppDataRoamingOnabwe2013-12-02 02:48:08 -------- d-----w- C:UsersMikeAppDataRoamingZyveixv2013-12-02 02:47:30 -------- d-----w- C:UsersMikeAppDataRoamingCavyakk2013-12-02 02:46:28 -------- d-----w- C:UsersMikeAppDataRoamingZeymozef2013-12-02 02:45:39 -------- d-----w- C:UsersMikeAppDataRoamingIhozibo2013-12-02 02:44:24 -------- d-----w- C:UsersMikeAppDataRoamingAgkyuv2013-12-02 02:43:34 -------- d-----w- C:UsersMikeAppDataRoamingKapiaff2013-12-02 02:42:33 -------- d-----w- C:UsersMikeAppDataRoamingGaihge2013-12-02 02:41:53 -------- d-----w- C:UsersMikeAppDataRoamingLucyoca2013-12-02 02:41:02 -------- d-----w- C:UsersMikeAppDataRoamingXeqeel2013-12-02 02:40:15 -------- d-----w- C:UsersMikeAppDataRoamingEgfezaca2013-12-02 02:39:22 -------- d-----w- C:UsersMikeAppDataRoamingOrowgys2013-12-02 02:38:44 -------- d-----w- C:UsersMikeAppDataRoamingEnhaug2013-12-02 02:37:41 -------- d-----w- C:UsersMikeAppDataRoamingYtyqylez2013-12-02 02:36:52 -------- d-----w- C:UsersMikeAppDataRoamingLoiropq2013-12-02 02:35:39 -------- d-----w- C:UsersMikeAppDataRoamingIlmyygqo2013-12-02 02:34:37 -------- d-----w- C:UsersMikeAppDataRoamingXozedaf2013-12-02 02:33:19 -------- d-----w- C:UsersMikeAppDataRoamingTegyel2013-12-02 02:32:41 -------- d-----w- C:UsersMikeAppDataRoamingOgxizy2013-12-02 02:31:47 -------- d-----w- C:UsersMikeAppDataRoamingOmkihet2013-12-02 02:31:07 -------- d-----w- C:UsersMikeAppDataRoamingAwehga2013-12-02 02:30:14 -------- d-----w- C:UsersMikeAppDataRoamingAsqaoheq2013-12-02 02:29:22 -------- d-----w- C:UsersMikeAppDataRoamingNenyupax2013-12-02 02:28:26 -------- d-----w- C:UsersMikeAppDataRoamingUgpyur2013-12-02 02:27:43 -------- d-----w- C:UsersMikeAppDataRoamingWeohmih2013-12-02 02:26:04 -------- d-----w- C:UsersMikeAppDataRoamingDanousis2013-12-02 02:25:24 -------- d-----w- C:UsersMikeAppDataRoamingYcosahy2013-12-02 02:24:17 -------- d-----w- C:UsersMikeAppDataRoamingUbfoifg2013-12-02 02:23:32 -------- d-----w- C:UsersMikeAppDataRoamingArkaysxy2013-12-02 02:22:38 -------- d-----w- C:UsersMikeAppDataRoamingEksucyto2013-12-02 02:21:59 -------- d-----w- C:UsersMikeAppDataRoamingRabuku2013-12-02 02:20:46 -------- d-----w- C:UsersMikeAppDataRoamingHoreyv2013-12-02 02:18:33 -------- d-----w- C:UsersMikeAppDataRoamingEdfouk2013-12-02 02:17:07 -------- d-----w- C:UsersMikeAppDataRoamingEdyblo2013-12-02 02:16:14 -------- d-----w- C:UsersMikeAppDataRoamingAwqatoly2013-12-02 02:14:51 -------- d-----w- C:UsersMikeAppDataRoamingEgvaby2013-12-02 02:13:05 -------- d-----w- C:UsersMikeAppDataRoamingVoykip2013-12-02 02:12:03 -------- d-----w- C:UsersMikeAppDataRoamingHokeyszi2013-12-02 02:11:21 -------- d-----w- C:UsersMikeAppDataRoamingCyxosyb2013-12-02 02:10:03 -------- d-----w- C:UsersMikeAppDataRoamingNaupuxn2013-12-02 02:09:23 -------- d-----w- C:UsersMikeAppDataRoamingYzwein2013-12-02 02:08:26 -------- d-----w- C:UsersMikeAppDataRoamingIzfukae2013-12-02 02:07:27 -------- d-----w- C:UsersMikeAppDataRoamingZulubu2013-12-02 02:06:23 -------- d-----w- C:UsersMikeAppDataRoamingNekoeqb2013-12-02 02:04:27 -------- d-----w- C:UsersMikeAppDataRoamingEtudqyo2013-12-02 02:02:38 -------- d-----w- C:UsersMikeAppDataRoamingUcohcyse2013-12-02 02:00:59 -------- d-----w- C:UsersMikeAppDataRoamingEczies2013-12-02 01:59:47 -------- d-----w- C:UsersMikeAppDataRoamingSuegordu2013-12-02 01:58:54 -------- d-----w- C:UsersMikeAppDataRoamingUcafarur2013-12-02 01:57:08 -------- d-----w- C:UsersMikeAppDataRoamingElufypu2013-12-02 01:56:12 -------- d-----w- C:UsersMikeAppDataRoamingHeukozn2013-12-02 01:55:25 -------- d-----w- C:UsersMikeAppDataRoamingZoigerob2013-12-02 01:54:08 -------- d-----w- C:UsersMikeAppDataRoamingAhbeix2013-12-02 01:53:31 -------- d-----w- C:UsersMikeAppDataRoamingCuywzai2013-12-02 01:52:28 -------- d-----w- C:UsersMikeAppDataRoamingHyleoc2013-12-02 01:51:43 -------- d-----w- C:UsersMikeAppDataRoamingBiqycugo2013-12-02 01:50:43 -------- d-----w- C:UsersMikeAppDataRoamingOhysdyax2013-12-02 01:50:04 -------- d-----w- C:UsersMikeAppDataRoamingWaqeevhy2013-11-13 03:47:40 1474048 ----a-w- C:WindowsSystem32crypt32.dll2013-10-16 09:10:40 99840 ----a-w- C:WindowsSystem32driversusbccgp.sys2013-10-16 09:10:40 7808 ----a-w- C:WindowsSystem32driversusbd.sys2013-10-16 09:10:40 52736 ----a-w- C:WindowsSystem32driversusbehci.sys2013-10-16 09:10:40 343040 ----a-w- C:WindowsSystem32driversusbhub.sys2013-10-16 09:10:40 325120 ----a-w- C:WindowsSystem32driversusbport.sys2013-10-16 09:10:40 30720 ----a-w- C:WindowsSystem32driversusbuhci.sys2013-10-16 09:10:40 25600 ----a-w- C:WindowsSystem32driversusbohci.sys.==================== Find6M ====================.2013-12-10 01:06:14 45056 ----a-w- C:WindowsSystem32acovcnt.exe2013-12-03 08:27:13 107416 ----a-w- C:WindowsSystem32driversavgntflt.sys2013-11-26 22:22:59 83160 ----a-w- C:WindowsSystem32driversavnetflt.sys2013-11-26 22:22:59 28600 ----a-w- C:WindowsSystem32driversavkmgr.sys2013-11-20 03:21:59 71048 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl2013-11-20 03:21:59 692616 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe2013-10-12 08:45:20 2241536 ----a-w- C:WindowsSystem32wininet.dll2013-10-12 08:43:37 3959808 ----a-w- C:WindowsSystem32jscript9.dll2013-10-12 08:43:32 67072 ----a-w- C:WindowsSystem32iesetup.dll2013-10-12 08:43:32 136704 ----a-w- C:WindowsSystem32iesysprep.dll2013-10-12 07:03:50 1767936 ----a-w- C:WindowsSysWow64wininet.dll2013-10-12 07:02:33 2877952 ----a-w- C:WindowsSysWow64jscript9.dll2013-10-12 07:02:29 61440 ----a-w- C:WindowsSysWow64iesetup.dll2013-10-12 07:02:29 109056 ----a-w- C:WindowsSysWow64iesysprep.dll2013-10-12 06:35:26 2706432 ----a-w- C:WindowsSystem32mshtml.tlb2013-10-12 06:08:58 2706432 ----a-w- C:WindowsSysWow64mshtml.tlb2013-10-12 05:44:38 89600 ----a-w- C:WindowsSystem32RegisterIEPKEYs.exe2013-10-12 05:15:39 71680 ----a-w- C:WindowsSysWow64RegisterIEPKEYs.exe2013-10-12 02:30:42 830464 ----a-w- C:WindowsSystem32nshwfp.dll2013-10-12 02:29:21 859648 ----a-w- C:WindowsSystem32IKEEXT.DLL2013-10-12 02:29:08 324096 ----a-w- C:WindowsSystem32FWPUCLNT.DLL2013-10-12 02:03:08 656896 ----a-w- C:WindowsSysWow64nshwfp.dll2013-10-12 02:01:25 216576 ----a-w- C:WindowsSysWow64FWPUCLNT.DLL2013-10-05 19:57:25 1168384 ----a-w- C:WindowsSysWow64crypt32.dll2013-10-04 02:28:31 190464 ----a-w- C:WindowsSystem32SmartcardCredentialProvider.dll2013-10-04 02:25:17 197120 ----a-w- C:WindowsSystem32credui.dll2013-10-04 02:24:49 1930752 ----a-w- C:WindowsSystem32authui.dll2013-10-04 01:58:50 152576 ----a-w- C:WindowsSysWow64SmartcardCredentialProvider.dll2013-10-04 01:56:25 168960 ----a-w- C:WindowsSysWow64credui.dll2013-10-04 01:56:00 1796096 ----a-w- C:WindowsSysWow64authui.dll2013-10-03 02:23:48 404480 ----a-w- C:WindowsSystem32gdi32.dll2013-10-03 02:00:44 311808 ----a-w- C:WindowsSysWow64gdi32.dll2013-09-28 01:09:10 497152 ----a-w- C:WindowsSystem32driversafd.sys2013-09-25 02:26:40 95680 ----a-w- C:WindowsSystem32driversksecdd.sys2013-09-25 02:26:40 154560 ----a-w- C:WindowsSystem32driversksecpkg.sys2013-09-25 02:23:33 28672 ----a-w- C:WindowsSystem32sspisrv.dll2013-09-25 02:23:33 135680 ----a-w- C:WindowsSystem32sspicli.dll2013-09-25 02:23:01 28160 ----a-w- C:WindowsSystem32secur32.dll2013-09-25 02:22:59 340992 ----a-w- C:WindowsSystem32schannel.dll2013-09-25 02:21:50 307200 ----a-w- C:WindowsSystem32ncrypt.dll2013-09-25 02:21:07 1447936 ----a-w- C:WindowsSystem32lsasrv.dll2013-09-25 01:58:17 96768 ----a-w- C:WindowsSysWow64sspicli.dll2013-09-25 01:57:26 22016 ----a-w- C:WindowsSysWow64secur32.dll2013-09-25 01:57:24 247808 ----a-w- C:WindowsSysWow64schannel.dll2013-09-25 01:56:42 220160 ----a-w- C:WindowsSysWow64ncrypt.dll2013-09-25 01:03:24 30720 ----a-w- C:WindowsSystem32lsass.exe2013-09-12 05:21:54 863344 ----a-w- C:WindowsSysWow64msvcr110_clr0400.dll2013-09-12 05:21:54 501872 ----a-w- C:WindowsSysWow64msvcp110_clr0400.dll2013-09-12 05:21:54 28776 ----a-w- C:WindowsSysWow64aspnet_counters.dll2013-09-12 05:21:54 18000 ----a-w- C:WindowsSysWow64msvcr100_clr0400.dll2013-09-12 03:39:06 855664 ----a-w- C:WindowsSystem32msvcr110_clr0400.dll2013-09-12 03:39:06 614000 ----a-w- C:WindowsSystem32msvcp110_clr0400.dll2013-09-12 03:39:06 30312 ----a-w- C:WindowsSystem32aspnet_counters.dll2013-09-12 03:39:06 18000 ----a-w- C:WindowsSystem32msvcr100_clr0400.dll2013-09-08 02:30:37 1903552 ----a-w- C:WindowsSystem32driverstcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:WindowsSystem32mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:WindowsSysWow64mswsock.dll2013-08-29 02:17:48 5549504 ----a-w- C:WindowsSystem32ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:WindowsSystem32ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:WindowsSystem32wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:WindowsSystem32tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:WindowsSystem32advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:WindowsSysWow64ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:WindowsSysWow64ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:WindowsSysWow64wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:WindowsSysWow64ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:WindowsSysWow64tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:WindowsSysWow64advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:Windowsapppatchacwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:WindowsSysWow64setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:WindowsSysWow64instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:WindowsSysWow64ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:WindowsSysWow64user.exe2013-08-28 01:21:06 3155968 ----a-w- C:WindowsSystem32win32k.sys2013-08-28 01:12:33 461312 ----a-w- C:WindowsSystem32scavengeui.dll2013-08-05 02:25:45 155584 ----a-w- C:WindowsSystem32driversataport.sys2013-08-02 02:14:57 215040 ----a-w- C:WindowsSystem32winsrv.dll2013-08-02 02:13:34 424448 ----a-w- C:WindowsSystem32KernelBase.dll2013-08-02 01:50:42 274944 ----a-w- C:WindowsSysWow64KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:WindowsSystem32conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:WindowsSystem32smss.exe2013-08-02 00:43:05 6144 ---ha-w- C:WindowsSysWow64api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:WindowsSysWow64api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:WindowsSysWow64api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:WindowsSysWow64api-ms-win-core-util-l1-1-0.dll2013-08-01 12:09:36 983488 ----a-w- C:WindowsSystem32driversdxgkrnl.sys2013-07-25 09:25:54 1888768 ----a-w- C:WindowsSystem32WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:WindowsSysWow64WMVDECOD.DLL2013-07-20 10:33:12 102608 ----a-w- C:WindowsSysWow64PresentationCFFRasterizerNative_v0300.dll2013-07-20 10:33:08 124112 ----a-w- C:WindowsSystem32PresentationCFFRasterizerNative_v0300.dll2013-07-19 01:58:42 2048 ----a-w- C:WindowsSystem32tzres.dll2013-07-19 01:41:01 2048 ----a-w- C:WindowsSysWow64tzres.dll2013-07-12 10:41:35 185344 ----a-w- C:WindowsSystem32driversusbvideo.sys2013-07-12 10:41:12 100864 ----a-w- C:WindowsSystem32driversusbcir.sys2013-07-09 05:52:52 224256 ----a-w- C:WindowsSystem32wintrust.dll2013-07-09 05:51:16 1217024 ----a-w- C:WindowsSystem32rpcrt4.dll2013-07-09 05:46:20 184320 ----a-w- C:WindowsSystem32cryptsvc.dll2013-07-09 05:46:20 139776 ----a-w- C:WindowsSystem32cryptnet.dll2013-07-09 04:52:33 663552 ----a-w- C:WindowsSysWow64rpcrt4.dll2013-07-09 04:52:10 175104 ----a-w- C:WindowsSysWow64wintrust.dll.============= FINISH: 18:15:40.15 ===============
  6. Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.8 (11.05.2013:1)OS: Windows 7 Home Premium x64Ran by Mike on Mon 12/09/2013 at 17:50:54.55~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Mon 12/09/2013 at 18:02:08.39End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This was the 2nd run of JRT with "run as administrator" selected. I ran it right from the d/l screen before. I removed a bunch of empty folders and some kind of searchbar for utorrent that I never installed. As to the improvement: dllhost.exe*32 is using 1.1 million K. The CPU percentage is down it looks like but the memory usage is worse.
  7. # AdwCleaner v3.014 - Report created 09/12/2013 at 17:19:54 # Updated 01/12/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Mike - MYLAPTOP # Running from : C:UsersMikeAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5V9WJNCM8AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:ProgramDataPartner Folder Deleted : C:UsersMikeAppDataLocalLowConduit Folder Deleted : C:UsersMikeAppDataLocalLowPriceGong Folder Deleted : C:UsersMikeAppDataLocalLowToolbar4 Folder Deleted : C:UsersMikeAppDataRoamingiWin ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLMSOFTWAREGoogleChromeExtensionspmlghpafmmnmmkjdhacccolfgnkiboco Key Deleted : HKLMSOFTWAREClassesAppIDTbCommonUtils.DLL Key Deleted : HKLMSOFTWAREClassesAppIDTbHelper.EXE Key Deleted : HKLMSOFTWAREMicrosoftTracingapnstub_RASAPI32 Key Deleted : HKLMSOFTWAREMicrosoftTracingapnstub_RASMANCS Key Deleted : HKLMSOFTWAREMicrosoftTracingAskInstallChecker_RASAPI32 Key Deleted : HKLMSOFTWAREMicrosoftTracingAskInstallChecker_RASMANCS Key Deleted : HKLMSOFTWAREMicrosoftTracingau__rasapi32 Key Deleted : HKLMSOFTWAREMicrosoftTracingau__rasmancs Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallASUS_Screensaver Key Deleted : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_for_daemon-tools_RASAPI32 Key Deleted : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_for_daemon-tools_RASMANCS Key Deleted : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_for_gom-player[1]_RASAPI32 Key Deleted : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_for_gom-player[1]_RASMANCS Key Deleted : HKLMSOFTWAREClassesAppID{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLMSOFTWAREClassesAppID{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Deleted : HKLMSOFTWAREClassesAppID{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Deleted : HKLMSOFTWAREClassesAppID{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLMSOFTWAREClassesAppID{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLMSOFTWAREClassesCLSID{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLMSOFTWAREClassesInterface{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted : HKLMSOFTWAREClassesInterface{0FA32667-9A8A-4E9C-902F-CA3323180003} Key Deleted : HKLMSOFTWAREClassesInterface{2A42D13C-D427-4787-821B-CF6973855778} Key Deleted : HKLMSOFTWAREClassesInterface{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Key Deleted : HKLMSOFTWAREClassesInterface{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Deleted : HKLMSOFTWAREClassesInterface{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Deleted : HKLMSOFTWAREClassesInterface{4897BBA6-48D9-468C-8EFA-846275D7701B} Key Deleted : HKLMSOFTWAREClassesInterface{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Deleted : HKLMSOFTWAREClassesInterface{6B458F62-592F-4B25-8967-E6A350A59328} Key Deleted : HKLMSOFTWAREClassesInterface{81E852CC-1FD5-4004-8761-79A48B975E29} Key Deleted : HKLMSOFTWAREClassesInterface{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Deleted : HKLMSOFTWAREClassesInterface{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Deleted : HKLMSOFTWAREClassesInterface{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Deleted : HKLMSOFTWAREClassesInterface{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Deleted : HKLMSOFTWAREClassesInterface{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Deleted : HKLMSOFTWAREClassesInterface{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Key Deleted : HKLMSOFTWAREClassesInterface{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403} Key Deleted : HKLMSOFTWAREClassesTypeLib{4509D3CC-B642-4745-B030-645B79522C6D} Key Deleted : HKLMSOFTWAREClassesTypeLib{B87F8B63-7274-43FD-87FA-09D3B7496148} Key Deleted : HKLMSOFTWAREClassesTypeLib{C4BAE205-5E02-4E32-876E-F34B4E2D000C} Key Deleted : HKLMSOFTWAREClassesTypeLib{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{0FA32667-9A8A-4E9C-902F-CA3323180003} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{2A42D13C-D427-4787-821B-CF6973855778} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{4897BBA6-48D9-468C-8EFA-846275D7701B} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{6B458F62-592F-4B25-8967-E6A350A59328} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{81E852CC-1FD5-4004-8761-79A48B975E29} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Key Deleted : [x64] HKLMSOFTWAREClassesInterface{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403} Key Deleted : HKCUSoftwareIM Key Deleted : HKCUSoftwareSoftonic Key Deleted : HKCUSoftwareYahooPartnerToolbar Key Deleted : HKCUSoftwareAppDataLowSoftwareConduit Key Deleted : HKCUSoftwareAppDataLowSoftwarePriceGong Key Deleted : HKLMSoftwareConduit Key Deleted : HKLMSoftwaredlQUE Key Deleted : HKLMSoftwareIminent ***** [ Browsers ] ***** - Internet Explorer v10.0.9200.16736 - Mozilla Firefox v - Google Chrome v31.0.1650.63 [ File : C:UsersMikeAppDataLocalGoogleChromeUser DataDefaultpreferences ] ************************* AdwCleaner[R0].txt - [6947 octets] - [09/12/2013 17:17:55] AdwCleaner[s0].txt - [6831 octets] - [09/12/2013 17:19:54] ########## EOF - C:AdwCleanerAdwCleaner[s0].txt - [6891 octets] ##########
  8. I had a problem a few days ago and ran Avira. It came back with 91 viruses, cleared those out. Ran Malwarebytes Anti-Malware - It had hits, cleaned those out. Now my computer does not appear to like certain security settings but I might have just fixed that. The main issue that I am noticing now is that the process "dllhost.exe" is using a HUGE amount of system resources. As of right now between 11 and 46 on the task manager under CPU and the mem usage at 760,000 to 770,000 k. I tried to terminate the process and copy a new version of the file over to "reset" the program but since it is a system file it is protected and the computer said No. Now Avira and Anti-malware are both running clean. I installed Spybot search and destroy and it found some minor things like tracking cookies etc but my laptop is still misbehaving. What else can I try?
×
×
  • Create New...