Jump to content
Sign in to follow this  
Joe Gregory III

Laptop Running Slowly

Recommended Posts

I've tried everything suggested on these forums. Computer suddenly started running slowly, no obvious causes. Virus scans are clean, hardware checks are clean (although I'm not convinced it isn't a possible hardware issue). No abnormal activity really, CPU usage seems normal, but windows runs sluggishly, games are unplayable (horrid FPS). System temps seem fine and gave it a thorough cleaning. Everything was normal, went afk for a few hours to watch UFC, came back and PC was running slow. I run multiple user accounts (for different purposes) and they all have the issue.

 

 

Log files as requested:

 

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 6:09:59 PM, on 11/13/2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Program Files\Alienware\Command Center\AlienFusionController.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe

C:\Program Files (x86)\POWERISO\PWRISOVM.EXE

C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe

C:\Users\Gaming\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gaming\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Gaming\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gaming\Desktop\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

O2 - BHO: SSOIEAddonBHO - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

O4 - HKLM\..\Run: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch.exe

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [PC Pitstop Optimize Reminder] C:\Program Files (x86)\PCPitstop\Optimize3\Reminder-Optimize3.exe

O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe

O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.co...sreqlab_nvd.cab

O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcp.../pcpitstop2.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: FastAccess - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: FAService - Sensible Vision - C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: HappyOSD - Unknown owner - C:\Program Files (x86)\OSD\OSD_Service.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: PCPitstop Scheduling - PC Pitstop LLC - C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\AlienRespawn\sftservice.EXE

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\STacSV64.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 10754 bytes

 

 

 

 

.

DDS (Ver_2011-06-23.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Gaming at 18:11:28 on 2011-11-13

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6132.4292 [GMT -6:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\svchost.exe -k NetworkService

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\AESTSr64.exe

C:\Program Files\Alienware\Command Center\AlienFusionService.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files (x86)\OSD\OSD_Service.exe

C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\AlienRespawn\sftservice.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\UI0Detect.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe

C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\AlienRespawn\Toaster.exe

C:\Windows\System32\vds.exe

C:\Program Files\Windows Media Player\WMPSideShowGadget.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files\Alienware\Command Center\AlienFusionController.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe

C:\Program Files (x86)\POWERISO\PWRISOVM.EXE

C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe

C:\Program Files (x86)\OSD\OSD_Main.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Users\Gaming\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gaming\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Gaming\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gaming\Desktop\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

C:\Windows\system32\taskeng.exe

c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.alienware.com/

uDefault_Page_URL = hxxp://www.alienware.com/

mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

mWinlogon: Userinit=userinit.exe

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

BHO: SSOIEAddonBHO Class: {da5bce70-d057-4d63-943d-5f3927ec59f1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

{555d4d79-4bd2-4094-a395-cfc534424a05}

mRun: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch.exe

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe

mRun: [FAStartup]

mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

mRun: [PC Pitstop Optimize Reminder] C:\Program Files (x86)\PCPitstop\Optimize3\Reminder-Optimize3.exe

mRunOnce: [Launcher] C:\Program Files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll

TCP: DhcpNameServer = 12.127.16.67 69.60.160.196

TCP: Interfaces\{13FE863B-B116-42FB-A2B1-748C35E9E8B2} : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{13FE863B-B116-42FB-A2B1-748C35E9E8B2}\35963535976596C6C61676560214C6C60235579647560284F64756C6 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{13FE863B-B116-42FB-A2B1-748C35E9E8B2}\35963737976596C6C61676560214C6C60235579647560284F64756C602 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{2CC954AF-5EC3-4C88-9C11-CA990A296B21} : DhcpNameServer = 12.127.16.67 69.60.160.196

TCP: Interfaces\{F3F200F6-E432-4BDC-94CC-47AEDE094030}\2456C6B696E6F5E4F575962756C6563737 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{F3F200F6-E432-4BDC-94CC-47AEDE094030}\375707562783 : DhcpNameServer = 10.6.18.1

TCP: Interfaces\{F3F200F6-E432-4BDC-94CC-47AEDE094030}\4616973796E6E6D223 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{F3F200F6-E432-4BDC-94CC-47AEDE094030}\5436F6E6F6D69794E6E6 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{F3F200F6-E432-4BDC-94CC-47AEDE094030}\74275656E66796C6C6560284948502243323 : DhcpNameServer = 12.127.16.67 69.60.160.196

TCP: Interfaces\{F3F200F6-E432-4BDC-94CC-47AEDE094030}\74275656E66796C6C65602849485023413 : DhcpNameServer = 12.127.16.67 69.60.160.196

TCP: Interfaces\{F3F200F6-E432-4BDC-94CC-47AEDE094030}\75169707F62747F5143636563737 : DhcpNameServer = 192.168.5.1 64.134.255.2 64.134.255.10

TCP: Interfaces\{F3F200F6-E432-4BDC-94CC-47AEDE094030}\84F6C6964616970294E6E602548707275637370274275656E66796C6C6560223 : DhcpNameServer = 12.127.16.67 69.60.160.196

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: FastAccess - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll

LSA: Notification Packages = scecli FAPassSync

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

BHO-X64: Conduit Engine - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

BHO-X64: Vuze Remote - No File

BHO-X64: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll

BHO-X64: SSOIEAddonBHO - No File

BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

mRun-x64: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch.exe

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe

mRun-x64: [FAStartup]

mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

mRun-x64: [PC Pitstop Optimize Reminder] C:\Program Files (x86)\PCPitstop\Optimize3\Reminder-Optimize3.exe

mRunOnce-x64: [Launcher] C:\Program Files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

.

============= SERVICES / DRIVERS ===============

.

R0 ioatdma;Intel® QuickData Technology device;C:\Windows\system32\Drivers\ioatdma.sys --> C:\Windows\system32\Drivers\ioatdma.sys [?]

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_056607ee0106e5e8\AESTSr64.exe [2010-10-27 89600]

R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2010-5-21 14648]

R2 FAService;FAService;C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe [2010-4-4 2409800]

R2 HappyOSD;HappyOSD;C:\Program Files (x86)\OSD\OSD_Service.exe [2010-1-4 16384]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-29 13336]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-30 2253120]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\AlienRespawn\SftService.exe [2010-11-29 705856]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-9-22 381248]

R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Acceler.sys --> C:\Windows\system32\DRIVERS\Acceler.sys [?]

R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?]

R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]

R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]

R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\system32\DRIVERS\nvoclk64.sys --> C:\Windows\system32\DRIVERS\nvoclk64.sys [?]

R3 RzSynapse;Razer Driver;C:\Windows\system32\DRIVERS\RzSynapse.sys --> C:\Windows\system32\DRIVERS\RzSynapse.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\OSD\WinRing0x64.sys [2008-7-26 14544]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]

S3 IAMTVE;Driver for Intel® Active Management Technology - KCS;C:\Windows\system32\DRIVERS\IAMTVE.sys --> C:\Windows\system32\DRIVERS\IAMTVE.sys [?]

S3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;C:\Windows\system32\DRIVERS\IAMTXPE.sys --> C:\Windows\system32\DRIVERS\IAMTXPE.sys [?]

S3 ioatdma1;ioatdma1;C:\Windows\system32\Drivers\qd162x64.sys --> C:\Windows\system32\Drivers\qd162x64.sys [?]

S3 ioatdma2;Intel® QuickData Technology device ver.2;C:\Windows\system32\Drivers\qd262x64.sys --> C:\Windows\system32\Drivers\qd262x64.sys [?]

S3 iSSetup;iSSetup;C:\Windows\system32\DRIVERS\iSSetup.sys --> C:\Windows\system32\DRIVERS\iSSetup.sys [?]

S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?]

S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]

S3 PCPitstop Scheduling;PCPitstop Scheduling;C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [2011-11-13 86016]

S3 RemoteControl-USBLAN;RemoteControl-USBLAN;C:\Windows\system32\DRIVERS\rcblan.sys --> C:\Windows\system32\DRIVERS\rcblan.sys [?]

S3 S3XXx64;SCR3xx USB SmartCardReader64;C:\Windows\system32\DRIVERS\S3XXx64.sys --> C:\Windows\system32\DRIVERS\S3XXx64.sys [?]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-11-13 23:59:47 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89147E52-4BC4-4F93-B101-D71E533305E1}\offreg.dll

2011-11-13 23:44:04 388096 ----a-r- C:\Users\Gaming\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-11-13 23:26:35 917840 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0DC5CDD5-D6B7-44A8-8969-9D6F8EF67811}\gapaengine.dll

2011-11-13 23:25:44 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89147E52-4BC4-4F93-B101-D71E533305E1}\mpengine.dll

2011-11-13 23:13:23 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2011-11-13 23:13:13 -------- d-----w- C:\Program Files\Microsoft Security Client

2011-11-13 23:08:41 -------- d-----w- C:\ProgramData\PCPitstop

2011-11-13 23:08:40 -------- d-----w- C:\Program Files (x86)\PCPitstop

2011-11-13 22:57:47 -------- d-----w- C:\Windows\pss

2011-11-13 22:48:13 -------- d-----w- C:\Program Files (x86)\CPU Speed Pro

2011-11-13 19:42:53 -------- d-----w- C:\Program Files (x86)\Seagate

2011-11-13 18:31:44 -------- d-----w- C:\Program Files (x86)\WinTools Software

2011-11-13 17:33:26 -------- d-----w- C:\Users\Gaming\AppData\Local\NVIDIA Corporation

2011-11-13 16:56:39 -------- d-----w- C:\Program Files\CPUID

2011-11-13 16:52:52 -------- d-----w- C:\Users\Gaming\My Backup Files

2011-11-13 15:58:01 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2011-11-13 14:47:25 -------- d-----w- C:\ProgramData\Malwarebytes

2011-11-13 14:47:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-11-13 06:54:55 -------- d-----w- C:\Users\Gaming\AppData\Local\ElevatedDiagnostics

2011-11-13 06:31:48 -------- d-----w- C:\Users\Gaming\AppData\Roaming\CleanMyPC Software

2011-11-13 06:31:21 -------- d-----w- C:\Program Files (x86)\CleanMyPC

2011-11-13 06:19:21 -------- d-----w- C:\Users\Gaming\AppData\Roaming\Azureus

2011-11-11 23:22:51 -------- d-----w- C:\Users\Gaming\AppData\Roaming\Origin

2011-11-11 23:22:05 -------- d-----w- C:\Users\Gaming\AppData\Local\Origin

2011-11-11 18:28:23 -------- d-----w- C:\Users\Gaming\AppData\Local\Skyrim

2011-11-09 22:18:24 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll

2011-11-09 22:18:24 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll

2011-11-09 22:18:23 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-11-09 22:18:20 3144704 ----a-w- C:\Windows\System32\win32k.sys

2011-11-09 03:42:13 -------- d-----w- C:\Users\Gaming\AppData\Local\WB Games

2011-11-03 03:19:19 -------- d-----w- C:\Users\Gaming\AppData\Local\Microsoft Games

2011-11-01 12:50:00 -------- d-----w- C:\Users\Gaming\AppData\Local\Apple

2011-10-31 18:06:26 -------- d-----w- C:\Users\Gaming\AppData\Roaming\Rokario

2011-10-31 18:04:44 -------- d-----w- C:\Users\Gaming\AppData\Roaming\Rift

2011-10-31 18:03:57 -------- d-----w- C:\Users\Gaming\AppData\Local\Google

2011-10-31 18:01:25 -------- d-----w- C:\Users\Gaming\AppData\Roaming\Mumble

2011-10-31 18:01:02 -------- d-----w- C:\Users\Gaming\AppData\Local\Logitech

2011-10-31 18:01:01 -------- d-----w- C:\Users\Gaming\AppData\Roaming\NVIDIA

2011-10-29 22:43:36 -------- d-----w- C:\Program Files (x86)\PKR

2011-10-29 16:59:39 -------- d-----w- C:\NVIDIA

2011-10-28 17:54:59 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2011-10-28 17:54:00 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins

2011-10-28 17:52:02 -------- d-----w- C:\ProgramData\EA Core

2011-10-28 17:50:13 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller

2011-10-28 17:49:39 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2011-10-28 17:49:39 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2011-10-28 17:49:38 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2011-10-26 23:56:59 4910088 ----a-w- C:\Windows\System32\D3DX9_37.dll

2011-10-26 22:23:05 -------- d-----w- C:\ProgramData\Origin

2011-10-26 22:23:05 -------- d-----w- C:\ProgramData\Electronic Arts

2011-10-26 22:23:05 -------- d-----w- C:\Program Files (x86)\Origin Games

2011-10-26 22:22:47 -------- d-----w- C:\Program Files (x86)\Origin

2011-10-25 13:45:57 -------- d-----w- C:\Program Files\iTunes

2011-10-25 13:45:57 -------- d-----w- C:\Program Files\iPod

2011-10-25 13:45:57 -------- d-----w- C:\Program Files (x86)\iTunes

2011-10-25 13:44:02 -------- d-----w- C:\Program Files\Bonjour

2011-10-25 13:44:02 -------- d-----w- C:\Program Files (x86)\Bonjour

.

==================== Find3M ====================

.

2011-10-03 11:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-09-22 18:29:58 321856 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll

2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll

2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-08-31 05:05:32 96104 ----a-w- C:\Windows\System32\dns-sd.exe

2011-08-31 05:05:32 85864 ----a-w- C:\Windows\System32\dnssd.dll

2011-08-31 05:05:32 61288 ----a-w- C:\Windows\System32\jdns_sd.dll

2011-08-31 05:05:32 212840 ----a-w- C:\Windows\System32\dnssdX.dll

2011-08-31 05:05:04 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe

2011-08-31 05:05:04 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll

2011-08-31 05:05:04 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll

2011-08-31 05:05:04 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll

2011-08-27 05:37:49 861696 ----a-w- C:\Windows\System32\oleaut32.dll

2011-08-27 05:37:48 331776 ----a-w- C:\Windows\System32\oleacc.dll

2011-08-27 04:26:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-08-27 04:26:27 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

2011-08-26 22:21:30 28056 ----a-w- C:\Windows\System32\xfcodec64.dll

2011-08-17 05:26:46 613888 ----a-w- C:\Windows\System32\psisdecd.dll

2011-08-17 05:25:08 108032 ----a-w- C:\Windows\System32\psisrndr.ax

2011-08-17 04:24:12 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll

2011-08-17 04:19:27 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax

.

============= FINISH: 18:13:36.28 ===============

Share this post


Link to post
Share on other sites

Hi and Welcome!! :) My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • The fixes are specific to your problem and should only be used for the issues on this machine.

  • It's often worth reading through these instructions and printing them for ease of reference.

  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.

  • Please reply to this thread. Do not start a new topic.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

 

Having said that....Let's get going!! :thumbup:

----------

 

Let me look over these logs and I will get right with you. :)

---------

 

In the mean time please do the following...

 

Please download aswMBR to your desktop.

 

  • Right click and Run as Administrator the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.
Posted Image

Click the image to enlarge it

----------

Share this post


Link to post
Share on other sites

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software

Run date: 2011-11-14 14:50:20

-----------------------------

14:50:20.958 OS Version: Windows x64 6.1.7601 Service Pack 1

14:50:20.958 Number of processors: 8 586 0x1E05

14:50:20.961 ComputerName: JOE-ALIENWARE UserName: Joe Gregory

14:50:22.411 Initialize success

14:50:29.587 Disk 0 (boot) DeviceHarddisk0DR0 -> DeviceIdeIAAStorageDevice-1

14:50:29.591 Disk 0 Vendor: ST950042 D005 Size: 476940MB BusType: 3

14:50:29.623 Disk 0 MBR read successfully

14:50:29.628 Disk 0 MBR scan

14:50:29.634 Disk 0 Windows VISTA default MBR code

14:50:29.641 Service scanning

14:50:30.371 Service MpNWMon C:Windowssystem32DRIVERSMpNWMon.sys **LOCKED** 32

14:50:31.199 Modules scanning

14:50:31.207 Disk 0 trace - called modules:

14:50:31.217 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll

14:50:31.226 1 nt!IofCallDriver -> DeviceHarddisk0DR0[0xfffffa8006420790]

14:50:31.235 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> DeviceIdeIAAStorageDevice-1[0xfffffa8006207050]

14:50:31.246 Scan finished successfully

14:50:45.161 Disk 0 MBR has been saved successfully to "C:UsersJoe GregoryDesktopMBR.dat"

14:50:45.179 The log file has been saved successfully to "C:UsersJoe GregoryDesktopaswMBR.txt"

Share this post


Link to post
Share on other sites

Hi Joe,

 

 

Download Combofix from either of the links below, and save it to your desktop.

Link 1

Link 2

 

**Note: It is important that it is saved directly to your desktop**

 

--------------------------------------------------------------------

 

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

 

--------------------------------------------------------------------

 

Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the C:ComboFix.txt for further review.

Share this post


Link to post
Share on other sites

ComboFix 11-11-15.01 - Gaming 11/15/2011 11:39:54.2.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6133.4229 [GMT -6:00]

Running from: c:usersGamingDesktopComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2011-10-15 to 2011-11-15 )))))))))))))))))))))))))))))))

.

.

2011-11-15 17:49 . 2011-11-15 17:49 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp

2011-11-15 17:49 . 2011-11-15 17:49 -------- d-----w- c:usersJoe GregoryAppDataLocaltemp

2011-11-15 17:49 . 2011-11-15 17:49 -------- d-----w- c:usersDefaultAppDataLocaltemp

2011-11-15 16:32 . 2011-10-18 07:27 8570192 ----a-w- c:programdataMicrosoftMicrosoft AntimalwareDefinition UpdatesBackupmpengine.dll

2011-11-15 16:32 . 2011-11-15 16:32 69000 ----a-w- c:programdataMicrosoftMicrosoft AntimalwareDefinition Updates{52799481-A6C4-4EB4-8C2C-2EEDD09CB890}offreg.dll

2011-11-15 16:32 . 2011-10-18 07:27 8570192 ----a-w- c:programdataMicrosoftMicrosoft AntimalwareDefinition Updates{52799481-A6C4-4EB4-8C2C-2EEDD09CB890}mpengine.dll

2011-11-14 18:50 . 2011-11-14 18:50 -------- d-----w- c:usersJoe GregoryAppDataLocalNVIDIA Corporation

2011-11-14 04:29 . 2011-11-14 04:29 -------- d-----w- c:windowssystem32temp

2011-11-14 04:29 . 2011-11-14 04:29 -------- d-----w- c:programdataPassMark

2011-11-14 04:29 . 2011-11-14 04:29 -------- d-----w- c:program filesBurnInTest

2011-11-13 23:26 . 2011-10-04 23:22 917840 ------w- c:programdataMicrosoftMicrosoft AntimalwareDefinition Updates{0DC5CDD5-D6B7-44A8-8969-9D6F8EF67811}gapaengine.dll

2011-11-13 23:13 . 2011-11-13 23:13 -------- d-----w- c:program files (x86)Microsoft Security Client

2011-11-13 23:13 . 2011-11-13 23:13 -------- d-----w- c:program filesMicrosoft Security Client

2011-11-13 23:08 . 2011-11-15 17:08 -------- d-----w- c:programdataPCPitstop

2011-11-13 22:48 . 2011-11-13 22:48 -------- d-----w- c:program files (x86)CPU Speed Pro

2011-11-13 22:00 . 2011-11-13 22:00 -------- d-----w- c:usersUpdatusUserAppDataLocalMicrosoft

2011-11-13 19:42 . 2011-11-13 19:42 -------- d-----w- c:program files (x86)Seagate

2011-11-13 18:31 . 2011-11-13 19:05 -------- d-----w- c:program files (x86)WinTools Software

2011-11-13 17:56 . 2011-11-13 21:56 -------- d-----w- c:usersTest

2011-11-13 16:56 . 2011-11-13 16:56 -------- d-----w- c:program filesCPUID

2011-11-13 15:58 . 2011-11-13 15:58 -------- d-----w- c:programdataNVIDIA Corporation

2011-11-13 14:47 . 2011-11-13 14:47 -------- d-----w- c:usersJoe GregoryAppDataRoamingMalwarebytes

2011-11-13 14:47 . 2011-11-13 14:47 -------- d-----w- c:programdataMalwarebytes

2011-11-13 14:47 . 2011-11-13 21:56 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware

2011-11-13 14:40 . 2011-11-13 14:40 -------- d-----w- c:usersJoe GregoryAppDataLocalSkyrim

2011-11-13 06:31 . 2011-11-13 06:31 -------- d-----w- c:program files (x86)CleanMyPC

2011-11-09 22:18 . 2011-10-01 05:45 886784 ----a-w- c:program filesCommon FilesSystemwab32.dll

2011-11-09 22:18 . 2011-10-01 04:37 708608 ----a-w- c:program files (x86)Common FilesSystemwab32.dll

2011-11-09 22:18 . 2011-09-29 16:29 1923952 ----a-w- c:windowssystem32driverstcpip.sys

2011-11-09 22:18 . 2011-09-29 04:03 3144704 ----a-w- c:windowssystem32win32k.sys

2011-11-09 05:20 . 2011-11-09 05:20 -------- d-----w- c:usersJoe GregoryAppDataLocalwb games

2011-10-31 18:00 . 2011-11-13 22:07 -------- d-----w- c:usersGaming

2011-10-30 14:00 . 2011-10-30 14:00 -------- d-----w- c:usersJoe GregoryAppDataLocalChromium

2011-10-29 22:43 . 2011-10-29 22:43 -------- d-----w- c:program files (x86)PKR

2011-10-29 17:02 . 2011-07-07 23:21 29288 ----a-w- c:windowssystem32nvhdap64.dll

2011-10-29 17:02 . 2011-07-07 23:21 174184 ----a-w- c:windowssystem32driversnvhda64v.sys

2011-10-29 17:02 . 2011-07-07 23:21 1452648 ----a-w- c:windowssystem32nvhdagenco6420102.dll

2011-10-29 17:02 . 2011-09-22 22:41 1533248 ----a-w- c:windowssystem32nvdispco64.dll

2011-10-29 17:02 . 2011-09-22 22:41 1454400 ----a-w- c:windowssystem32nvgenco64.dll

2011-10-29 16:59 . 2011-11-13 21:50 -------- d-----w- C:NVIDIA

2011-10-29 16:11 . 2011-10-29 16:11 -------- d-----w- c:program files (x86)Common FilesJava

2011-10-28 19:56 . 2011-10-30 03:33 -------- d-----w- c:usersJoe GregoryAppDataLocalESN Sonar

2011-10-28 17:54 . 2011-10-31 05:02 280904 ----a-w- c:windowsSysWow64PnkBstrB.xtr

2011-10-28 17:54 . 2011-10-28 17:54 -------- d-----w- c:usersJoe GregoryAppDataLocalPunkBuster

2011-10-28 17:54 . 2011-10-28 17:54 -------- d-----w- c:program files (x86)Battlelog Web Plugins

2011-10-28 17:52 . 2011-10-28 17:52 -------- d-----w- c:programdataEA Core

2011-10-28 17:50 . 2011-10-28 17:50 -------- d--h--w- c:program files (x86)Common FilesEAInstaller

2011-10-28 17:49 . 2011-10-31 05:02 280904 ----a-w- c:windowsSysWow64PnkBstrB.exe

2011-10-28 17:49 . 2011-10-31 04:38 280904 ----a-w- c:windowsSysWow64PnkBstrB.ex0

2011-10-28 17:49 . 2011-10-28 17:49 75136 ----a-w- c:windowsSysWow64PnkBstrA.exe

2011-10-26 23:56 . 2008-03-05 21:56 4910088 ----a-w- c:windowssystem32D3DX9_37.dll

2011-10-26 22:23 . 2011-10-26 22:41 -------- d-----w- c:usersJoe GregoryAppDataRoamingOrigin

2011-10-26 22:23 . 2011-10-28 17:53 -------- d-----w- c:usersJoe GregoryAppDataLocalOrigin

2011-10-26 22:23 . 2011-11-13 21:54 -------- d-----w- c:programdataOrigin

2011-10-26 22:23 . 2011-11-13 21:52 -------- d-----w- c:programdataElectronic Arts

2011-10-26 22:23 . 2011-11-13 21:50 -------- d-----w- c:program files (x86)Origin Games

2011-10-26 22:22 . 2011-11-13 21:54 -------- d-----w- c:program files (x86)Origin

2011-10-26 21:41 . 2011-10-26 21:41 -------- d-----w- c:usersJoe Gregory.swt

2011-10-25 13:45 . 2011-10-25 13:46 -------- d-----w- c:program filesiTunes

2011-10-25 13:45 . 2011-10-25 13:46 -------- d-----w- c:program files (x86)iTunes

2011-10-25 13:45 . 2011-10-25 13:45 -------- d-----w- c:program filesiPod

2011-10-25 13:44 . 2011-10-25 13:44 -------- d-----w- c:program filesBonjour

2011-10-25 13:44 . 2011-10-25 13:44 -------- d-----w- c:program files (x86)Bonjour

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-03 11:06 . 2010-11-30 05:04 472808 ----a-w- c:windowsSysWow64deployJava1.dll

2011-09-01 05:24 . 2011-10-14 08:05 2309120 ----a-w- c:windowssystem32jscript9.dll

2011-09-01 05:17 . 2011-10-14 08:05 1389056 ----a-w- c:windowssystem32wininet.dll

2011-09-01 05:12 . 2011-10-14 08:05 2382848 ----a-w- c:windowssystem32mshtml.tlb

2011-09-01 02:35 . 2011-10-14 08:05 1798144 ----a-w- c:windowsSysWow64jscript9.dll

2011-09-01 02:28 . 2011-10-14 08:05 1126912 ----a-w- c:windowsSysWow64wininet.dll

2011-09-01 02:22 . 2011-10-14 08:05 2382848 ----a-w- c:windowsSysWow64mshtml.tlb

2011-08-31 05:05 . 2011-08-31 05:05 96104 ----a-w- c:windowssystem32dns-sd.exe

2011-08-31 05:05 . 2011-08-31 05:05 85864 ----a-w- c:windowssystem32dnssd.dll

2011-08-31 05:05 . 2011-08-31 05:05 61288 ----a-w- c:windowssystem32jdns_sd.dll

2011-08-31 05:05 . 2011-08-31 05:05 212840 ----a-w- c:windowssystem32dnssdX.dll

2011-08-31 05:05 . 2011-08-31 05:05 83816 ----a-w- c:windowsSysWow64dns-sd.exe

2011-08-31 05:05 . 2011-08-31 05:05 73064 ----a-w- c:windowsSysWow64dnssd.dll

2011-08-31 05:05 . 2011-08-31 05:05 50536 ----a-w- c:windowsSysWow64jdns_sd.dll

2011-08-31 05:05 . 2011-08-31 05:05 178536 ----a-w- c:windowsSysWow64dnssdX.dll

2011-08-27 05:37 . 2011-10-14 02:32 861696 ----a-w- c:windowssystem32oleaut32.dll

2011-08-27 05:37 . 2011-10-14 02:32 331776 ----a-w- c:windowssystem32oleacc.dll

2011-08-27 04:26 . 2011-10-14 02:32 571904 ----a-w- c:windowsSysWow64oleaut32.dll

2011-08-27 04:26 . 2011-10-14 02:32 233472 ----a-w- c:windowsSysWow64oleacc.dll

2011-08-26 22:21 . 2011-08-26 22:21 28056 ----a-w- c:windowssystem32xfcodec64.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{30F9B915-B755-4826-820B-08FBA6BD249D}]

2011-01-17 15:54 175912 ----a-w- c:program files (x86)ConduitEngineprxConduitEngine.dll

.

[HKEY_LOCAL_MACHINEWow6432Node~Browser Helper Objects{ba14329e-9550-4989-b3f2-9732e92d17cc}]

2011-01-17 15:54 175912 ----a-w- c:program files (x86)Vuze_RemoteprxtbVuze.dll

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar]

"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:program files (x86)Vuze_RemoteprxtbVuze.dll" [2011-01-17 175912]

"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:program files (x86)ConduitEngineprxConduitEngine.dll" [2011-01-17 175912]

.

[HKEY_CLASSES_ROOTclsid{ba14329e-9550-4989-b3f2-9732e92d17cc}]

.

[HKEY_CLASSES_ROOTclsid{30f9b915-b755-4826-820b-08fba6bd249d}]

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]

"OSD_LAUNCH"="c:program files (x86)OSDLaunch.exe" [2010-01-05 32768]

"IAStorIcon"="c:program files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe" [2010-03-04 284696]

"FATrayAlert"="c:program filesAlienwareCommand CenterAlienSenseFATrayMon.exe" [2010-04-04 95560]

"PWRISOVM.EXE"="c:program files (x86)PowerISOPWRISOVM.EXE" [2008-11-02 167936]

.

c:usersGamingAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

OpenOffice.org 3.3.lnk - c:program files (x86)OpenOffice.org 3programquickstart.exe [2010-12-13 1198592]

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyFastAccess]

2010-04-04 18:43 144712 ----a-w- c:program filesAlienwareCommand CenterAlienSenseFALogNot.dll

.

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa]

Notification Packages REG_MULTI_SZ scecli FAPassSync

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576]

R2 HappyOSD;HappyOSD;c:program files (x86)OSDOSD_Service.exe [2010-01-04 16384]

R3 btusbflt;Bluetooth USB Filter;c:windowssystem32driversbtusbflt.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:windowssystem32DRIVERSbtwl2cap.sys [x]

R3 FACAP;facap, FastAccess Video Capture;c:windowssystem32DRIVERSfacap.sys [x]

R3 IAMTVE;Driver for Intel® Active Management Technology - KCS;c:windowssystem32DRIVERSIAMTVE.sys [x]

R3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;c:windowssystem32DRIVERSIAMTXPE.sys [x]

R3 ioatdma1;ioatdma1;c:windowsSystem32Driversqd162x64.sys [x]

R3 ioatdma2;Intel® QuickData Technology device ver.2;c:windowsSystem32Driversqd262x64.sys [x]

R3 iSSetup;iSSetup;c:windowssystem32DRIVERSiSSetup.sys [x]

R3 ivusb;Initio Driver for USB Default Controller;c:windowssystem32DRIVERSivusb.sys [x]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:windowssystem32driversLGVirHid.sys [x]

R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;c:windowssystem32DRIVERSnetr28ux.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:windowssystem32DRIVERSNisDrvWFP.sys [x]

R3 NisSrv;Microsoft Network Inspection;c:program filesMicrosoft Security ClientAntimalwareNisSrv.exe [2011-04-27 288272]

R3 Point64;Microsoft IntelliPoint Filter Driver;c:windowssystem32DRIVERSpoint64.sys [x]

R3 RemoteControl-USBLAN;RemoteControl-USBLAN;c:windowssystem32DRIVERSrcblan.sys [x]

R3 S3XXx64;SCR3xx USB SmartCardReader64;c:windowssystem32DRIVERSS3XXx64.sys [x]

R3 SwitchBoard;Adobe SwitchBoard;c:program files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:windowssystem32Driversusbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [x]

S0 ioatdma;Intel® QuickData Technology device;c:windowsSystem32Driversioatdma.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:windowssystem32DRIVERSvwififlt.sys [x]

S2 AESTFilters;Andrea ST Filters Service;c:windowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_056607ee0106e5e8AESTSr64.exe [2009-03-03 89600]

S2 AlienFusionService;Alienware Fusion Service;c:program filesAlienwareCommand CenterAlienFusionService.exe [2010-05-21 14648]

S2 FAService;FAService;c:program filesAlienwareCommand CenterAlienSenseFAService.exe [2010-04-04 2409800]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:program files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe [2010-03-04 13336]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe [2011-09-22 2253120]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [2011-09-22 381248]

S3 Acceler;Accelerometer Service;c:windowssystem32DRIVERSAcceler.sys [x]

S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:windowssystem32DRIVERSe1k62x64.sys [x]

S3 itecir;ITECIR Infrared Receiver;c:windowssystem32DRIVERSitecir.sys [x]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:windowssystem32driversLGBusEnum.sys [x]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:windowssystem32DRIVERSMpNWMon.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:windowssystem32driversnvhda64v.sys [x]

S3 RzSynapse;Razer Driver;c:windowssystem32DRIVERSRzSynapse.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:windowssystem32DRIVERSvwifimp.sys [x]

S3 WinRing0_1_2_0;WinRing0_1_2_0;c:program files (x86)OSDWinRing0x64.sys [2008-07-26 14544]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WINRING0_1_2_0

.

Contents of the 'Scheduled Tasks' folder

.

2011-11-14 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-1250342304-491281939-1565465998-1000Core.job

- c:usersJoe GregoryAppDataLocalGoogleUpdateGoogleUpdate.exe [2010-12-13 17:28]

.

2011-11-15 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-1250342304-491281939-1565465998-1000UA.job

- c:usersJoe GregoryAppDataLocalGoogleUpdateGoogleUpdate.exe [2010-12-13 17:28]

.

2011-11-14 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-1250342304-491281939-1565465998-1006Core.job

- c:usersGamingAppDataLocalGoogleUpdateGoogleUpdate.exe [2011-10-31 18:03]

.

2011-11-15 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-1250342304-491281939-1565465998-1006UA.job

- c:usersGamingAppDataLocalGoogleUpdateGoogleUpdate.exe [2011-10-31 18:03]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"SysTrayApp"="c:program filesIDTWDMsttray64.exe" [2009-09-16 487424]

"Broadcom Wireless Manager UI"="c:program filesDellDW WLAN CardWLTRAY.exe" [2009-12-17 5470208]

"IntelliPoint"="c:program filesMicrosoft IntelliPointipoint.exe" [2010-07-21 2327952]

"MSC"="c:program filesMicrosoft Security Clientmsseces.exe" [2011-06-15 1436736]

"NVHotkey"="c:windowssystem32nvHotkey.dll" [2011-05-21 326760]

.

------- Supplementary Scan -------

.

uLocal Page = c:windowssystem32blank.htm

uStart Page = hxxp://www.alienware.com/

mLocal Page = c:windowsSysWOW64blank.htm

TCP: DhcpNameServer = 10.0.0.1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil10u_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}LocalServer32]

@="c:WindowsSysWOW64MacromedFlashFlashUtil10u_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash10u.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash10u.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash10u.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash10u.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftDbgagD1*]

"value"="?07000a14,08?"

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]

@Denied: (Full) (Everyone)

.

Completion time: 2011-11-15 11:52:48

ComboFix-quarantined-files.txt 2011-11-15 17:52

ComboFix2.txt 2011-11-15 17:36

.

Pre-Run: 254,380,806,144 bytes free

Post-Run: 254,086,590,464 bytes free

.

- - End Of File - - 6BA3810D035D57EC0A2FB1335716AAA5

Edited by Joe Gregory III

Share this post


Link to post
Share on other sites

Well after running combo fix the issues seem to be gone. Let me know if there's anything else I need to do or not do :)

 

 

 

 

 

Edit: Spoke too soon, back to the way it was before. Standing by for more instruction!

Edited by Joe Gregory III

Share this post


Link to post
Share on other sites

Hi,

 

  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    DDS::
    
    mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
    
    BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    
    BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
    
    TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
    TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    
    BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    BHO-X64:		 Conduit Engine - No File
    
    BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
    BHO-X64:		 Vuze Remote - No File
    
    TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
    TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    
    RegNull::
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD\1*]
    
    Registry::
    
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\DbgagD]
    
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{ba14329e-9550-4989-b3f2-9732e92d17cc}"=-
    "{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
    
    DirLook::
    
    c:\users\Joe Gregory\.swt
    
  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

     

    Posted Image

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

----------

Share this post


Link to post
Share on other sites

ComboFix 11-11-15.01 - Gaming 11/15/2011 18:23:47.3.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6133.4081 [GMT -8:00]

Running from: c:usersGamingDesktopComboFix.exe

Command switches used :: c:usersGamingDesktopcfscript.txt

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2011-10-16 to 2011-11-16 )))))))))))))))))))))))))))))))

.

.

2011-11-16 02:33 . 2011-11-16 02:33 -------- d-----w- c:usersUpdatusUserAppDataLocaltemp

2011-11-16 02:33 . 2011-11-16 02:33 -------- d-----w- c:usersJoe GregoryAppDataLocaltemp

2011-11-16 02:33 . 2011-11-16 02:33 -------- d-----w- c:usersDefaultAppDataLocaltemp

2011-11-15 17:54 . 2011-11-15 17:54 69000 ----a-w- c:programdataMicrosoftMicrosoft AntimalwareDefinition Updates{B9E7DB3B-936C-4526-8369-F180231FDAC0}offreg.dll

2011-11-15 17:53 . 2011-10-18 07:27 8570192 ----a-w- c:programdataMicrosoftMicrosoft AntimalwareDefinition Updates{B9E7DB3B-936C-4526-8369-F180231FDAC0}mpengine.dll

2011-11-15 16:32 . 2011-10-18 07:27 8570192 ----a-w- c:programdataMicrosoftMicrosoft AntimalwareDefinition UpdatesBackupmpengine.dll

2011-11-14 18:50 . 2011-11-14 18:50 -------- d-----w- c:usersJoe GregoryAppDataLocalNVIDIA Corporation

2011-11-14 04:29 . 2011-11-14 04:29 -------- d-----w- c:windowssystem32temp

2011-11-14 04:29 . 2011-11-14 04:29 -------- d-----w- c:programdataPassMark

2011-11-14 04:29 . 2011-11-14 04:29 -------- d-----w- c:program filesBurnInTest

2011-11-13 23:26 . 2011-10-04 23:22 917840 ------w- c:programdataMicrosoftMicrosoft AntimalwareDefinition Updates{0DC5CDD5-D6B7-44A8-8969-9D6F8EF67811}gapaengine.dll

2011-11-13 23:13 . 2011-11-13 23:13 -------- d-----w- c:program files (x86)Microsoft Security Client

2011-11-13 23:13 . 2011-11-13 23:13 -------- d-----w- c:program filesMicrosoft Security Client

2011-11-13 23:08 . 2011-11-15 17:08 -------- d-----w- c:programdataPCPitstop

2011-11-13 22:48 . 2011-11-13 22:48 -------- d-----w- c:program files (x86)CPU Speed Pro

2011-11-13 22:00 . 2011-11-13 22:00 -------- d-----w- c:usersUpdatusUserAppDataLocalMicrosoft

2011-11-13 19:42 . 2011-11-13 19:42 -------- d-----w- c:program files (x86)Seagate

2011-11-13 18:31 . 2011-11-13 19:05 -------- d-----w- c:program files (x86)WinTools Software

2011-11-13 17:56 . 2011-11-13 21:56 -------- d-----w- c:usersTest

2011-11-13 16:56 . 2011-11-13 16:56 -------- d-----w- c:program filesCPUID

2011-11-13 15:58 . 2011-11-13 15:58 -------- d-----w- c:programdataNVIDIA Corporation

2011-11-13 14:47 . 2011-11-13 14:47 -------- d-----w- c:usersJoe GregoryAppDataRoamingMalwarebytes

2011-11-13 14:47 . 2011-11-13 14:47 -------- d-----w- c:programdataMalwarebytes

2011-11-13 14:47 . 2011-11-13 21:56 -------- d-----w- c:program files (x86)Malwarebytes' Anti-Malware

2011-11-13 14:40 . 2011-11-13 14:40 -------- d-----w- c:usersJoe GregoryAppDataLocalSkyrim

2011-11-13 06:31 . 2011-11-13 06:31 -------- d-----w- c:program files (x86)CleanMyPC

2011-11-09 22:18 . 2011-10-01 05:45 886784 ----a-w- c:program filesCommon FilesSystemwab32.dll

2011-11-09 22:18 . 2011-10-01 04:37 708608 ----a-w- c:program files (x86)Common FilesSystemwab32.dll

2011-11-09 22:18 . 2011-09-29 16:29 1923952 ----a-w- c:windowssystem32driverstcpip.sys

2011-11-09 22:18 . 2011-09-29 04:03 3144704 ----a-w- c:windowssystem32win32k.sys

2011-11-09 05:20 . 2011-11-09 05:20 -------- d-----w- c:usersJoe GregoryAppDataLocalwb games

2011-10-31 18:00 . 2011-11-13 22:07 -------- d-----w- c:usersGaming

2011-10-30 14:00 . 2011-10-30 14:00 -------- d-----w- c:usersJoe GregoryAppDataLocalChromium

2011-10-29 22:43 . 2011-10-29 22:43 -------- d-----w- c:program files (x86)PKR

2011-10-29 17:02 . 2011-07-07 23:21 29288 ----a-w- c:windowssystem32nvhdap64.dll

2011-10-29 17:02 . 2011-07-07 23:21 174184 ----a-w- c:windowssystem32driversnvhda64v.sys

2011-10-29 17:02 . 2011-07-07 23:21 1452648 ----a-w- c:windowssystem32nvhdagenco6420102.dll

2011-10-29 17:02 . 2011-09-22 22:41 1533248 ----a-w- c:windowssystem32nvdispco64.dll

2011-10-29 17:02 . 2011-09-22 22:41 1454400 ----a-w- c:windowssystem32nvgenco64.dll

2011-10-29 16:59 . 2011-11-13 21:50 -------- d-----w- C:NVIDIA

2011-10-29 16:11 . 2011-10-29 16:11 -------- d-----w- c:program files (x86)Common FilesJava

2011-10-28 19:56 . 2011-10-30 03:33 -------- d-----w- c:usersJoe GregoryAppDataLocalESN Sonar

2011-10-28 17:54 . 2011-10-31 05:02 280904 ----a-w- c:windowsSysWow64PnkBstrB.xtr

2011-10-28 17:54 . 2011-10-28 17:54 -------- d-----w- c:usersJoe GregoryAppDataLocalPunkBuster

2011-10-28 17:54 . 2011-10-28 17:54 -------- d-----w- c:program files (x86)Battlelog Web Plugins

2011-10-28 17:52 . 2011-10-28 17:52 -------- d-----w- c:programdataEA Core

2011-10-28 17:50 . 2011-10-28 17:50 -------- d--h--w- c:program files (x86)Common FilesEAInstaller

2011-10-28 17:49 . 2011-10-31 05:02 280904 ----a-w- c:windowsSysWow64PnkBstrB.exe

2011-10-28 17:49 . 2011-10-31 04:38 280904 ----a-w- c:windowsSysWow64PnkBstrB.ex0

2011-10-28 17:49 . 2011-10-28 17:49 75136 ----a-w- c:windowsSysWow64PnkBstrA.exe

2011-10-26 23:56 . 2008-03-05 21:56 4910088 ----a-w- c:windowssystem32D3DX9_37.dll

2011-10-26 22:23 . 2011-10-26 22:41 -------- d-----w- c:usersJoe GregoryAppDataRoamingOrigin

2011-10-26 22:23 . 2011-10-28 17:53 -------- d-----w- c:usersJoe GregoryAppDataLocalOrigin

2011-10-26 22:23 . 2011-11-13 21:54 -------- d-----w- c:programdataOrigin

2011-10-26 22:23 . 2011-11-13 21:52 -------- d-----w- c:programdataElectronic Arts

2011-10-26 22:23 . 2011-11-13 21:50 -------- d-----w- c:program files (x86)Origin Games

2011-10-26 22:22 . 2011-11-13 21:54 -------- d-----w- c:program files (x86)Origin

2011-10-26 21:41 . 2011-10-26 21:41 -------- d-----w- c:usersJoe Gregory.swt

2011-10-25 13:45 . 2011-10-25 13:46 -------- d-----w- c:program filesiTunes

2011-10-25 13:45 . 2011-10-25 13:46 -------- d-----w- c:program files (x86)iTunes

2011-10-25 13:45 . 2011-10-25 13:45 -------- d-----w- c:program filesiPod

2011-10-25 13:44 . 2011-10-25 13:44 -------- d-----w- c:program filesBonjour

2011-10-25 13:44 . 2011-10-25 13:44 -------- d-----w- c:program files (x86)Bonjour

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-03 11:06 . 2010-11-30 05:04 472808 ----a-w- c:windowsSysWow64deployJava1.dll

2011-09-01 05:24 . 2011-10-14 08:05 2309120 ----a-w- c:windowssystem32jscript9.dll

2011-09-01 05:17 . 2011-10-14 08:05 1389056 ----a-w- c:windowssystem32wininet.dll

2011-09-01 05:12 . 2011-10-14 08:05 2382848 ----a-w- c:windowssystem32mshtml.tlb

2011-09-01 02:35 . 2011-10-14 08:05 1798144 ----a-w- c:windowsSysWow64jscript9.dll

2011-09-01 02:28 . 2011-10-14 08:05 1126912 ----a-w- c:windowsSysWow64wininet.dll

2011-09-01 02:22 . 2011-10-14 08:05 2382848 ----a-w- c:windowsSysWow64mshtml.tlb

2011-08-31 05:05 . 2011-08-31 05:05 96104 ----a-w- c:windowssystem32dns-sd.exe

2011-08-31 05:05 . 2011-08-31 05:05 85864 ----a-w- c:windowssystem32dnssd.dll

2011-08-31 05:05 . 2011-08-31 05:05 61288 ----a-w- c:windowssystem32jdns_sd.dll

2011-08-31 05:05 . 2011-08-31 05:05 212840 ----a-w- c:windowssystem32dnssdX.dll

2011-08-31 05:05 . 2011-08-31 05:05 83816 ----a-w- c:windowsSysWow64dns-sd.exe

2011-08-31 05:05 . 2011-08-31 05:05 73064 ----a-w- c:windowsSysWow64dnssd.dll

2011-08-31 05:05 . 2011-08-31 05:05 50536 ----a-w- c:windowsSysWow64jdns_sd.dll

2011-08-31 05:05 . 2011-08-31 05:05 178536 ----a-w- c:windowsSysWow64dnssdX.dll

2011-08-27 05:37 . 2011-10-14 02:32 861696 ----a-w- c:windowssystem32oleaut32.dll

2011-08-27 05:37 . 2011-10-14 02:32 331776 ----a-w- c:windowssystem32oleacc.dll

2011-08-27 04:26 . 2011-10-14 02:32 571904 ----a-w- c:windowsSysWow64oleaut32.dll

2011-08-27 04:26 . 2011-10-14 02:32 233472 ----a-w- c:windowsSysWow64oleacc.dll

2011-08-26 22:21 . 2011-08-26 22:21 28056 ----a-w- c:windowssystem32xfcodec64.dll

.

.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

---- Directory of c:usersJoe Gregory.swt ----

.

2011-10-26 21:41 . 2011-10-26 21:41 118784 ----a-w- c:usersJoe Gregory.swtlibwin32x86swt-gdip-win32-3802.dll

2011-10-26 21:41 . 2011-10-26 21:41 430080 ----a-w- c:usersJoe Gregory.swtlibwin32x86swt-win32-3802.dll

.

.

((((((((((((((((((((((((((((( [email protected]_17.32.30 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-12-19 18:22 . 2011-11-16 02:15 389522 c:windowssystem32wdiSuspendPerformanceDiagnostics_SystemData_S3.bin

+ 2009-07-14 02:36 . 2011-11-16 01:28 662674 c:windowssystem32perfh009.dat

- 2009-07-14 02:36 . 2011-11-13 23:13 662674 c:windowssystem32perfh009.dat

+ 2009-07-14 02:36 . 2011-11-16 01:28 122470 c:windowssystem32perfc009.dat

- 2009-07-14 02:36 . 2011-11-13 23:13 122470 c:windowssystem32perfc009.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]

"OSD_LAUNCH"="c:program files (x86)OSDLaunch.exe" [2010-01-05 32768]

"IAStorIcon"="c:program files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe" [2010-03-04 284696]

"FATrayAlert"="c:program filesAlienwareCommand CenterAlienSenseFATrayMon.exe" [2010-04-04 95560]

"PWRISOVM.EXE"="c:program files (x86)PowerISOPWRISOVM.EXE" [2008-11-02 167936]

.

c:usersGamingAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

OpenOffice.org 3.3.lnk - c:program files (x86)OpenOffice.org 3programquickstart.exe [2010-12-13 1198592]

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifyFastAccess]

2010-04-04 18:43 144712 ----a-w- c:program filesAlienwareCommand CenterAlienSenseFALogNot.dll

.

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa]

Notification Packages REG_MULTI_SZ scecli FAPassSync

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalMsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-03-18 138576]

R2 HappyOSD;HappyOSD;c:program files (x86)OSDOSD_Service.exe [2010-01-04 16384]

R3 btusbflt;Bluetooth USB Filter;c:windowssystem32driversbtusbflt.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:windowssystem32DRIVERSbtwl2cap.sys [x]

R3 FACAP;facap, FastAccess Video Capture;c:windowssystem32DRIVERSfacap.sys [x]

R3 IAMTVE;Driver for Intel® Active Management Technology - KCS;c:windowssystem32DRIVERSIAMTVE.sys [x]

R3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;c:windowssystem32DRIVERSIAMTXPE.sys [x]

R3 ioatdma1;ioatdma1;c:windowsSystem32Driversqd162x64.sys [x]

R3 ioatdma2;Intel® QuickData Technology device ver.2;c:windowsSystem32Driversqd262x64.sys [x]

R3 iSSetup;iSSetup;c:windowssystem32DRIVERSiSSetup.sys [x]

R3 ivusb;Initio Driver for USB Default Controller;c:windowssystem32DRIVERSivusb.sys [x]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:windowssystem32driversLGVirHid.sys [x]

R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;c:windowssystem32DRIVERSnetr28ux.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:windowssystem32DRIVERSNisDrvWFP.sys [x]

R3 NisSrv;Microsoft Network Inspection;c:program filesMicrosoft Security ClientAntimalwareNisSrv.exe [2011-04-27 288272]

R3 Point64;Microsoft IntelliPoint Filter Driver;c:windowssystem32DRIVERSpoint64.sys [x]

R3 RemoteControl-USBLAN;RemoteControl-USBLAN;c:windowssystem32DRIVERSrcblan.sys [x]

R3 S3XXx64;SCR3xx USB SmartCardReader64;c:windowssystem32DRIVERSS3XXx64.sys [x]

R3 SwitchBoard;Adobe SwitchBoard;c:program files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:windowssystem32Driversusbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe [x]

S0 ioatdma;Intel® QuickData Technology device;c:windowsSystem32Driversioatdma.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:windowssystem32DRIVERSvwififlt.sys [x]

S2 AESTFilters;Andrea ST Filters Service;c:windowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_056607ee0106e5e8AESTSr64.exe [2009-03-03 89600]

S2 AlienFusionService;Alienware Fusion Service;c:program filesAlienwareCommand CenterAlienFusionService.exe [2010-05-21 14648]

S2 FAService;FAService;c:program filesAlienwareCommand CenterAlienSenseFAService.exe [2010-04-04 2409800]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:program files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe [2010-03-04 13336]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:program files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe [2011-09-22 2253120]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [2011-09-22 381248]

S3 Acceler;Accelerometer Service;c:windowssystem32DRIVERSAcceler.sys [x]

S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:windowssystem32DRIVERSe1k62x64.sys [x]

S3 itecir;ITECIR Infrared Receiver;c:windowssystem32DRIVERSitecir.sys [x]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:windowssystem32driversLGBusEnum.sys [x]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:windowssystem32DRIVERSMpNWMon.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:windowssystem32driversnvhda64v.sys [x]

S3 RzSynapse;Razer Driver;c:windowssystem32DRIVERSRzSynapse.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:windowssystem32DRIVERSvwifimp.sys [x]

S3 WinRing0_1_2_0;WinRing0_1_2_0;c:program files (x86)OSDWinRing0x64.sys [2008-07-26 14544]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WINRING0_1_2_0

.

Contents of the 'Scheduled Tasks' folder

.

2011-11-14 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-1250342304-491281939-1565465998-1000Core.job

- c:usersJoe GregoryAppDataLocalGoogleUpdateGoogleUpdate.exe [2010-12-13 17:28]

.

2011-11-16 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-1250342304-491281939-1565465998-1000UA.job

- c:usersJoe GregoryAppDataLocalGoogleUpdateGoogleUpdate.exe [2010-12-13 17:28]

.

2011-11-15 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-1250342304-491281939-1565465998-1006Core.job

- c:usersGamingAppDataLocalGoogleUpdateGoogleUpdate.exe [2011-10-31 18:03]

.

2011-11-16 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-1250342304-491281939-1565465998-1006UA.job

- c:usersGamingAppDataLocalGoogleUpdateGoogleUpdate.exe [2011-10-31 18:03]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]

"SysTrayApp"="c:program filesIDTWDMsttray64.exe" [2009-09-16 487424]

"Broadcom Wireless Manager UI"="c:program filesDellDW WLAN CardWLTRAY.exe" [2009-12-17 5470208]

"IntelliPoint"="c:program filesMicrosoft IntelliPointipoint.exe" [2010-07-21 2327952]

"MSC"="c:program filesMicrosoft Security Clientmsseces.exe" [2011-06-15 1436736]

"NVHotkey"="c:windowssystem32nvHotkey.dll" [2011-05-21 326760]

.

------- Supplementary Scan -------

.

uLocal Page = c:windowssystem32blank.htm

uStart Page = hxxp://www.alienware.com/

mLocal Page = c:windowsSysWOW64blank.htm

TCP: DhcpNameServer = 10.0.0.1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil10u_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}LocalServer32]

@="c:WindowsSysWOW64MacromedFlashFlashUtil10u_ActiveX.exe"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{A483C63A-CDBC-426E-BF93-872502E8144E}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash10u.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash10u.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32]

@="c:WindowsSysWOW64MacromedFlashFlash10u.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32]

@="c:WindowsSysWOW64MacromedFlashFlash10u.ocx, 1"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version]

@="1.0"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]

@Denied: (Full) (Everyone)

.

Completion time: 2011-11-15 18:37:30

ComboFix-quarantined-files.txt 2011-11-16 02:37

ComboFix2.txt 2011-11-15 17:52

ComboFix3.txt 2011-11-15 17:36

.

Pre-Run: 255,614,681,088 bytes free

Post-Run: 255,560,253,440 bytes free

.

- - End Of File - - 878D62A0EC5FCA68008FE3CE08756365

Share this post


Link to post
Share on other sites

Hi,

 

 

I see that you have Malwarebytes on your system. Please open Malwarebytes, update it and then run a Quick Scan. Please save the log that is created for your next reply.

----------

 

 

ESET Online Scanner

I'd like us to scan your machine with ESET Online Scan

 

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.

Please don't go surfing while your resident protection is disabled!

Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.

 

 

As a Vista/Win7 user you will need to right click your browser icon and select "Run as Administrator" in order to run this scan.

  • Do not use this instance of your browser for anything besides doing this scan
  • When the scan is complete and the results saved, close that instance of your browser
  • Open a new one the usual way and post the results in this topic.
  • Right-click and Run as Administartor on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin

    scanning your computer. Please be patient as this can take some time.

  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as

    ESETScan. Include the contents of this report in your next reply.

  • Push the Back button.
  • Push Finish
http://www.eset.com/onlinescan/

----------

 

In your next reply please post the logs created by Malwarebytes and ESET online scanner. :)

Share this post


Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

 

Database version: 8176

 

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

 

11/16/2011 11:14:54 AM

mbam-log-2011-11-16 (11-14-54).txt

 

Scan type: Quick scan

Objects scanned: 211724

Time elapsed: 2 minute(s), 27 second(s)

 

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

 

Memory Processes Infected:

(No malicious items detected)

 

Memory Modules Infected:

(No malicious items detected)

 

Registry Keys Infected:

(No malicious items detected)

 

Registry Values Infected:

(No malicious items detected)

 

Registry Data Items Infected:

(No malicious items detected)

 

Folders Infected:

(No malicious items detected)

 

Files Infected:

(No malicious items detected)

 

 

 

 

ESET did not give me an option to export, as it said there were no threats found.

Edited by Joe Gregory III

Share this post


Link to post
Share on other sites

Hi Joe,

 

Please run DDS once more and post both of the logs that are created into your next reply. :)

 

When we remove our tools I will give you some good information you can look over to help you prevent possible future infections.

Share this post


Link to post
Share on other sites

.

DDS (Ver_2011-06-23.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Joe Gregory at 10:04:31 on 2011-11-17

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6133.2493 [GMT -8:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:Windowssystem32wininit.exe

C:Windowssystem32lsm.exe

C:Windowssystem32svchost.exe -k DcomLaunch

C:Windowssystem32nvvsvc.exe

C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe

C:Windowssystem32svchost.exe -k RPCSS

c:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe

C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted

C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted

C:Program FilesAlienwareCommand CenterAlienSenseFAService.exe

C:Windowssystem32svchost.exe -k netsvcs

C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_056607ee0106e5e8STacSV64.exe

C:Windowssystem32svchost.exe -k LocalService

C:Windowssystem32WUDFHost.exe

C:Windowssystem32WUDFHost.exe

C:Program FilesDellDW WLAN CardWLTRYSVC.EXE

C:Windowssystem32WLANExt.exe

C:Windowssystem32conhost.exe

C:Program FilesDellDW WLAN Cardbcmwltry.exe

C:WindowsSystem32spoolsv.exe

C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation

C:Windowssystem32svchost.exe -k LocalServiceNoNetwork

C:WindowsSystem32svchost.exe -k NetworkService

C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_056607ee0106e5e8AESTSr64.exe

C:Program FilesAlienwareCommand CenterAlienFusionService.exe

C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe

C:Program FilesBonjourmDNSResponder.exe

c:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe

C:Program Files (x86)OSDOSD_Service.exe

C:Program Files (x86)Common FilesNeroNero BackItUp 4NBService.exe

C:WindowsSystem32svchost.exe -k HPZ12

C:Program Files (x86)NVIDIA CorporationnTunenTuneService.exe

C:WindowsSystem32svchost.exe -k HPZ12

C:WindowsSysWOW64PnkBstrA.exe

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe

C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted

C:Windowssystem32wbemwmiprvse.exe

C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe

C:Program Files (x86)Common FilesIntuitUpdate ServiceIntuitUpdateService.exe

C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe

C:Windowssystem32SearchIndexer.exe

C:Windowssystem32taskhost.exe

c:Program FilesMicrosoft Security ClientAntimalwareNisSrv.exe

C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe

C:Windowssystem32nvvsvc.exe

C:Program FilesWindows Media Playerwmpnetwk.exe

C:Windowssystem32taskhost.exe

C:Windowssystem32Dwm.exe

C:WindowsExplorer.EXE

C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe

C:Program FilesIDTWDMsttray64.exe

C:Program FilesDellDW WLAN CardWLTRAY.EXE

C:Program FilesMicrosoft IntelliPointipoint.exe

C:Program FilesMicrosoft Security Clientmsseces.exe

C:Program FilesMicrosoft IntelliPointdpupdchk.exe

C:Program FilesNVIDIA CorporationDisplaynvtray.exe

C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe

C:Program FilesAlienwareCommand CenterAlienSenseFATrayMon.exe

C:Program Files (x86)POWERISOPWRISOVM.EXE

C:Program Files (x86)OSDOSD_Main.exe

C:Program FilesAlienwareCommand CenterAlienSenseFATrayAlert.exe

C:Program Files (x86)Common FilesSteamSteamService.exe

C:UsersGamingAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersGamingAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersGamingAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersGamingAppDataLocalGoogleChromeApplicationchrome.exe

C:WindowsSysWOW64rundll32.exe

C:UsersGamingAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersGamingAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersGamingAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersGamingAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersGamingAppDataLocalGoogleChromeApplicationchrome.exe

C:Program Files (x86)AdobeReader 9.0ReaderAcroRd32.exe

C:UsersGamingAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersGamingAppDataLocalGoogleChromeApplicationchrome.exe

C:Program Files (x86)Common FilesAdobeUpdater6Adobe_Updater.exe

C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe

C:Windowssystem32nvvsvc.exe

C:Windowssystem32taskhost.exe

C:Windowssystem32taskeng.exe

C:Windowssystem32Dwm.exe

C:Program Files (x86)IObitGame Boostergbtray.exe

C:WindowsExplorer.EXE

C:Program FilesIDTWDMsttray64.exe

C:Program FilesDellDW WLAN CardWLTRAY.EXE

C:Program FilesMicrosoft IntelliPointipoint.exe

C:Program FilesMicrosoft Security Clientmsseces.exe

C:UsersJoe GregoryAppDataLocalGoogleUpdateGoogleUpdate.exe

C:Program Files (x86)SteamSteam.exe

C:Program Files (x86)VuzeAzureus.exe

C:UsersJoe GregoryAppDataRoamingDropboxbinDropbox.exe

C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe

C:Program FilesAlienwareCommand CenterAlienSenseFATrayMon.exe

C:Program Files (x86)POWERISOPWRISOVM.EXE

C:UsersJoe GregoryAppDataLocalGoogleUpdate1.3.21.79GoogleCrashHandler.exe

C:Program Files (x86)OSDOSD_Main.exe

C:Program Files (x86)NVIDIA CorporationnTunenTuneCmd.exe

C:Program FilesAlienwareCommand CenterAlienSenseFATrayAlert.exe

C:Program FilesMicrosoft IntelliPointdpupdchk.exe

C:Program FilesAlienwareCommand CenterAlienFusionController.exe

C:Program FilesWindows Media PlayerWMPSideShowGadget.exe

C:Program Files (x86)Windows Media Playerwmplayer.exe

C:UsersJoe GregoryAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersJoe GregoryAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersJoe GregoryAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersJoe GregoryAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersJoe GregoryAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersJoe GregoryAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersJoe GregoryAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersJoe GregoryAppDataLocalGoogleChromeApplicationchrome.exe

C:UsersJoe GregoryAppDataLocalGoogleChromeApplicationchrome.exe

C:Windowssystem32DllHost.exe

C:Windowssystem32DllHost.exe

C:WindowsSysWOW64cmd.exe

C:Windowssystem32conhost.exe

C:WindowsSysWOW64cscript.exe

C:Windowssystem32wbemwmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uDefault_Page_URL = hxxp://www.alienware.com/

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll

uURLSearchHooks: H - No File

mURLSearchHooks: H - No File

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

BHO: SSOIEAddonBHO Class: {da5bce70-d057-4d63-943d-5f3927ec59f1} - C:Program FilesAlienwareCommand CenterAlienSenseFAIESSO.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:Program Files (x86)Javajre6binjp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:Program Files (x86)Yahoo!CompanionInstallscpnYTSingleInstance.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll

{555d4d79-4bd2-4094-a395-cfc534424a05}

uRun: [Google Update] "C:UsersJoe GregoryAppDataLocalGoogleUpdateGoogleUpdate.exe" /c

uRun: [steam] "C:Program Files (x86)Steamsteam.exe" -silent

uRun: [skype] "C:Program Files (x86)SkypePhoneSkype.exe" /nosplash /minimized

uRun: [Azureus] C:Program Files (x86)VuzeAzureus.exe

mRun: [OSD_LAUNCH] c:Program Files (x86)OSDLaunch.exe

mRun: [iAStorIcon] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe

mRun: [FATrayAlert] C:Program FilesAlienwareCommand CenterAlienSenseFATrayMon.exe

mRun: [PWRISOVM.EXE] C:Program Files (x86)PowerISOPWRISOVM.EXE

mRun: [FAStartup]

mRun: [Malwarebytes' Anti-Malware] "C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe" /starttray

StartupFolder: C:UsersJOEGRE~1AppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupDropbox.lnk - C:UsersJoe GregoryAppDataRoamingDropboxbinDropbox.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Send image to &Bluetooth Device... - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: intuit.comttlc

Trusted Zone: soe.com

Trusted Zone: sony.com

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll

TCP: DhcpNameServer = 10.0.0.1

TCP: Interfaces{13FE863B-B116-42FB-A2B1-748C35E9E8B2} : DhcpNameServer = 192.168.0.1

TCP: Interfaces{13FE863B-B116-42FB-A2B1-748C35E9E8B2}35963535976596C6C61676560214C6C60235579647560284F64756C6 : DhcpNameServer = 192.168.0.1

TCP: Interfaces{13FE863B-B116-42FB-A2B1-748C35E9E8B2}35963737976596C6C61676560214C6C60235579647560284F64756C602 : DhcpNameServer = 192.168.0.1

TCP: Interfaces{2CC954AF-5EC3-4C88-9C11-CA990A296B21} : DhcpNameServer = 12.127.16.67 69.60.160.196

TCP: Interfaces{F3F200F6-E432-4BDC-94CC-47AEDE094030} : DhcpNameServer = 10.0.0.1

TCP: Interfaces{F3F200F6-E432-4BDC-94CC-47AEDE094030}2456C6B696E6F5E4F575962756C6563737 : DhcpNameServer = 192.168.2.1

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll

Notify: FastAccess - C:Program FilesAlienwareCommand CenterAlienSenseFALogNot.dll

LSA: Notification Packages = scecli FAPassSync

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

BHO-X64: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:Program FilesAlienwareCommand CenterAlienSenseFAIESSO.dll

BHO-X64: SSOIEAddonBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dll

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:Program Files (x86)Yahoo!CompanionInstallscpnYTSingleInstance.dll

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

mRun-x64: [OSD_LAUNCH] c:Program Files (x86)OSDLaunch.exe

mRun-x64: [iAStorIcon] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe

mRun-x64: [FATrayAlert] C:Program FilesAlienwareCommand CenterAlienSenseFATrayMon.exe

mRun-x64: [PWRISOVM.EXE] C:Program Files (x86)PowerISOPWRISOVM.EXE

mRun-x64: [FAStartup]

mRun-x64: [Malwarebytes' Anti-Malware] "C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe" /starttray

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm

.

============= SERVICES / DRIVERS ===============

.

R0 ioatdma;Intel® QuickData Technology device;C:Windowssystem32Driversioatdma.sys --> C:Windowssystem32Driversioatdma.sys [?]

R1 MpFilter;Microsoft Malware Protection Driver;C:Windowssystem32DRIVERSMpFilter.sys --> C:Windowssystem32DRIVERSMpFilter.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:Windowssystem32DRIVERSvwififlt.sys --> C:Windowssystem32DRIVERSvwififlt.sys [?]

R2 AESTFilters;Andrea ST Filters Service;C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_056607ee0106e5e8AESTSr64.exe [2010-10-27 89600]

R2 AlienFusionService;Alienware Fusion Service;C:Program FilesAlienwareCommand CenterAlienFusionService.exe [2010-5-21 14648]

R2 FAService;FAService;C:Program FilesAlienwareCommand CenterAlienSenseFAService.exe [2010-4-4 2409800]

R2 HappyOSD;HappyOSD;C:Program Files (x86)OSDOSD_Service.exe [2010-1-4 16384]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe [2010-11-29 13336]

R2 MBAMService;MBAMService;C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2011-11-16 366152]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe [2011-5-30 2253120]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [2011-9-22 381248]

R3 Acceler;Accelerometer Service;C:Windowssystem32DRIVERSAcceler.sys --> C:Windowssystem32DRIVERSAcceler.sys [?]

R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:Windowssystem32DRIVERSe1k62x64.sys --> C:Windowssystem32DRIVERSe1k62x64.sys [?]

R3 itecir;ITECIR Infrared Receiver;C:Windowssystem32DRIVERSitecir.sys --> C:Windowssystem32DRIVERSitecir.sys [?]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:Windowssystem32driversLGBusEnum.sys --> C:Windowssystem32driversLGBusEnum.sys [?]

R3 MBAMProtector;MBAMProtector;??C:Windowssystem32driversmbam.sys --> C:Windowssystem32driversmbam.sys [?]

R3 MpNWMon;Microsoft Malware Protection Network Driver;C:Windowssystem32DRIVERSMpNWMon.sys --> C:Windowssystem32DRIVERSMpNWMon.sys [?]

R3 NisDrv;Microsoft Network Inspection System;C:Windowssystem32DRIVERSNisDrvWFP.sys --> C:Windowssystem32DRIVERSNisDrvWFP.sys [?]

R3 NisSrv;Microsoft Network Inspection;C:Program FilesMicrosoft Security ClientAntimalwareNisSrv.exe [2011-4-27 288272]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:Windowssystem32driversnvhda64v.sys --> C:Windowssystem32driversnvhda64v.sys [?]

R3 RzSynapse;Razer Driver;C:Windowssystem32DRIVERSRzSynapse.sys --> C:Windowssystem32DRIVERSRzSynapse.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:Windowssystem32DRIVERSvwifimp.sys --> C:Windowssystem32DRIVERSvwifimp.sys [?]

R3 WinRing0_1_2_0;WinRing0_1_2_0;C:Program Files (x86)OSDWinRing0x64.sys [2008-7-26 14544]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]

S3 btusbflt;Bluetooth USB Filter;C:Windowssystem32driversbtusbflt.sys --> C:Windowssystem32driversbtusbflt.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:Windowssystem32DRIVERSbtwl2cap.sys --> C:Windowssystem32DRIVERSbtwl2cap.sys [?]

S3 FACAP;facap, FastAccess Video Capture;C:Windowssystem32DRIVERSfacap.sys --> C:Windowssystem32DRIVERSfacap.sys [?]

S3 IAMTVE;Driver for Intel® Active Management Technology - KCS;C:Windowssystem32DRIVERSIAMTVE.sys --> C:Windowssystem32DRIVERSIAMTVE.sys [?]

S3 IAMTXPE;Driver for Intel® Active Management Technology - KCS;C:Windowssystem32DRIVERSIAMTXPE.sys --> C:Windowssystem32DRIVERSIAMTXPE.sys [?]

S3 ioatdma1;ioatdma1;C:Windowssystem32Driversqd162x64.sys --> C:Windowssystem32Driversqd162x64.sys [?]

S3 ioatdma2;Intel® QuickData Technology device ver.2;C:Windowssystem32Driversqd262x64.sys --> C:Windowssystem32Driversqd262x64.sys [?]

S3 iSSetup;iSSetup;C:Windowssystem32DRIVERSiSSetup.sys --> C:Windowssystem32DRIVERSiSSetup.sys [?]

S3 ivusb;Initio Driver for USB Default Controller;C:Windowssystem32DRIVERSivusb.sys --> C:Windowssystem32DRIVERSivusb.sys [?]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:Windowssystem32driversLGVirHid.sys --> C:Windowssystem32driversLGVirHid.sys [?]

S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;C:Windowssystem32DRIVERSnetr28ux.sys --> C:Windowssystem32DRIVERSnetr28ux.sys [?]

S3 RemoteControl-USBLAN;RemoteControl-USBLAN;C:Windowssystem32DRIVERSrcblan.sys --> C:Windowssystem32DRIVERSrcblan.sys [?]

S3 S3XXx64;SCR3xx USB SmartCardReader64;C:Windowssystem32DRIVERSS3XXx64.sys --> C:Windowssystem32DRIVERSS3XXx64.sys [?]

S3 SwitchBoard;Adobe SwitchBoard;C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:Windowssystem32driverstsusbflt.sys --> C:Windowssystem32driverstsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:Windowssystem32Driversusbaapl64.sys --> C:Windowssystem32Driversusbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:Windowssystem32WatWatAdminSvc.exe --> C:Windowssystem32WatWatAdminSvc.exe [?]

.

=============== File Associations ===============

.

.txt=UltraEdit.txt

.

=============== Created Last 30 ================

.

2011-11-17 06:16:22 69000 ----a-w- C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{7DBAFC58-5D92-44BE-BCA5-9EFCE1CCFE6E}offreg.dll

2011-11-17 06:16:17 8570192 ----a-w- C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{7DBAFC58-5D92-44BE-BCA5-9EFCE1CCFE6E}mpengine.dll

2011-11-16 17:23:37 -------- d-----w- C:Program Files (x86)ESET

2011-11-16 16:58:41 25416 ----a-w- C:WindowsSystem32driversmbam.sys

2011-11-16 16:46:49 -------- d-sh--w- C:$RECYCLE.BIN

2011-11-16 02:37:32 -------- d-----w- C:UsersJoe GregoryAppDataLocaltemp

2011-11-15 17:12:53 98816 ----a-w- C:Windowssed.exe

2011-11-15 17:12:53 518144 ----a-w- C:WindowsSWREG.exe

2011-11-15 17:12:53 256000 ----a-w- C:WindowsPEV.exe

2011-11-15 17:12:53 208896 ----a-w- C:WindowsMBR.exe

2011-11-15 16:32:54 8570192 ----a-w- C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition UpdatesBackupmpengine.dll

2011-11-14 18:50:55 -------- d-----w- C:UsersJoe GregoryAppDataLocalNVIDIA Corporation

2011-11-14 04:29:13 -------- d-----w- C:WindowsSystem32temp

2011-11-14 04:29:13 -------- d-----w- C:ProgramDataPassMark

2011-11-14 04:29:02 -------- d-----w- C:Program FilesBurnInTest

2011-11-13 23:26:35 917840 ------w- C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{0DC5CDD5-D6B7-44A8-8969-9D6F8EF67811}gapaengine.dll

2011-11-13 23:13:23 -------- d-----w- C:Program Files (x86)Microsoft Security Client

2011-11-13 23:13:13 -------- d-----w- C:Program FilesMicrosoft Security Client

2011-11-13 23:08:41 -------- d-----w- C:ProgramDataPCPitstop

2011-11-13 22:57:47 -------- d-----w- C:Windowspss

2011-11-13 22:48:13 -------- d-----w- C:Program Files (x86)CPU Speed Pro

2011-11-13 19:42:53 -------- d-----w- C:Program Files (x86)Seagate

2011-11-13 18:31:44 -------- d-----w- C:Program Files (x86)WinTools Software

2011-11-13 16:56:39 -------- d-----w- C:Program FilesCPUID

2011-11-13 15:58:01 -------- d-----w- C:ProgramDataNVIDIA Corporation

2011-11-13 14:47:38 -------- d-----w- C:UsersJoe GregoryAppDataRoamingMalwarebytes

2011-11-13 14:47:25 -------- d-----w- C:ProgramDataMalwarebytes

2011-11-13 14:47:19 -------- d-----w- C:Program Files (x86)Malwarebytes' Anti-Malware

2011-11-13 14:40:32 -------- d-----w- C:UsersJoe GregoryAppDataLocalSkyrim

2011-11-13 06:31:21 -------- d-----w- C:Program Files (x86)CleanMyPC

2011-11-09 22:18:24 886784 ----a-w- C:Program FilesCommon FilesSystemwab32.dll

2011-11-09 22:18:24 708608 ----a-w- C:Program Files (x86)Common FilesSystemwab32.dll

2011-11-09 22:18:23 1923952 ----a-w- C:WindowsSystem32driverstcpip.sys

2011-11-09 22:18:20 3144704 ----a-w- C:WindowsSystem32win32k.sys

2011-11-09 05:20:08 -------- d-----w- C:UsersJoe GregoryAppDataLocalwb games

2011-10-31 03:54:25 -------- d-----w- C:UsersJoe GregoryAppDataLocal{1F653DA0-AFFE-473C-9586-85A551C16693}

2011-10-30 14:00:01 -------- d-----w- C:UsersJoe GregoryAppDataLocalChromium

2011-10-29 22:43:36 -------- d-----w- C:Program Files (x86)PKR

2011-10-29 17:02:57 29288 ----a-w- C:WindowsSystem32nvhdap64.dll

2011-10-29 17:02:57 174184 ----a-w- C:WindowsSystem32driversnvhda64v.sys

2011-10-29 17:02:56 1452648 ----a-w- C:WindowsSystem32nvhdagenco6420102.dll

2011-10-29 17:02:41 1533248 ----a-w- C:WindowsSystem32nvdispco64.dll

2011-10-29 17:02:41 1454400 ----a-w- C:WindowsSystem32nvgenco64.dll

2011-10-29 16:59:39 -------- d-----w- C:NVIDIA

2011-10-28 19:56:04 -------- d-----w- C:UsersJoe GregoryAppDataLocalESN Sonar

2011-10-28 17:54:59 280904 ----a-w- C:WindowsSysWow64PnkBstrB.xtr

2011-10-28 17:54:56 -------- d-----w- C:UsersJoe GregoryAppDataLocalPunkBuster

2011-10-28 17:54:00 -------- d-----w- C:Program Files (x86)Battlelog Web Plugins

2011-10-28 17:52:02 -------- d-----w- C:ProgramDataEA Core

2011-10-28 17:50:13 -------- d--h--w- C:Program Files (x86)Common FilesEAInstaller

2011-10-28 17:49:39 280904 ----a-w- C:WindowsSysWow64PnkBstrB.exe

2011-10-28 17:49:39 280904 ----a-w- C:WindowsSysWow64PnkBstrB.ex0

2011-10-28 17:49:38 75136 ----a-w- C:WindowsSysWow64PnkBstrA.exe

2011-10-26 23:56:59 4910088 ----a-w- C:WindowsSystem32D3DX9_37.dll

2011-10-26 22:23:33 -------- d-----w- C:UsersJoe GregoryAppDataRoamingOrigin

2011-10-26 22:23:28 -------- d-----w- C:UsersJoe GregoryAppDataLocalOrigin

2011-10-26 22:23:05 -------- d-----w- C:ProgramDataOrigin

2011-10-26 22:23:05 -------- d-----w- C:ProgramDataElectronic Arts

2011-10-26 22:23:05 -------- d-----w- C:Program Files (x86)Origin Games

2011-10-26 22:22:47 -------- d-----w- C:Program Files (x86)Origin

2011-10-26 21:41:26 -------- d-----w- C:UsersJoe Gregory.swt

2011-10-25 13:45:57 -------- d-----w- C:Program FilesiTunes

2011-10-25 13:45:57 -------- d-----w- C:Program FilesiPod

2011-10-25 13:45:57 -------- d-----w- C:Program Files (x86)iTunes

2011-10-25 13:44:02 -------- d-----w- C:Program FilesBonjour

2011-10-25 13:44:02 -------- d-----w- C:Program Files (x86)Bonjour

.

==================== Find3M ====================

.

2011-10-03 11:06:03 472808 ----a-w- C:WindowsSysWow64deployJava1.dll

2011-09-01 05:24:07 2309120 ----a-w- C:WindowsSystem32jscript9.dll

2011-09-01 05:17:57 1389056 ----a-w- C:WindowsSystem32wininet.dll

2011-09-01 05:12:04 2382848 ----a-w- C:WindowsSystem32mshtml.tlb

2011-09-01 02:35:59 1798144 ----a-w- C:WindowsSysWow64jscript9.dll

2011-09-01 02:28:15 1126912 ----a-w- C:WindowsSysWow64wininet.dll

2011-09-01 02:22:54 2382848 ----a-w- C:WindowsSysWow64mshtml.tlb

2011-08-31 05:05:32 96104 ----a-w- C:WindowsSystem32dns-sd.exe

2011-08-31 05:05:32 85864 ----a-w- C:WindowsSystem32dnssd.dll

2011-08-31 05:05:32 61288 ----a-w- C:WindowsSystem32jdns_sd.dll

2011-08-31 05:05:32 212840 ----a-w- C:WindowsSystem32dnssdX.dll

2011-08-31 05:05:04 83816 ----a-w- C:WindowsSysWow64dns-sd.exe

2011-08-31 05:05:04 73064 ----a-w- C:WindowsSysWow64dnssd.dll

2011-08-31 05:05:04 50536 ----a-w- C:WindowsSysWow64jdns_sd.dll

2011-08-31 05:05:04 178536 ----a-w- C:WindowsSysWow64dnssdX.dll

2011-08-27 05:37:49 861696 ----a-w- C:WindowsSystem32oleaut32.dll

2011-08-27 05:37:48 331776 ----a-w- C:WindowsSystem32oleacc.dll

2011-08-27 04:26:27 571904 ----a-w- C:WindowsSysWow64oleaut32.dll

2011-08-27 04:26:27 233472 ----a-w- C:WindowsSysWow64oleacc.dll

2011-08-26 22:21:30 28056 ----a-w- C:WindowsSystem32xfcodec64.dll

.

============= FINISH: 10:05:51.72 ===============

 

 

 

 

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-06-23.01)

.

Microsoft Windows 7 Home Premium

Boot Device: DeviceHarddiskVolume2

Install Date: 12/13/2010 9:54:26 AM

System Uptime: 11/15/2011 10:09:20 PM (36 hours ago)

.

Motherboard: Alienware | |

Processor: Intel® Core i7 CPU Q 740 @ 1.73GHz | CPU 1 | 1730/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 451 GiB total, 225.376 GiB free.

D: is CDROM ()

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description: Photosmart D110 series

Device ID: ROOTMULTIFUNCTION0001

Manufacturer:

Name: Photosmart D110 series

PNP Device ID: ROOTMULTIFUNCTION0001

Service:

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: facap, FastAccess Video Capture

Device ID: ROOTIMAGE0000

Manufacturer: Sensible Vision

Name: facap, FastAccess Video Capture

PNP Device ID: ROOTIMAGE0000

Service: FACAP

.

==== System Restore Points ===================

.

RP189: 11/16/2011 10:15:42 PM - Windows Update

.

==== Installed Programs ======================

.

.

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Photoshop CS5

Adobe Reader 9.1.2

Advanced Combat Tracker (remove only)

Advanced Port Scanner v1.3

Advertising Center

Apple Application Support

Apple Software Update

Banctec Service Agreement

Bandwidth Monitor

Battlefield 3™

Battlelog Web Plugins

BoneTown

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Command Center

Conduit Engine

Counter-Strike: Source

CPU Speed Pro version 3

Curse Client

CyberLink YouCam

D3DX10

Diablo II

Digsby

Dropbox

Dungeon Defenders

Dungeon Siege III

Dungeons & Dragons: Daggerdale

EasyBits GO

ESET Online Scanner v3

ESN Sonar

Fallout: New Vegas

Game Booster

Google Chrome

HiJackThis

HP Update

ImagXpress

Intel® Control Center

Intel® Rapid Storage Technology

Java Auto Updater

Java 6 Update 20

Java 6 Update 29

Logitech Harmony Remote Software 7

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mumble 1.2.3

Nero 9 Essentials

Nero BurnRights

Nero BurnRights Help

Nero ControlCenter

Nero CoverDesigner

Nero CoverDesigner Help

Nero Disc Copy Gadget

Nero Disc Copy Gadget Help

Nero DiscSpeed

Nero DiscSpeed Help

Nero DriveSpeed

Nero DriveSpeed Help

Nero Express Help

Nero InfoTool

Nero InfoTool Help

Nero Installer

Nero Online Upgrade

Nero Rescue Agent

Nero RescueAgent Help

Nero StartSmart

Nero StartSmart Help

NeroExpress

neroxml

NVIDIA 3D Vision Controller Driver

NVIDIA Performance

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

NVIDIA System Monitor

Octoshape add-in for Adobe Flash Player

OpenOffice.org 3.3

Orcs Must Die!

Origin

OSD Setup

PDF Settings CS5

PKR

PowerISO

PunkBuster Services

QuickTime

Razer Naga

Remote Control USB Driver

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01

RIFT

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Sid Meier's Civilization V

Skype™ 5.3

SmartFTP Client Setup Files 4.0 (x64) (remove only)

StarCraft II

Steam

Stronghold 3

System Requirements Lab

Team Fortress 2

The Elder Scrolls V: Skyrim

The Lord of the Rings: War in the North

TurboTax 2010

TurboTax 2010 wcaiper

TurboTax 2010 WinPerFedFormset

TurboTax 2010 WinPerReleaseEngine

TurboTax 2010 WinPerTaxSupport

TurboTax 2010 wrapper

UltraEdit 15.20

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Visual Studio 2008 x64 Redistributables

VLC media player 1.1.9

Vuze

Vuze Remote Toolbar

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

11/16/2011 12:02:39 PM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

11/16/2011 1:58:02 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

11/15/2011 9:28:42 AM, Error: Microsoft-Windows-Eventlog [23] - The event logging service encountered an error (res=1500) while initializing logging resources for channel Microsoft-Windows-CodeIntegrity/Operational.

11/15/2011 9:28:40 AM, Error: Application Popup [1060] - ??C:ComboFixcatchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

11/15/2011 9:16:00 AM, Error: Service Control Manager [7034] - The HappyOSD service terminated unexpectedly. It has done this 1 time(s).

11/15/2011 6:33:59 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

11/15/2011 10:10:04 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000fe (0x0000000000000005, 0xfffffa80087f11a0, 0x0000000080863b3c, 0xfffffa800ba38258). A dump was saved in: C:WindowsMEMORY.DMP. Report Id: 111511-33212-01.

11/13/2011 9:30:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

11/13/2011 9:28:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

11/13/2011 9:27:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

11/13/2011 9:27:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

11/13/2011 9:27:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

11/13/2011 9:27:01 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:WindowsSystem32bcmihvsrv64.dll Error Code: 21

11/13/2011 9:26:59 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

11/13/2011 9:26:45 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter SCDEmu spldr Wanarpv6

11/13/2011 4:00:58 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: [email protected]

11/13/2011 2:29:55 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

11/13/2011 2:29:55 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/13/2011 10:08:19 PM, Error: Service Control Manager [7034] - The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).

11/13/2011 1:58:05 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Alienware Fusion Service service to connect.

11/13/2011 1:58:05 PM, Error: Service Control Manager [7000] - The Alienware Fusion Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/12/2011 10:54:12 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

11/12/2011 10:53:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

11/12/2011 10:53:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

11/12/2011 10:52:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx64 Avgmfx64 Avgtdia DfsC discache NetBIOS NetBT nsiproxy Psched rdbss SCDEmu spldr tdx vwififlt Wanarpv6 WfpLwf

11/12/2011 10:52:44 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/12/2011 10:52:44 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

11/12/2011 10:52:44 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

11/12/2011 10:52:44 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

11/12/2011 10:52:44 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

11/12/2011 10:52:44 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

11/12/2011 10:52:44 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/12/2011 10:52:44 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/12/2011 10:52:44 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

11/12/2011 10:52:44 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Hi,

 

 

You have an older version of Adobe Reader. You can download the current version HERE

 

You may want to consider Foxit Reader instead. It may be a bit lighter on resources.

 

Visit their support forum

Foxit Forum

 

In either case you should uninstall Adobe Reader 9.1.2 first. Be sure to move any PDF documents to another folder first though.

----------

 

 

Please download JavaRa to your desktop and unzip it to its own

folder

  • Run JavaRa.exe (double-click for XP/right-click and Run as Administrator for Vista), pick the language of your choice and click Select. Then

    click Remove Older Versions.

  • Accept any prompts.
  • Open JavaRa.exe (double-click for XP/right-click and Run as Administrator for Vista) again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest

    Java Runtime Environment (JRE) version for your computer.

----------

 

Let me know if you have any problems with the instructions I provided and let me know how your system is running in your next reply. :)

Share this post


Link to post
Share on other sites

Performance seems to be steady, no issues all day!

Great! :)

 

IT APPEARS THAT YOUR LOGS ARE NOW CLEAN :D SO LETS DO A COUPLE OF THINGS TO WRAP THIS UP!! :D

 

This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.

--------------

 

 

The following will implement some cleanup procedures as well as reset System Restore points:

 

Click Start > Run and copy/paste the following text into the Run box as shown and click OK.

Combofix /Uninstall

(Note: There is a space between the ..X and the /U that needs to be there.)

 

Posted Image

----------

 

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

 

Here are some tips to reduce the potential for spyware infection in the future:

 

1. Make your Internet Explorer more secure - This can be done by following these simple instructions:

  • From within Internet Explorer click on the Tools menu and then click on Options.
  • Click once on the Security tab
  • Click once on the Internet icon so it becomes highlighted.
  • Click once on the Custom Level button.
  • Change the Download signed ActiveX controls to Prompt
  • Change the Download unsigned ActiveX controls to Disable
  • Change the Initialize and script ActiveX controls not marked as safe to Disable
  • Change the Installation of desktop items to Prompt
  • Change the Launching programs and files in an IFRAME to Prompt
  • Change the Navigate sub-frames across different domains to Prompt
  • When all these settings have been made, click on the OK button.
  • If it prompts you as to whether or not you want to save the settings, press the Yes button.
  • Next press the Apply button and then the OK to exit the Internet Properties page.
2. Enable Protected Mode in Internet Explorer. This helps Windows Vista users stay more protected from attack by running Internet Explorer with restricted privileges as well as reducing the ability to write, alter or destroy data on your system or install malicious code. To make sure this is running follow these steps:
  • Open Internet Explorer
  • Click on Tools > Internet Options
  • Press Security tab
  • Select Internet zone then place check next to Enable Protected Mode if not already done
  • Do the same for Local Intranet, Trusted Sites and Restricted Sites and then press Apply
  • Restart Internet Explorer and in the bottom right corner of your screen you will see Protected Mode: On showing you it is enabled.
3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

 

4. Firewall

Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here. **There are firewalls listed in this tutorial that could be downloaded and used but I would personally only recommend using one of the following two below:

Online Armor Free

Agnitum Outpost Firewall Free

 

5. Make sure you keep your Windows OS current. Windows XP users can visit Windows update regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.

 

6. Consider a custom hosts file such as MVPS HOSTS. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002

Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

 

7. WOT (Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

 

8.Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place?

 

Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.

Share this post


Link to post
Share on other sites

Well my performance seems to be struggling again. I have hardly used the computer, but it has been turned on most of the time.

 

I never really use IE, only Chrome. I followed the other steps, installing the new hosts file and the addon for chrome.

 

Should I run any more scans to see if something is persisting? Let me know what you think!

Share this post


Link to post
Share on other sites

Hi Joe,

 

 

Please do the following:

 

Hold down the Windows key and press R to open a run box

type the following text into the run box

 

appwiz.cpl

 

This will open your Programs And Features. A list of installed programs will populate

 

Remove the following programs:

 

Vuze

Vuze Remote Toolbar

 

----------

  • First, check how much free disk space is available on the system volume in Windows Explorer.
  • Open Control Panel / System / Advanced System Settings.
  • Select the System Protection Tab.
  • In the Protection Settings box, select the System Drive (Usually C:).
  • Click the Configure Button.
  • In the Disk Space Usage section, use the slider to increase the amount of disk space allocated to System Restore.
  • Apply/OK.
  • You can also use the Disk Cleanup tool to remove all but the latest System Restore Points. This will likely give you back a large amount of free disk space.
  • Go to Start/All Programs/Accessories/System Tools/Disk Cleanup. Select to clean up the files for All Users.
  • You will have the option of selecting which files to remove.
  • Select the Clean Up System Files button. This will show a new Tab called More Options. Click this tab and in the System Restore and Shadow Copies section, click the Cleanup Button. This will delete all but the most recent System Restore Point.

Let me know how the works for you. :)

Share this post


Link to post
Share on other sites

Well I have over 200GB free on my C: drive, but I did the steps you have posted. All of this was accomplished before I came to these forums, but taking these steps as you posted does not seem to have made any change.

 

Would this imply there may be a hardware issue? It seems odd that it consistently had issues until I started following your instructions, and then I started to see improvements, although only temporarily.

Share this post


Link to post
Share on other sites

Hi Joe,

 

We can take a look with another tool. See if there is any other malware possible.

 

  • Download OTL to your desktop.
  • Right-click and Run as Administrator on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.

    Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.

  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

Share this post


Link to post
Share on other sites

OTL logfile created on: 11/18/2011 2:59:36 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:UsersJoe GregoryDesktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

5.99 Gb Total Physical Memory | 3.04 Gb Available Physical Memory | 50.80% Memory free

11.98 Gb Paging File | 8.77 Gb Available in Paging File | 73.25% Paging File free

Paging file location(s): ?:pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)

Drive C: | 451.07 Gb Total Space | 205.53 Gb Free Space | 45.57% Space Free | Partition Type: NTFS

Drive E: | 2.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: JOE-ALIENWARE | User Name: Joe Gregory | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:UsersJoe GregoryDesktopOTL.exe (OldTimer Tools)

PRC - C:WindowsSysWOW64PnkBstrA.exe ()

PRC - C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe (NVIDIA Corporation)

PRC - C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (NVIDIA Corporation)

PRC - C:Program Files (x86)VuzeAzureus.exe (Vuze Inc.)

PRC - C:Program Files (x86)IObitGame Boostergbtray.exe (IObit)

PRC - C:Program Files (x86)Windows Media Playerwmplayer.exe (Microsoft Corporation)

PRC - C:Program Files (x86)Common FilesIntuitUpdate ServiceIntuitUpdateService.exe (Intuit Inc.)

PRC - C:Program FilesAlienwareCommand CenterAlienFusionController.exe ()

PRC - C:Program FilesAlienwareCommand CenterAlienSenseFATrayMon.exe (Sensible Vision )

PRC - C:Program FilesAlienwareCommand CenterAlienSenseFATrayAlert.exe (Sensible Vision )

PRC - C:Program FilesAlienwareCommand CenterAlienSenseFAService.exe (Sensible Vision )

PRC - C:Program Files (x86)OSDOSD_Main.exe (Microsoft)

PRC - C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe (Intel Corporation)

PRC - C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe (Intel Corporation)

PRC - C:Program Files (x86)Common FilesNeroNero BackItUp 4NBService.exe (Nero AG)

PRC - C:Program Files (x86)POWERISOPWRISOVM.EXE (PowerISO Computing, Inc.)

PRC - C:Program Files (x86)2K GamesDungeon Siege 2 Broken WorldDungeonSiege2.exe (Gas Powered Games)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:UsersJoe GregoryAppDataRoamingAzureuspluginsazutpwin32utp.dll ()

MOD - C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120ppgooglenaclpluginchrome.dll ()

MOD - C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120pdf.dll ()

MOD - C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120avutil-51.dll ()

MOD - C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120avformat-53.dll ()

MOD - C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120avcodec-53.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32System.Management1049a76b3de293df726d380932215c91System.Management.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32System.Runtime.Remo#b2622080e047040fa044dd21a04ff10dSystem.Runtime.Remoting.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32WindowsBased7a64c28cf0c90e6c48af4f7d6f9ed41WindowsBase.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32IAStorUtil3c8f9ba115087754b5b1d8394fc818baIAStorUtil.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32System.Windows.Forms6e592e424a204aafeadbe22b6b31b9dbSystem.Windows.Forms.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32System.Drawing3b2cfd85528a27eb71dc41d8067359a1System.Drawing.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32System.Xml130ad4d9719e566ca933ac7158a04203System.Xml.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32System.Configuration2d5bcbeb9475ef62189f605bcca1cec6System.Configuration.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32Systemabab08afa60a6f06bdde0fcc9649c379System.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32mscorliba1a82db68b3badc7c27ea1f6579d22c5mscorlib.ni.dll ()

MOD - C:WindowsSysWOW64MacromedFlashNPSWF32.dll ()

MOD - C:Program Files (x86)Vuzepluginsazitunesjacob-1.14.3-x86.dll ()

MOD - C:Program Files (x86)VuzepluginsazituneslibProcessAccess.dll ()

MOD - C:Program Files (x86)Vuzeaereg.dll ()

MOD - C:Program Files (x86)IObitGame Boostermadexcept_.bpl ()

MOD - C:Program Files (x86)IObitGame Boostersqlite3.dll ()

MOD - C:WindowsassemblyGAC_MSILAlienLabsTools1.0.92.0__bebb3c8816410241AlienLabsTools.dll ()

MOD - C:WindowsassemblyGAC_MSILAlienlabs.CommandCenter.Tools1.0.92.0__bebb3c8816410241Alienlabs.CommandCenter.Tools.dll ()

MOD - C:Program FilesAlienwareCommand CenterAlienFusionDomain.dll ()

MOD - C:Program FilesAlienwareCommand CenterAlienFusionController.exe ()

MOD - C:WindowsSysWOW64FAIEExtension.dll ()

MOD - C:WindowsSysWOW64FAib.dll ()

MOD - C:WindowsSysWOW64FACrashRpt.dll ()

MOD - C:Program Files (x86)IObitGame Boostermadbasic_.bpl ()

MOD - C:Program Files (x86)IObitGame BoostermaddisAsm_.bpl ()

MOD - C:Program Files (x86)2K GamesDungeon Siege 2 Broken Worldsystemmss32.dll ()

MOD - C:Program Files (x86)2K GamesDungeon Siege 2 Broken Worldsystembinkw32.dll ()

MOD - C:Program Files (x86)2K GamesDungeon Siege 2 Broken Worldsystemmssmssmp3.asi ()

MOD - C:Program Files (x86)2K GamesDungeon Siege 2 Broken WorldsystemmssMsseax.m3d ()

MOD - C:Program Files (x86)2K GamesDungeon Siege 2 Broken Worldsystemmssmssdsp.flt ()

MOD - C:Program Files (x86)2K GamesDungeon Siege 2 Broken Worldsystemmssmsssoft.m3d ()

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (NisSrv) -- c:Program FilesMicrosoft Security ClientAntimalwareNisSrv.exe (Microsoft Corporation)

SRV:64bit: - (MsMpSvc) -- c:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe (Microsoft Corporation)

SRV:64bit: - (AlienFusionService) -- C:Program FilesAlienwareCommand CenterAlienFusionService.exe (Alienware)

SRV:64bit: - (FAService) -- C:Program FilesAlienwareCommand CenterAlienSenseFAService.exe (Sensible Vision )

SRV:64bit: - (wltrysvc) -- C:Program FilesDellDW WLAN CardWLTRYSVC.EXE (Dell Inc.)

SRV:64bit: - (STacSV) -- C:WindowsSysNativeDriverStoreFileRepositorystwrt64.inf_amd64_neutral_056607ee0106e5e8stacsv64.exe (IDT, Inc.)

SRV:64bit: - (btwdins) -- c:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe (Broadcom Corporation.)

SRV:64bit: - (WinDefend) -- C:Program FilesWindows DefenderMpSvc.dll (Microsoft Corporation)

SRV:64bit: - (AESTFilters) -- C:WindowsSysNativeDriverStoreFileRepositorystwrt64.inf_amd64_neutral_056607ee0106e5e8AESTSr64.exe (Andrea Electronics Corporation)

SRV - (Steam Client Service) -- C:Program Files (x86)Common FilesSteamSteamService.exe (Valve Corporation)

SRV - (PnkBstrA) -- C:WindowsSysWOW64PnkBstrA.exe ()

SRV - (nvUpdatusService) -- C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe (NVIDIA Corporation)

SRV - (Stereo Service) -- C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (IntuitUpdateService) -- C:Program Files (x86)Common FilesIntuitUpdate ServiceIntuitUpdateService.exe (Intuit Inc.)

SRV - (nTuneService) -- C:Program Files (x86)NVIDIA CorporationnTunenTuneService.exe (NVIDIA)

SRV - (clr_optimization_v4.0.30319_32) -- C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe (Microsoft Corporation)

SRV - (IAStorDataMgrSvc) Intel® -- C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe (Intel Corporation)

SRV - (SwitchBoard) -- C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe (Adobe Systems Incorporated)

SRV - (HappyOSD) -- C:Program Files (x86)OSDOSD_Service.exe ()

SRV - (Nero BackItUp Scheduler 4.0) -- C:Program Files (x86)Common FilesNeroNero BackItUp 4NBService.exe (Nero AG)

SRV - (clr_optimization_v2.0.50727_32) -- C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - (NVHDA) -- C:WindowsSysNativedriversnvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (USBAAPL64) -- C:WindowsSysNativedriversusbaapl64.sys (Apple, Inc.)

DRV:64bit: - (NisDrv) -- C:WindowsSysNativedriversNisDrvWFP.sys (Microsoft Corporation)

DRV:64bit: - (amdsata) -- C:WindowsSysNativedriversamdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:WindowsSysNativedriversamdxata.sys (Advanced Micro Devices)

DRV:64bit: - (RzSynapse) -- C:WindowsSysNativedriversRzSynapse.sys (Razer USA Ltd)

DRV:64bit: - (HpSAMD) -- C:WindowsSysNativedriversHpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbFlt) -- C:WindowsSysNativedriversTsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (sdbus) -- C:WindowsSysNativedriverssdbus.sys (Microsoft Corporation)

DRV:64bit: - (S3XXx64) -- C:WindowsSysNativedriversS3XXx64.sys (SCM Microsystems Inc.)

DRV:64bit: - (Point64) -- C:WindowsSysNativedriverspoint64.sys (Microsoft Corporation)

DRV:64bit: - (itecir) -- C:WindowsSysNativedriversitecir.sys (ITE Tech. Inc. )

DRV:64bit: - (BCM43XX) -- C:WindowsSysNativedriversBCMWL664.SYS (Broadcom Corporation)

DRV:64bit: - (btusbflt) -- C:WindowsSysNativedriversbtusbflt.sys (Broadcom Corporation.)

DRV:64bit: - (ivusb) -- C:WindowsSysNativedriversivusb.sys (Initio Corporation)

DRV:64bit: - (iaStor) -- C:WindowsSysNativedriversiaStor.sys (Intel Corporation)

DRV:64bit: - (BCM42RLY) -- C:WindowsSysNativedriversbcm42rly.sys (Broadcom Corporation)

DRV:64bit: - (e1kexpress) Intel® -- C:WindowsSysNativedriverse1k62x64.sys (Intel Corporation)

DRV:64bit: - (Acceler) -- C:WindowsSysNativedriversAcceler.sys (ST Microelectronics)

DRV:64bit: - (LGVirHid) -- C:WindowsSysNativedriversLGVirHid.sys (Logitech Inc.)

DRV:64bit: - (LGBusEnum) -- C:WindowsSysNativedriversLGBusEnum.sys (Logitech Inc.)

DRV:64bit: - (SynTP) -- C:WindowsSysNativedriversSynTP.sys (Synaptics Incorporated)

DRV:64bit: - (iSSetup) -- C:WindowsSysNativedriversiSSetup.sys (Intel Corporation)

DRV:64bit: - (STHDA) -- C:WindowsSysNativedriversstwrt64.sys (IDT, Inc.)

DRV:64bit: - (netr28ux) -- C:WindowsSysNativedriversnetr28ux.sys (Ralink Technology Corp.)

DRV:64bit: - (ioatdma2) Intel® -- C:WindowsSysNativedriversqd262x64.sys (Intel Corporation)

DRV:64bit: - (ioatdma1) -- C:WindowsSysNativedriversqd162x64.sys (Intel Corporation)

DRV:64bit: - (ioatdma) Intel® -- C:WindowsSysNativedriversioatdma.sys (Intel Corporation)

DRV:64bit: - (amdsbs) -- C:WindowsSysNativedriversamdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:WindowsSysNativedriverslsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:WindowsSysNativedriversstexstor.sys (Promise Technology)

DRV:64bit: - (StillCam) -- C:WindowsSysNativedriversserscan.sys (Microsoft Corporation)

DRV:64bit: - (btwaudio) -- C:WindowsSysNativedriversbtwaudio.sys (Broadcom Corporation.)

DRV:64bit: - (btwavdt) -- C:WindowsSysNativedriversbtwavdt.sys (Broadcom Corporation.)

DRV:64bit: - (btwrchid) -- C:WindowsSysNativedriversbtwrchid.sys (Broadcom Corporation.)

DRV:64bit: - (ebdrv) -- C:WindowsSysNativedriversevbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:WindowsSysNativedriversbxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:WindowsSysNativedriversb57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:WindowsSysNativedrivershcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (GEARAspiWDM) -- C:WindowsSysNativedriversGEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (btwl2cap) -- C:WindowsSysNativedriversbtwl2cap.sys (Broadcom Corporation.)

DRV:64bit: - (SCDEmu) -- C:WindowsSysNativedriversscdemu.sys (PowerISO Computing, Inc.)

DRV:64bit: - (rimmptsk) -- C:WindowsSysNativedriversrimmpx64.sys (REDC)

DRV:64bit: - (FACAP) -- C:WindowsSysNativedriversfacap.sys (Sensible Vision )

DRV:64bit: - (rimsptsk) -- C:WindowsSysNativedriversrimspx64.sys (REDC)

DRV:64bit: - (rismxdp) -- C:WindowsSysNativedriversrixdpx64.sys (REDC)

DRV:64bit: - (IAMTVE) Driver for Intel® -- C:WindowsSysNativedriversIAMTVE.sys (Intel Corporation)

DRV:64bit: - (IAMTXPE) Driver for Intel® -- C:WindowsSysNativedriversIAMTXPE.sys (Intel Corporation)

DRV:64bit: - (RemoteControl-USBLAN) -- C:WindowsSysNativedriversrcblan.sys (Belcarra Technologies)

DRV:64bit: - (WimFltr) -- C:WindowsSysNativedriversWimFltr.sys (Microsoft Corporation)

DRV - (WIMMount) -- C:WindowsSysWOW64driverswimmount.sys (Microsoft Corporation)

DRV - (WinRing0_1_2_0) -- C:Program Files (x86)OSDWinRing0x64.sys (OpenLibSys.org)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm

IE - HKLM..URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found

 

IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Secondary_Page_URL = http://support.alienware.com [binary data]

IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank

IE - HKCU..URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll (Yahoo! Inc.)

IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyOverride" = *.local

 

FF:64bit: - [email protected]/JavaPlugin: C:Program FilesJavajre7binnew_pluginnpjp2.dll (Oracle Corporation)

FF:64bit: - [email protected]/GENUINE: disabled File not found

FF - [email protected]/FlashPlayer: C:WindowsSysWOW64MacromedFlashNPSWF32.dll ()

FF - [email protected]/iTunes,version=: File not found

FF - [email protected]/iTunes,version=1.0: C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll ()

FF - [email protected]/esnsonar,version=0.70.3: C:Program Files (x86)Battlelog Web PluginsSonar0.70.3npesnsonar.dll (ESN Social Software AB)

FF - [email protected]/esnlaunch,version=1.96.0: C:Program Files (x86)Battlelog Web Plugins1.96.0npesnlaunch.dll (ESN Social Software AB)

FF - [email protected]/JavaPlugin: C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll (Sun Microsystems, Inc.)

FF - [email protected]/GENUINE: disabled File not found

FF - [email protected]/NpCtrl,version=1.0: c:Program Files (x86)Microsoft Silverlight4.0.60831.0npctrl.dll ( Microsoft Corporation)

FF - [email protected]/WLPG,version=15.4.3502.0922: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)

FF - [email protected]/WLPG,version=15.4.3508.1109: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)

FF - [email protected]/3DVision: C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dv.dll (NVIDIA Corporation)

FF - [email protected]/3DVisionStreaming: C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dvstreaming.dll (NVIDIA Corporation)

FF - [email protected]/Google Update;version=3: C:UsersJoe GregoryAppDataLocalGoogleUpdate1.3.21.79npGoogleUpdate3.dll (Google Inc.)

FF - [email protected]/Google Update;version=9: C:UsersJoe GregoryAppDataLocalGoogleUpdate1.3.21.79npGoogleUpdate3.dll (Google Inc.)

 

 

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Disabled) = C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120gcswf32.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:Program Files (x86)Javajre6binnew_pluginnpdeployJava1.dll

CHR - plugin: Java Platform SE 6 U24 (Enabled) = C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:Program Files (x86)Microsoft Silverlight4.0.60531.0npctrl.dll

CHR - plugin: Chrome NaCl (Enabled) = C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120pdf.dll

CHR - plugin: AVG Internet Security (Enabled) = C:UsersJoe GregoryAppDataLocalGoogleChromeUser DataDefaultExtensionsjmfkcklnlgedgbglfkkgedjfmejoahla10.0.0.1390_0plugins/avgnpss.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:Program Files (x86)AdobeReader 9.0ReaderBrowsernppdf32.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dvstreaming.dll

CHR - plugin: Windows Live Photo Gallery (Enabled) = C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll

CHR - plugin: Google Update (Enabled) = C:UsersJoe GregoryAppDataLocalGoogleUpdate1.3.21.57npGoogleUpdate3.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: WOT = C:UsersJoe GregoryAppDataLocalGoogleChromeUser DataDefaultExtensionsbhmmomiinigofkjcapegjjndpbikblnp1.2.5_0

CHR - Extension: Zeppelin = C:UsersJoe GregoryAppDataLocalGoogleChromeUser DataDefaultExtensionsgonpmjifhghfjnbijodbhjmpaogaipap1.0_0

 

O1 HOSTS File: ([2011/10/13 13:37:30 | 000,612,606 | ---- | M]) - C:WindowsSysNativedriversetcHOSTS

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost #[iPv6]

O1 - Hosts: 127.0.0.1 fr.a2dfp.net

O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net

O1 - Hosts: 127.0.0.1 ad.a8.net

O1 - Hosts: 127.0.0.1 asy.a8ww.net

O1 - Hosts: 127.0.0.1 abcstats.com

O1 - Hosts: 127.0.0.1 a.abv.bg

O1 - Hosts: 127.0.0.1 adserver.abv.bg

O1 - Hosts: 127.0.0.1 adv.abv.bg

O1 - Hosts: 127.0.0.1 bimg.abv.bg

O1 - Hosts: 127.0.0.1 ca.abv.bg

O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua

O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com

O1 - Hosts: 127.0.0.1 accuserveadsystem.com

O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com

O1 - Hosts: 127.0.0.1 achmedia.com

O1 - Hosts: 127.0.0.1 aconti.net

O1 - Hosts: 127.0.0.1 secure.aconti.net

O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]

O1 - Hosts: 127.0.0.1 am1.activemeter.com

O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]

O1 - Hosts: 127.0.0.1 ads.activepower.net

O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]

O1 - Hosts: 127.0.0.1 ad2games.com

O1 - Hosts: 16290 more lines...

O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre7binjp2ssv.dll (Oracle Corporation)

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll (Yahoo! Inc.)

O2 - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:Program FilesAlienwareCommand CenterAlienSenseFAIESSO.dll (Sensible Vision )

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:Program Files (x86)Yahoo!CompanionInstallscpnYTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM..Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll (Yahoo! Inc.)

O3 - HKLM..Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..Run: [broadcom Wireless Manager UI] C:Program FilesDellDW WLAN CardWLTRAY.EXE (Dell Inc.)

O4:64bit: - HKLM..Run: [intelliPoint] c:Program FilesMicrosoft IntelliPointipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..Run: [MSC] c:Program FilesMicrosoft Security Clientmsseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..Run: [NVHotkey] C:WindowsSysNativenvHotkey.dll (NVIDIA Corporation)

O4:64bit: - HKLM..Run: [sysTrayApp] C:Program FilesIDTWDMsttray64.exe (IDT, Inc.)

O4 - HKLM..Run: [FAStartup] File not found

O4 - HKLM..Run: [FATrayAlert] C:Program FilesAlienwareCommand CenterAlienSenseFATrayMon.exe (Sensible Vision )

O4 - HKLM..Run: [iAStorIcon] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe (Intel Corporation)

O4 - HKLM..Run: [OSD_LAUNCH] c:Program Files (x86)OSDLaunch.exe (HH)

O4 - HKLM..Run: [PWRISOVM.EXE] C:Program Files (x86)POWERISOPWRISOVM.EXE (PowerISO Computing, Inc.)

O4 - HKCU..Run: [Azureus] C:Program Files (x86)VuzeAzureus.exe (Vuze Inc.)

O4 - HKCU..Run: [steam] C:Program Files (x86)Steamsteam.exe (Valve Corporation)

O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorAdmin = 5

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorUser = 3

O7 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present

O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0

O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O8 - Extra context menu item: Send image to &Bluetooth Device... - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm ()

O8 - Extra context menu item: Send page to &Bluetooth Device... - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O9:64bit: - Extra Button: @c:Program FilesWIDCOMMBluetooth Softwarebtrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @c:Program FilesWIDCOMMBluetooth Softwarebtrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O10:64bit: - NameSpace_Catalog5Catalog_Entries64000000000010 [] - C:Program FilesBonjourmdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5Catalog_Entries000000000010 [] - C:Program Files (x86)BonjourmdnsNSP.dll (Apple Inc.)

O15 - HKCU..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKCU..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKCU..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)

O15 - HKCU..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKCU..Trusted Domains: sony.com ([]* in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)

O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 10.0.0.1

O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{13FE863B-B116-42FB-A2B1-748C35E9E8B2}: DhcpNameServer = 192.168.0.1

O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{2CC954AF-5EC3-4C88-9C11-CA990A296B21}: DhcpNameServer = 12.127.16.67 69.60.160.196

O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{F3F200F6-E432-4BDC-94CC-47AEDE094030}: DhcpNameServer = 10.0.0.1

O18:64bit: - ProtocolHandlerlivecall - No CLSID value found

O18:64bit: - ProtocolHandlermsnim - No CLSID value found

O18:64bit: - ProtocolHandlerwlpg - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:Windowsexplorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) - C:WindowsSysNativeuserinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:WindowsSysNativeSystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:WindowsSysWow64explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) -C:WindowsSysWOW64userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - WinlogonNotifyScCertProp: DllName - (wlnotify.dll) - File not found

O20 - WinlogonNotifyFastAccess: DllName - (C:Program FilesAlienwareCommand CenterAlienSenseFALogNot.dll) - C:Program FilesAlienwareCommand CenterAlienSenseFALogNot.dll ()

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/08/18 07:25:09 | 000,000,192 | R--- | M] () - E:AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM..comfile [open] -- "%1" %*

O35:64bit: - HKLM..exefile [open] -- "%1" %*

O35 - HKLM..comfile [open] -- "%1" %*

O35 - HKLM..exefile [open] -- "%1" %*

O37:64bit: - HKLM...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM...exe [@ = exefile] -- "%1" %*

O37 - HKLM...com [@ = ComFile] -- "%1" %*

O37 - HKLM...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/11/18 14:58:36 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:UsersJoe GregoryDesktopOTL.exe

[2011/11/18 13:57:34 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuPrograms2K Games

[2011/11/18 13:56:32 | 000,000,000 | ---D | C] -- C:Program Files (x86)2K Games

[2011/11/18 13:28:35 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsDungeon Siege 2

[2011/11/18 13:26:23 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft Games

[2011/11/18 10:46:38 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN

[2011/11/18 10:31:13 | 000,000,000 | -HSD | C] -- C:$RECYCLE.BIN

[2011/11/18 08:58:25 | 004,300,722 | R--- | C] (Swearware) -- C:UsersJoe GregoryDesktopComboFix.exe

[2011/11/18 08:22:41 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryDesktopGaming

[2011/11/17 15:53:03 | 000,000,000 | -H-D | C] -- C:ProgramDataCanonBJ

[2011/11/17 12:25:39 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:WindowsSysNativejavaws.exe

[2011/11/17 12:25:39 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:WindowsSysNativejavaw.exe

[2011/11/17 12:25:39 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:WindowsSysNativejava.exe

[2011/11/17 11:41:12 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsFoxit Reader 5.1

[2011/11/17 11:41:06 | 000,000,000 | ---D | C] -- C:Program Files (x86)Foxit Software

[2011/11/16 08:58:41 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:WindowsSysNativedriversmbam.sys

[2011/11/15 18:37:32 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocaltemp

[2011/11/15 09:12:53 | 000,518,144 | ---- | C] (SteelWerX) -- C:WindowsSWREG.exe

[2011/11/15 09:12:53 | 000,406,528 | ---- | C] (SteelWerX) -- C:WindowsSWSC.exe

[2011/11/15 09:12:53 | 000,060,416 | ---- | C] (NirSoft) -- C:WindowsNIRCMD.exe

[2011/11/15 09:12:44 | 000,000,000 | ---D | C] -- C:WindowsERDNT

[2011/11/15 09:09:36 | 000,000,000 | ---D | C] -- C:Qoobox

[2011/11/14 10:50:55 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalNVIDIA Corporation

[2011/11/13 20:29:14 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsBurnInTest

[2011/11/13 20:29:13 | 000,000,000 | ---D | C] -- C:WindowsSysNativetemp

[2011/11/13 20:29:13 | 000,000,000 | ---D | C] -- C:ProgramDataPassMark

[2011/11/13 20:29:02 | 000,000,000 | ---D | C] -- C:Program FilesBurnInTest

[2011/11/13 15:13:23 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft Security Client

[2011/11/13 15:13:13 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft Security Client

[2011/11/13 15:08:41 | 000,000,000 | ---D | C] -- C:ProgramDataPCPitstop

[2011/11/13 14:57:47 | 000,000,000 | ---D | C] -- C:Windowspss

[2011/11/13 14:48:15 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsCPU Speed Professional

[2011/11/13 14:48:13 | 000,000,000 | ---D | C] -- C:Program Files (x86)CPU Speed Pro

[2011/11/13 11:42:53 | 000,000,000 | ---D | C] -- C:Program Files (x86)Seagate

[2011/11/13 10:31:44 | 000,000,000 | ---D | C] -- C:Program Files (x86)WinTools Software

[2011/11/13 08:56:39 | 000,000,000 | ---D | C] -- C:Program FilesCPUID

[2011/11/13 07:58:01 | 000,000,000 | ---D | C] -- C:ProgramDataNVIDIA Corporation

[2011/11/13 06:47:38 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataRoamingMalwarebytes

[2011/11/13 06:47:25 | 000,000,000 | ---D | C] -- C:ProgramDataMalwarebytes

[2011/11/13 06:40:32 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalSkyrim

[2011/11/12 22:31:21 | 000,000,000 | ---D | C] -- C:Program Files (x86)CleanMyPC

[2011/11/08 21:20:08 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalwb games

[2011/10/30 19:54:25 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocal{1F653DA0-AFFE-473C-9586-85A551C16693}

[2011/10/30 06:00:01 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalChromium

[2011/10/30 05:41:40 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryDocumentsStronghold 3

[2011/10/29 14:43:36 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsPKR

[2011/10/29 14:43:36 | 000,000,000 | ---D | C] -- C:Program Files (x86)PKR

[2011/10/29 12:06:06 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataRoamingMicrosoftWindowsStart MenuProgramsAtari

[2011/10/29 09:08:20 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation

[2011/10/29 09:02:57 | 000,174,184 | ---- | C] (NVIDIA Corporation) -- C:WindowsSysNativedriversnvhda64v.sys

[2011/10/29 09:02:57 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:WindowsSysNativenvhdap64.dll

[2011/10/29 09:02:56 | 001,452,648 | ---- | C] (NVIDIA Corporation) -- C:WindowsSysNativenvhdagenco6420102.dll

[2011/10/29 09:02:41 | 001,533,248 | ---- | C] (NVIDIA Corporation) -- C:WindowsSysNativenvdispco64.dll

[2011/10/29 09:02:41 | 001,454,400 | ---- | C] (NVIDIA Corporation) -- C:WindowsSysNativenvgenco64.dll

[2011/10/29 08:59:39 | 000,000,000 | ---D | C] -- C:NVIDIA

[2011/10/29 08:11:05 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesJava

[2011/10/29 08:10:53 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:WindowsSysWow64javaws.exe

[2011/10/29 08:10:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:WindowsSysWow64javaw.exe

[2011/10/29 08:10:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:WindowsSysWow64java.exe

[2011/10/28 11:56:04 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalESN Sonar

[2011/10/28 09:54:56 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalPunkBuster

[2011/10/28 09:54:48 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryDocumentsBattlefield 3

[2011/10/28 09:54:00 | 000,000,000 | ---D | C] -- C:Program Files (x86)Battlelog Web Plugins

[2011/10/28 09:52:02 | 000,000,000 | ---D | C] -- C:ProgramDataEA Core

[2011/10/28 09:50:13 | 000,000,000 | -H-D | C] -- C:Program Files (x86)Common FilesEAInstaller

[2011/10/26 15:57:32 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryDocumentsOrcs Must Die

[2011/10/26 15:57:26 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_7.dll

[2011/10/26 15:57:26 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_7.dll

[2011/10/26 15:57:26 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_5.dll

[2011/10/26 15:57:26 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_5.dll

[2011/10/26 15:57:25 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_7.dll

[2011/10/26 15:57:25 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_7.dll

[2011/10/26 15:57:24 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_43.dll

[2011/10/26 15:57:24 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_43.dll

[2011/10/26 15:57:23 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dcsx_43.dll

[2011/10/26 15:57:23 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dcsx_43.dll

[2011/10/26 15:57:23 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_43.dll

[2011/10/26 15:57:23 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_43.dll

[2011/10/26 15:57:23 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx11_43.dll

[2011/10/26 15:57:23 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx11_43.dll

[2011/10/26 15:57:22 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_43.dll

[2011/10/26 15:57:22 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_43.dll

[2011/10/26 15:57:21 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_6.dll

[2011/10/26 15:57:21 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_6.dll

[2011/10/26 15:57:21 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_6.dll

[2011/10/26 15:57:21 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_6.dll

[2011/10/26 15:57:21 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_4.dll

[2011/10/26 15:57:21 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_4.dll

[2011/10/26 15:57:21 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_7.dll

[2011/10/26 15:57:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_7.dll

[2011/10/26 15:57:20 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_5.dll

[2011/10/26 15:57:20 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_5.dll

[2011/10/26 15:57:20 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_5.dll

[2011/10/26 15:57:20 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_5.dll

[2011/10/26 15:57:19 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_42.dll

[2011/10/26 15:57:19 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_42.dll

[2011/10/26 15:57:18 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dcsx_42.dll

[2011/10/26 15:57:18 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dcsx_42.dll

[2011/10/26 15:57:17 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_42.dll

[2011/10/26 15:57:17 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_42.dll

[2011/10/26 15:57:17 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx11_42.dll

[2011/10/26 15:57:17 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx11_42.dll

[2011/10/26 15:57:16 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_42.dll

[2011/10/26 15:57:16 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_42.dll

[2011/10/26 15:57:15 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_41.dll

[2011/10/26 15:57:15 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_41.dll

[2011/10/26 15:57:13 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_41.dll

[2011/10/26 15:57:13 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_41.dll

[2011/10/26 15:57:13 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_4.dll

[2011/10/26 15:57:13 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_4.dll

[2011/10/26 15:57:13 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_3.dll

[2011/10/26 15:57:13 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_3.dll

[2011/10/26 15:57:12 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_4.dll

[2011/10/26 15:57:12 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_4.dll

[2011/10/26 15:57:12 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_6.dll

[2011/10/26 15:57:12 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_6.dll

[2011/10/26 15:57:11 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_40.dll

[2011/10/26 15:57:11 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_40.dll

[2011/10/26 15:57:11 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_40.dll

[2011/10/26 15:57:11 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_40.dll

[2011/10/26 15:57:09 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_40.dll

[2011/10/26 15:57:09 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_40.dll

[2011/10/26 15:57:09 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_3.dll

[2011/10/26 15:57:09 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_3.dll

[2011/10/26 15:57:09 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_2.dll

[2011/10/26 15:57:09 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_2.dll

[2011/10/26 15:57:08 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_2.dll

[2011/10/26 15:57:08 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_2.dll

[2011/10/26 15:57:08 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_3.dll

[2011/10/26 15:57:08 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_3.dll

[2011/10/26 15:57:08 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_1.dll

[2011/10/26 15:57:08 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_1.dll

[2011/10/26 15:57:08 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_5.dll

[2011/10/26 15:57:08 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_5.dll

[2011/10/26 15:57:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_2.dll

[2011/10/26 15:57:07 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_2.dll

[2011/10/26 15:57:06 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_39.dll

[2011/10/26 15:57:06 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_39.dll

[2011/10/26 15:57:06 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_39.dll

[2011/10/26 15:57:06 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_39.dll

[2011/10/26 15:57:05 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_39.dll

[2011/10/26 15:57:05 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_39.dll

[2011/10/26 15:57:05 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_1.dll

[2011/10/26 15:57:05 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_1.dll

[2011/10/26 15:57:05 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_0.dll

[2011/10/26 15:57:05 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_0.dll

[2011/10/26 15:57:04 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_1.dll

[2011/10/26 15:57:04 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_1.dll

[2011/10/26 15:57:04 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_4.dll

[2011/10/26 15:57:04 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_4.dll

[2011/10/26 15:57:03 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_38.dll

[2011/10/26 15:57:03 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_38.dll

[2011/10/26 15:57:03 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_38.dll

[2011/10/26 15:57:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_38.dll

[2011/10/26 15:57:02 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_38.dll

[2011/10/26 15:57:02 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_38.dll

[2011/10/26 15:57:02 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_0.dll

[2011/10/26 15:57:02 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_0.dll

[2011/10/26 15:57:01 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_0.dll

[2011/10/26 15:57:01 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_0.dll

[2011/10/26 15:57:01 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_3.dll

[2011/10/26 15:57:01 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_3.dll

[2011/10/26 15:57:00 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_37.dll

[2011/10/26 15:57:00 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_37.dll

[2011/10/26 15:57:00 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_37.dll

[2011/10/26 15:57:00 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_37.dll

[2011/10/26 15:56:59 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_37.dll

[2011/10/26 15:56:59 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_37.dll

[2011/10/26 15:56:58 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_10.dll

[2011/10/26 15:56:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_10.dll

[2011/10/26 15:56:57 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_36.dll

[2011/10/26 15:56:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_36.dll

[2011/10/26 15:56:57 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_36.dll

[2011/10/26 15:56:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_36.dll

[2011/10/26 15:56:56 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_36.dll

[2011/10/26 15:56:56 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_36.dll

[2011/10/26 15:56:55 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_9.dll

[2011/10/26 15:56:55 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_9.dll

[2011/10/26 15:56:54 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_35.dll

[2011/10/26 15:56:54 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_35.dll

[2011/10/26 15:56:54 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_35.dll

[2011/10/26 15:56:54 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_35.dll

[2011/10/26 15:56:53 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_35.dll

[2011/10/26 15:56:53 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_35.dll

[2011/10/26 15:56:52 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_8.dll

[2011/10/26 15:56:52 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_8.dll

[2011/10/26 15:56:52 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_2.dll

[2011/10/26 15:56:52 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_2.dll

[2011/10/26 15:56:51 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_34.dll

[2011/10/26 15:56:51 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_34.dll

[2011/10/26 15:56:51 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_34.dll

[2011/10/26 15:56:51 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_34.dll

[2011/10/26 15:56:51 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_34.dll

[2011/10/26 15:56:51 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_34.dll

[2011/10/26 15:56:50 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_7.dll

[2011/10/26 15:56:50 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_7.dll

[2011/10/26 15:56:50 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexinput1_3.dll

[2011/10/26 15:56:50 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xinput1_3.dll

[2011/10/26 15:56:49 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_33.dll

[2011/10/26 15:56:49 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_33.dll

[2011/10/26 15:56:49 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_33.dll

[2011/10/26 15:56:49 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_33.dll

[2011/10/26 15:56:48 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_33.dll

[2011/10/26 15:56:48 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_33.dll

[2011/10/26 15:56:47 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_6.dll

[2011/10/26 15:56:47 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_5.dll

[2011/10/26 15:56:47 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_6.dll

[2011/10/26 15:56:47 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_5.dll

[2011/10/26 15:56:46 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10.dll

[2011/10/26 15:56:46 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10.dll

[2011/10/26 15:56:45 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_32.dll

[2011/10/26 15:56:45 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_32.dll

[2011/10/26 15:56:45 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_4.dll

[2011/10/26 15:56:45 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_4.dll

[2011/10/26 15:56:45 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativex3daudio1_1.dll

[2011/10/26 15:56:45 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64x3daudio1_1.dll

[2011/10/26 15:56:43 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_31.dll

[2011/10/26 15:56:43 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_31.dll

[2011/10/26 15:56:43 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_3.dll

[2011/10/26 15:56:43 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_3.dll

[2011/10/26 15:56:42 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_2.dll

[2011/10/26 15:56:42 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_2.dll

[2011/10/26 15:56:42 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexinput1_2.dll

[2011/10/26 15:56:42 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xinput1_2.dll

[2011/10/26 15:56:41 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_1.dll

[2011/10/26 15:56:41 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_1.dll

[2011/10/26 15:56:41 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexinput1_1.dll

[2011/10/26 15:56:41 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xinput1_1.dll

[2011/10/26 15:56:34 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_30.dll

[2011/10/26 15:56:34 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_30.dll

[2011/10/26 15:56:33 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_0.dll

[2011/10/26 15:56:33 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_0.dll

[2011/10/26 15:56:33 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativex3daudio1_0.dll

[2011/10/26 15:56:33 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64x3daudio1_0.dll

[2011/10/26 15:56:32 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_29.dll

[2011/10/26 15:56:32 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_29.dll

[2011/10/26 15:56:31 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_28.dll

[2011/10/26 15:56:31 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_28.dll

[2011/10/26 15:56:30 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_27.dll

[2011/10/26 15:56:30 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_27.dll

[2011/10/26 15:56:29 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_26.dll

[2011/10/26 15:56:29 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_26.dll

[2011/10/26 15:56:28 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_25.dll

[2011/10/26 15:56:28 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_25.dll

[2011/10/26 15:56:27 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_24.dll

[2011/10/26 15:56:27 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_24.dll

[2011/10/26 14:23:33 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataRoamingOrigin

[2011/10/26 14:23:28 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalOrigin

[2011/10/26 14:23:10 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsOrigin

[2011/10/26 14:23:05 | 000,000,000 | ---D | C] -- C:Program Files (x86)Origin Games

[2011/10/26 14:23:05 | 000,000,000 | ---D | C] -- C:ProgramDataOrigin

[2011/10/26 14:23:05 | 000,000,000 | ---D | C] -- C:ProgramDataElectronic Arts

[2011/10/26 14:22:47 | 000,000,000 | ---D | C] -- C:Program Files (x86)Origin

[2011/10/26 13:41:26 | 000,000,000 | ---D | C] -- C:UsersJoe Gregory.swt

[2011/10/25 05:46:29 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsiTunes

[2011/10/25 05:45:57 | 000,000,000 | ---D | C] -- C:Program FilesiTunes

[2011/10/25 05:45:57 | 000,000,000 | ---D | C] -- C:Program Files (x86)iTunes

[2011/10/25 05:45:57 | 000,000,000 | ---D | C] -- C:Program FilesiPod

[2011/10/25 05:44:02 | 000,000,000 | ---D | C] -- C:Program FilesBonjour

[2011/10/25 05:44:02 | 000,000,000 | ---D | C] -- C:Program Files (x86)Bonjour

[1 C:Windows*.tmp files -> C:Windows*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2011/11/18 14:59:00 | 000,000,932 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskUserS-1-5-21-1250342304-491281939-1565465998-1000UA.job

[2011/11/18 14:58:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:UsersJoe GregoryDesktopOTL.exe

[2011/11/18 12:09:40 | 000,014,240 | -H-- | M] () -- C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/11/18 12:09:40 | 000,014,240 | -H-- | M] () -- C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/11/18 08:58:43 | 004,300,722 | R--- | M] (Swearware) -- C:UsersJoe GregoryDesktopComboFix.exe

[2011/11/18 08:45:12 | 000,782,742 | ---- | M] () -- C:WindowsSysNativePerfStringBackup.INI

[2011/11/18 08:45:12 | 000,662,674 | ---- | M] () -- C:WindowsSysNativeperfh009.dat

[2011/11/18 08:45:12 | 000,122,470 | ---- | M] () -- C:WindowsSysNativeperfc009.dat

[2011/11/18 08:38:40 | 000,067,584 | --S- | M] () -- C:Windowsbootstat.dat

[2011/11/18 08:38:31 | 527,826,943 | -HS- | M] () -- C:hiberfil.sys

[2011/11/18 05:59:00 | 000,000,880 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskUserS-1-5-21-1250342304-491281939-1565465998-1000Core.job

[2011/11/17 12:25:16 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:WindowsSysNativejavaws.exe

[2011/11/17 12:25:15 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:WindowsSysNativedeployJava1.dll

[2011/11/17 12:25:15 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:WindowsSysNativejavaw.exe

[2011/11/17 12:25:15 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:WindowsSysNativejava.exe

[2011/11/17 11:41:13 | 000,001,152 | ---- | M] () -- C:UsersJoe GregoryApplication DataMicrosoftInternet ExplorerQuick LaunchFoxit Reader 5.1.lnk

[2011/11/15 22:09:49 | 680,680,972 | ---- | M] () -- C:WindowsMEMORY.DMP

[2011/11/13 15:14:22 | 000,001,945 | ---- | M] () -- C:Windowsepplauncher.mif

[2011/11/13 15:13:27 | 000,796,892 | ---- | M] () -- C:WindowsSysWow64PerfStringBackup.INI

[2011/11/10 13:26:26 | 004,865,424 | ---- | M] () -- C:WindowsSysNativeFNTCACHE.DAT

[2011/10/30 21:02:38 | 000,280,904 | ---- | M] () -- C:WindowsSysWow64PnkBstrB.xtr

[2011/10/30 21:02:38 | 000,280,904 | ---- | M] () -- C:WindowsSysWow64PnkBstrB.exe

[2011/10/30 20:38:42 | 000,280,904 | ---- | M] () -- C:WindowsSysWow64PnkBstrB.ex0

[2011/10/28 09:49:38 | 000,075,136 | ---- | M] () -- C:WindowsSysWow64PnkBstrA.exe

[1 C:Windows*.tmp files -> C:Windows*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2011/11/17 11:41:13 | 000,001,152 | ---- | C] () -- C:UsersJoe GregoryApplication DataMicrosoftInternet ExplorerQuick LaunchFoxit Reader 5.1.lnk

[2011/11/15 09:12:53 | 000,256,000 | ---- | C] () -- C:WindowsPEV.exe

[2011/11/15 09:12:53 | 000,208,896 | ---- | C] () -- C:WindowsMBR.exe

[2011/11/15 09:12:53 | 000,098,816 | ---- | C] () -- C:Windowssed.exe

[2011/11/15 09:12:53 | 000,080,412 | ---- | C] () -- C:Windowsgrep.exe

[2011/11/15 09:12:53 | 000,068,096 | ---- | C] () -- C:Windowszip.exe

[2011/11/13 15:14:22 | 000,001,945 | ---- | C] () -- C:Windowsepplauncher.mif

[2011/11/13 15:13:18 | 000,001,899 | ---- | C] () -- C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Security Essentials.lnk

[2011/10/30 05:41:06 | 000,796,892 | ---- | C] () -- C:WindowsSysWow64PerfStringBackup.INI

[2011/10/29 09:02:41 | 000,007,384 | ---- | C] () -- C:WindowsSysNativenvinfo.pb

[2011/10/28 09:54:59 | 000,280,904 | ---- | C] () -- C:WindowsSysWow64PnkBstrB.xtr

[2011/10/28 09:49:39 | 000,280,904 | ---- | C] () -- C:WindowsSysWow64PnkBstrB.exe

[2011/10/28 09:49:39 | 000,280,904 | ---- | C] () -- C:WindowsSysWow64PnkBstrB.ex0

[2011/10/28 09:49:38 | 000,075,136 | ---- | C] () -- C:WindowsSysWow64PnkBstrA.exe

[2011/05/30 08:14:56 | 000,007,605 | ---- | C] () -- C:UsersJoe GregoryAppDataLocalResmon.ResmonCfg

[2011/05/20 20:35:28 | 000,304,7

Share this post


Link to post
Share on other sites

Run OTL.exe

  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

     

    :Services
    
    :OTL
    IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [FAStartup] File not found
    O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [2011/01/13 18:31:36 | 000,000,600 | ---- | C] () -- C:\Users\Joe Gregory\AppData\Local\PUTTY.RND
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [purity]
    [clearallrestorepoints]
    [resethosts]
    [emptytemp]
    [start explorer]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered. There will be a log created when it completes that I will need in your next reply. Reboot when it is done.
  • Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

Share this post


Link to post
Share on other sites

All processes killed

========== SERVICES/DRIVERS ==========

========== OTL ==========

Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerURLSearchHooks{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{ba14329e-9550-4989-b3f2-9732e92d17cc} not found.

Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbarLocked deleted successfully.

Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunFAStartup deleted successfully.

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsclonewarsadventures.com deleted successfully.

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsfreerealms.com deleted successfully.

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsintuit.comttlc deleted successfully.

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainssoe.com deleted successfully.

Registry key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainssony.com deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandlerlivecall deleted successfully.

File ProtocolHandlerlivecall - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandlermsnim deleted successfully.

File ProtocolHandlermsnim - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandlerwlpg deleted successfully.

File ProtocolHandlerwlpg - No CLSID value found not found.

64bit-Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonVMApplet:/pagefile deleted successfully.

Registry value HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonVMApplet:/pagefile deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyScCertProp deleted successfully.

C:Windowsmsdownld.tmp folder deleted successfully.

C:UsersJoe GregoryAppDataLocalPUTTY.RND moved successfully.

========== FILES ==========

< ipconfig /flushdns /c >

Windows IP Configuration

Could not flush the DNS Resolver Cache: Function failed during execution.

C:UsersJoe GregoryDesktopcmd.bat deleted successfully.

C:UsersJoe GregoryDesktopcmd.txt deleted successfully.

========== COMMANDS ==========

Restore point Set: OTL Restore Point

C:WindowsSystem32driversetcHosts moved successfully.

HOSTS file reset successfully

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Gaming

->Temp folder emptied: 0 bytes

 

User: Joe Gregory

->Temp folder emptied: 4876187 bytes

->Temporary Internet Files folder emptied: 157775595 bytes

->Java cache emptied: 794308 bytes

->Google Chrome cache emptied: 177367475 bytes

->Flash cache emptied: 1216100 bytes

 

User: Public

->Temp folder emptied: 0 bytes

 

User: Test

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 1166750 bytes

->Google Chrome cache emptied: 74988972 bytes

->Flash cache emptied: 4438 bytes

 

User: UpdatusUser

->Temp folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%System32 .tmp files removed: 0 bytes

%systemroot%System32 (64bit) .tmp files removed: 0 bytes

%systemroot%System32drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 19986 bytes

%systemroot%sysnativeconfigsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet Files folder emptied: 50333 bytes

RecycleBin emptied: 13570268910 bytes

 

Total Files Cleaned = 13,341.00 mb

 

 

OTL by OldTimer - Version 3.2.31.0 log created on 11182011_195045

 

FilesFolders moved on Reboot...

C:UsersJoe GregoryAppDataLocalTempFXSAPIDebugLogFile.txt moved successfully.

C:Windowstemp~DFD9610D16B6ADBCC8.TMP moved successfully.

 

Registry entries deleted on Reboot...

 

 

 

 

 

 

 

OTL logfile created on: 11/18/2011 8:00:22 PM - Run 2

OTL by OldTimer - Version 3.2.31.0 Folder = C:UsersJoe GregoryDesktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

5.99 Gb Total Physical Memory | 3.77 Gb Available Physical Memory | 63.03% Memory free

11.98 Gb Paging File | 9.55 Gb Available in Paging File | 79.73% Paging File free

Paging file location(s): ?:pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)

Drive C: | 451.07 Gb Total Space | 217.78 Gb Free Space | 48.28% Space Free | Partition Type: NTFS

 

Computer Name: JOE-ALIENWARE | User Name: Joe Gregory | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:UsersJoe GregoryDesktopOTL.exe (OldTimer Tools)

PRC - C:Program Files (x86)Common FilesSteamSteamService.exe (Valve Corporation)

PRC - C:Program Files (x86)SteamSteam.exe (Valve Corporation)

PRC - C:WindowsSysWOW64PnkBstrA.exe ()

PRC - C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe (NVIDIA Corporation)

PRC - C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (NVIDIA Corporation)

PRC - C:Program Files (x86)VuzeAzureus.exe (Vuze Inc.)

PRC - C:Program Files (x86)IObitGame Boostergbtray.exe (IObit)

PRC - C:Program Files (x86)Windows Media Playerwmplayer.exe (Microsoft Corporation)

PRC - C:Program Files (x86)Common FilesIntuitUpdate ServiceIntuitUpdateService.exe (Intuit Inc.)

PRC - C:Program FilesAlienwareCommand CenterAlienFusionController.exe ()

PRC - C:Program FilesAlienwareCommand CenterAlienSenseFATrayMon.exe (Sensible Vision )

PRC - C:Program FilesAlienwareCommand CenterAlienSenseFATrayAlert.exe (Sensible Vision )

PRC - C:Program FilesAlienwareCommand CenterAlienSenseFAService.exe (Sensible Vision )

PRC - C:Program Files (x86)OSDOSD_Main.exe (Microsoft)

PRC - C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe (Intel Corporation)

PRC - C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe (Intel Corporation)

PRC - C:Program Files (x86)OSDOSD_Service.exe ()

PRC - C:Program Files (x86)Common FilesNeroNero BackItUp 4NBService.exe (Nero AG)

PRC - C:Program Files (x86)POWERISOPWRISOVM.EXE (PowerISO Computing, Inc.)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:UsersJoe GregoryAppDataRoamingAzureuspluginsazutpwin32utp.dll ()

MOD - C:Program Files (x86)Steambinlibcef.dll ()

MOD - C:Program Files (x86)Steambinavcodec-52.dll ()

MOD - C:Program Files (x86)Steambinchromehtml.dll ()

MOD - C:Program Files (x86)Steambinavformat-52.dll ()

MOD - C:Program Files (x86)Steambinavutil-50.dll ()

MOD - C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120ppgooglenaclpluginchrome.dll ()

MOD - C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120pdf.dll ()

MOD - C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120avutil-51.dll ()

MOD - C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120avformat-53.dll ()

MOD - C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120avcodec-53.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32System.Management1049a76b3de293df726d380932215c91System.Management.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32System.Web8e7909ef6b5f953d49244c6b9f5f5100System.Web.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32System.Runtime.Remo#b2622080e047040fa044dd21a04ff10dSystem.Runtime.Remoting.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32WindowsBased7a64c28cf0c90e6c48af4f7d6f9ed41WindowsBase.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32IAStorUtil3c8f9ba115087754b5b1d8394fc818baIAStorUtil.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32System.Windows.Forms6e592e424a204aafeadbe22b6b31b9dbSystem.Windows.Forms.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32System.Drawing3b2cfd85528a27eb71dc41d8067359a1System.Drawing.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32System.Xml130ad4d9719e566ca933ac7158a04203System.Xml.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32System.Configuration2d5bcbeb9475ef62189f605bcca1cec6System.Configuration.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32Systemabab08afa60a6f06bdde0fcc9649c379System.ni.dll ()

MOD - C:WindowsassemblyNativeImages_v2.0.50727_32mscorliba1a82db68b3badc7c27ea1f6579d22c5mscorlib.ni.dll ()

MOD - C:WindowsSysWOW64MacromedFlashNPSWF32.dll ()

MOD - C:Program Files (x86)Vuzepluginsazitunesjacob-1.14.3-x86.dll ()

MOD - C:Program Files (x86)VuzepluginsazituneslibProcessAccess.dll ()

MOD - C:Program Files (x86)Vuzeaereg.dll ()

MOD - C:Program Files (x86)IObitGame Boostermadexcept_.bpl ()

MOD - C:Program Files (x86)IObitGame Boostersqlite3.dll ()

MOD - C:WindowsassemblyGAC_MSILAlienLabsTools1.0.92.0__bebb3c8816410241AlienLabsTools.dll ()

MOD - C:WindowsassemblyGAC_MSILAlienlabs.CommandCenter.Tools1.0.92.0__bebb3c8816410241Alienlabs.CommandCenter.Tools.dll ()

MOD - C:Program FilesAlienwareCommand CenterAlienFusionDomain.dll ()

MOD - C:Program FilesAlienwareCommand CenterAlienFusionController.exe ()

MOD - C:WindowsSysWOW64FAIEExtension.dll ()

MOD - C:WindowsSysWOW64FAib.dll ()

MOD - C:WindowsSysWOW64FACrashRpt.dll ()

MOD - C:Program Files (x86)IObitGame Boostermadbasic_.bpl ()

MOD - C:Program Files (x86)IObitGame BoostermaddisAsm_.bpl ()

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (NisSrv) -- c:Program FilesMicrosoft Security ClientAntimalwareNisSrv.exe (Microsoft Corporation)

SRV:64bit: - (MsMpSvc) -- c:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe (Microsoft Corporation)

SRV:64bit: - (AlienFusionService) -- C:Program FilesAlienwareCommand CenterAlienFusionService.exe (Alienware)

SRV:64bit: - (FAService) -- C:Program FilesAlienwareCommand CenterAlienSenseFAService.exe (Sensible Vision )

SRV:64bit: - (wltrysvc) -- C:Program FilesDellDW WLAN CardWLTRYSVC.EXE (Dell Inc.)

SRV:64bit: - (STacSV) -- C:WindowsSysNativeDriverStoreFileRepositorystwrt64.inf_amd64_neutral_056607ee0106e5e8stacsv64.exe (IDT, Inc.)

SRV:64bit: - (btwdins) -- c:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe (Broadcom Corporation.)

SRV:64bit: - (WinDefend) -- C:Program FilesWindows DefenderMpSvc.dll (Microsoft Corporation)

SRV:64bit: - (AESTFilters) -- C:WindowsSysNativeDriverStoreFileRepositorystwrt64.inf_amd64_neutral_056607ee0106e5e8AESTSr64.exe (Andrea Electronics Corporation)

SRV - (Steam Client Service) -- C:Program Files (x86)Common FilesSteamSteamService.exe (Valve Corporation)

SRV - (PnkBstrA) -- C:WindowsSysWOW64PnkBstrA.exe ()

SRV - (nvUpdatusService) -- C:Program Files (x86)NVIDIA CorporationNVIDIA Updatusdaemonu.exe (NVIDIA Corporation)

SRV - (Stereo Service) -- C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (IntuitUpdateService) -- C:Program Files (x86)Common FilesIntuitUpdate ServiceIntuitUpdateService.exe (Intuit Inc.)

SRV - (nTuneService) -- C:Program Files (x86)NVIDIA CorporationnTunenTuneService.exe (NVIDIA)

SRV - (clr_optimization_v4.0.30319_32) -- C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe (Microsoft Corporation)

SRV - (IAStorDataMgrSvc) Intel® -- C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe (Intel Corporation)

SRV - (SwitchBoard) -- C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe (Adobe Systems Incorporated)

SRV - (HappyOSD) -- C:Program Files (x86)OSDOSD_Service.exe ()

SRV - (Nero BackItUp Scheduler 4.0) -- C:Program Files (x86)Common FilesNeroNero BackItUp 4NBService.exe (Nero AG)

SRV - (clr_optimization_v2.0.50727_32) -- C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - (NVHDA) -- C:WindowsSysNativedriversnvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (USBAAPL64) -- C:WindowsSysNativedriversusbaapl64.sys (Apple, Inc.)

DRV:64bit: - (NisDrv) -- C:WindowsSysNativedriversNisDrvWFP.sys (Microsoft Corporation)

DRV:64bit: - (amdsata) -- C:WindowsSysNativedriversamdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:WindowsSysNativedriversamdxata.sys (Advanced Micro Devices)

DRV:64bit: - (RzSynapse) -- C:WindowsSysNativedriversRzSynapse.sys (Razer USA Ltd)

DRV:64bit: - (HpSAMD) -- C:WindowsSysNativedriversHpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbFlt) -- C:WindowsSysNativedriversTsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (sdbus) -- C:WindowsSysNativedriverssdbus.sys (Microsoft Corporation)

DRV:64bit: - (S3XXx64) -- C:WindowsSysNativedriversS3XXx64.sys (SCM Microsystems Inc.)

DRV:64bit: - (Point64) -- C:WindowsSysNativedriverspoint64.sys (Microsoft Corporation)

DRV:64bit: - (itecir) -- C:WindowsSysNativedriversitecir.sys (ITE Tech. Inc. )

DRV:64bit: - (BCM43XX) -- C:WindowsSysNativedriversBCMWL664.SYS (Broadcom Corporation)

DRV:64bit: - (btusbflt) -- C:WindowsSysNativedriversbtusbflt.sys (Broadcom Corporation.)

DRV:64bit: - (ivusb) -- C:WindowsSysNativedriversivusb.sys (Initio Corporation)

DRV:64bit: - (iaStor) -- C:WindowsSysNativedriversiaStor.sys (Intel Corporation)

DRV:64bit: - (BCM42RLY) -- C:WindowsSysNativedriversbcm42rly.sys (Broadcom Corporation)

DRV:64bit: - (e1kexpress) Intel® -- C:WindowsSysNativedriverse1k62x64.sys (Intel Corporation)

DRV:64bit: - (Acceler) -- C:WindowsSysNativedriversAcceler.sys (ST Microelectronics)

DRV:64bit: - (LGVirHid) -- C:WindowsSysNativedriversLGVirHid.sys (Logitech Inc.)

DRV:64bit: - (LGBusEnum) -- C:WindowsSysNativedriversLGBusEnum.sys (Logitech Inc.)

DRV:64bit: - (SynTP) -- C:WindowsSysNativedriversSynTP.sys (Synaptics Incorporated)

DRV:64bit: - (iSSetup) -- C:WindowsSysNativedriversiSSetup.sys (Intel Corporation)

DRV:64bit: - (STHDA) -- C:WindowsSysNativedriversstwrt64.sys (IDT, Inc.)

DRV:64bit: - (netr28ux) -- C:WindowsSysNativedriversnetr28ux.sys (Ralink Technology Corp.)

DRV:64bit: - (ioatdma2) Intel® -- C:WindowsSysNativedriversqd262x64.sys (Intel Corporation)

DRV:64bit: - (ioatdma1) -- C:WindowsSysNativedriversqd162x64.sys (Intel Corporation)

DRV:64bit: - (ioatdma) Intel® -- C:WindowsSysNativedriversioatdma.sys (Intel Corporation)

DRV:64bit: - (amdsbs) -- C:WindowsSysNativedriversamdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:WindowsSysNativedriverslsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:WindowsSysNativedriversstexstor.sys (Promise Technology)

DRV:64bit: - (StillCam) -- C:WindowsSysNativedriversserscan.sys (Microsoft Corporation)

DRV:64bit: - (btwaudio) -- C:WindowsSysNativedriversbtwaudio.sys (Broadcom Corporation.)

DRV:64bit: - (btwavdt) -- C:WindowsSysNativedriversbtwavdt.sys (Broadcom Corporation.)

DRV:64bit: - (btwrchid) -- C:WindowsSysNativedriversbtwrchid.sys (Broadcom Corporation.)

DRV:64bit: - (ebdrv) -- C:WindowsSysNativedriversevbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:WindowsSysNativedriversbxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:WindowsSysNativedriversb57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:WindowsSysNativedrivershcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (GEARAspiWDM) -- C:WindowsSysNativedriversGEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (btwl2cap) -- C:WindowsSysNativedriversbtwl2cap.sys (Broadcom Corporation.)

DRV:64bit: - (SCDEmu) -- C:WindowsSysNativedriversscdemu.sys (PowerISO Computing, Inc.)

DRV:64bit: - (rimmptsk) -- C:WindowsSysNativedriversrimmpx64.sys (REDC)

DRV:64bit: - (FACAP) -- C:WindowsSysNativedriversfacap.sys (Sensible Vision )

DRV:64bit: - (rimsptsk) -- C:WindowsSysNativedriversrimspx64.sys (REDC)

DRV:64bit: - (rismxdp) -- C:WindowsSysNativedriversrixdpx64.sys (REDC)

DRV:64bit: - (IAMTVE) Driver for Intel® -- C:WindowsSysNativedriversIAMTVE.sys (Intel Corporation)

DRV:64bit: - (IAMTXPE) Driver for Intel® -- C:WindowsSysNativedriversIAMTXPE.sys (Intel Corporation)

DRV:64bit: - (RemoteControl-USBLAN) -- C:WindowsSysNativedriversrcblan.sys (Belcarra Technologies)

DRV:64bit: - (WimFltr) -- C:WindowsSysNativedriversWimFltr.sys (Microsoft Corporation)

DRV - (WIMMount) -- C:WindowsSysWOW64driverswimmount.sys (Microsoft Corporation)

DRV - (WinRing0_1_2_0) -- C:Program Files (x86)OSDWinRing0x64.sys (OpenLibSys.org)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm

 

IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Secondary_Page_URL = http://support.alienware.com [binary data]

IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank

IE - HKCU..URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll (Yahoo! Inc.)

IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

IE - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyOverride" = *.local

 

FF:64bit: - [email protected]/JavaPlugin: C:Program FilesJavajre7binnew_pluginnpjp2.dll (Oracle Corporation)

FF:64bit: - [email protected]/GENUINE: disabled File not found

FF - [email protected]/FlashPlayer: C:WindowsSysWOW64MacromedFlashNPSWF32.dll ()

FF - [email protected]/iTunes,version=: File not found

FF - [email protected]/iTunes,version=1.0: C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll ()

FF - [email protected]/esnsonar,version=0.70.3: C:Program Files (x86)Battlelog Web PluginsSonar0.70.3npesnsonar.dll (ESN Social Software AB)

FF - [email protected]/esnlaunch,version=1.96.0: C:Program Files (x86)Battlelog Web Plugins1.96.0npesnlaunch.dll (ESN Social Software AB)

FF - [email protected]/JavaPlugin: C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll (Sun Microsystems, Inc.)

FF - [email protected]/GENUINE: disabled File not found

FF - [email protected]/NpCtrl,version=1.0: c:Program Files (x86)Microsoft Silverlight4.0.60831.0npctrl.dll ( Microsoft Corporation)

FF - [email protected]/WLPG,version=15.4.3502.0922: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)

FF - [email protected]/WLPG,version=15.4.3508.1109: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)

FF - [email protected]/3DVision: C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dv.dll (NVIDIA Corporation)

FF - [email protected]/3DVisionStreaming: C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dvstreaming.dll (NVIDIA Corporation)

FF - [email protected]/Google Update;version=3: C:UsersJoe GregoryAppDataLocalGoogleUpdate1.3.21.79npGoogleUpdate3.dll (Google Inc.)

FF - [email protected]/Google Update;version=9: C:UsersJoe GregoryAppDataLocalGoogleUpdate1.3.21.79npGoogleUpdate3.dll (Google Inc.)

 

 

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Disabled) = C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120gcswf32.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)QuickTimepluginsnpqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:Program Files (x86)Javajre6binnew_pluginnpdeployJava1.dll

CHR - plugin: Java Platform SE 6 U24 (Enabled) = C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:Program Files (x86)Microsoft Silverlight4.0.60531.0npctrl.dll

CHR - plugin: Chrome NaCl (Enabled) = C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:UsersJoe GregoryAppDataLocalGoogleChromeApplication15.0.874.120pdf.dll

CHR - plugin: AVG Internet Security (Enabled) = C:UsersJoe GregoryAppDataLocalGoogleChromeUser DataDefaultExtensionsjmfkcklnlgedgbglfkkgedjfmejoahla10.0.0.1390_0plugins/avgnpss.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:Program Files (x86)AdobeReader 9.0ReaderBrowsernppdf32.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dvstreaming.dll

CHR - plugin: Windows Live Photo Gallery (Enabled) = C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll

CHR - plugin: Google Update (Enabled) = C:UsersJoe GregoryAppDataLocalGoogleUpdate1.3.21.57npGoogleUpdate3.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: WOT = C:UsersJoe GregoryAppDataLocalGoogleChromeUser DataDefaultExtensionsbhmmomiinigofkjcapegjjndpbikblnp1.2.5_0

CHR - Extension: Zeppelin = C:UsersJoe GregoryAppDataLocalGoogleChromeUser DataDefaultExtensionsgonpmjifhghfjnbijodbhjmpaogaipap1.0_0

 

O1 HOSTS File: ([2011/11/18 19:51:02 | 000,000,098 | ---- | M]) - C:WindowsSysNativedriversetcHosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre7binjp2ssv.dll (Oracle Corporation)

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll (Yahoo! Inc.)

O2 - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:Program FilesAlienwareCommand CenterAlienSenseFAIESSO.dll (Sensible Vision )

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:Program Files (x86)Yahoo!CompanionInstallscpnYTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM..Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll (Yahoo! Inc.)

O4:64bit: - HKLM..Run: [broadcom Wireless Manager UI] C:Program FilesDellDW WLAN CardWLTRAY.EXE (Dell Inc.)

O4:64bit: - HKLM..Run: [intelliPoint] c:Program FilesMicrosoft IntelliPointipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..Run: [MSC] c:Program FilesMicrosoft Security Clientmsseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..Run: [NVHotkey] C:WindowsSysNativenvHotkey.dll (NVIDIA Corporation)

O4:64bit: - HKLM..Run: [sysTrayApp] C:Program FilesIDTWDMsttray64.exe (IDT, Inc.)

O4 - HKLM..Run: [FAStartup] File not found

O4 - HKLM..Run: [FATrayAlert] C:Program FilesAlienwareCommand CenterAlienSenseFATrayMon.exe (Sensible Vision )

O4 - HKLM..Run: [iAStorIcon] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe (Intel Corporation)

O4 - HKLM..Run: [OSD_LAUNCH] c:Program Files (x86)OSDLaunch.exe (HH)

O4 - HKLM..Run: [PWRISOVM.EXE] C:Program Files (x86)POWERISOPWRISOVM.EXE (PowerISO Computing, Inc.)

O4 - HKCU..Run: [Azureus] C:Program Files (x86)VuzeAzureus.exe (Vuze Inc.)

O4 - HKCU..Run: [steam] C:Program Files (x86)Steamsteam.exe (Valve Corporation)

O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorAdmin = 5

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorUser = 3

O7 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present

O7 - HKCUSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDrives = 0

O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O8 - Extra context menu item: Send image to &Bluetooth Device... - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm ()

O8 - Extra context menu item: Send page to &Bluetooth Device... - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O9:64bit: - Extra Button: @c:Program FilesWIDCOMMBluetooth Softwarebtrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @c:Program FilesWIDCOMMBluetooth Softwarebtrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm ()

O10:64bit: - NameSpace_Catalog5Catalog_Entries64000000000010 [] - C:Program FilesBonjourmdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5Catalog_Entries000000000010 [] - C:Program Files (x86)BonjourmdnsNSP.dll (Apple Inc.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)

O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 10.0.0.1

O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{13FE863B-B116-42FB-A2B1-748C35E9E8B2}: DhcpNameServer = 192.168.0.1

O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{2CC954AF-5EC3-4C88-9C11-CA990A296B21}: DhcpNameServer = 12.127.16.67 69.60.160.196

O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{F3F200F6-E432-4BDC-94CC-47AEDE094030}: DhcpNameServer = 10.0.0.1

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:Windowsexplorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) - C:WindowsSysNativeuserinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:WindowsSysNativeSystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:WindowsSysWow64explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) -C:WindowsSysWOW64userinit.exe (Microsoft Corporation)

O20 - WinlogonNotifyFastAccess: DllName - (C:Program FilesAlienwareCommand CenterAlienSenseFALogNot.dll) - C:Program FilesAlienwareCommand CenterAlienSenseFALogNot.dll ()

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM..comfile [open] -- "%1" %*

O35:64bit: - HKLM..exefile [open] -- "%1" %*

O35 - HKLM..comfile [open] -- "%1" %*

O35 - HKLM..exefile [open] -- "%1" %*

O37:64bit: - HKLM...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM...exe [@ = exefile] -- "%1" %*

O37 - HKLM...com [@ = ComFile] -- "%1" %*

O37 - HKLM...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/11/18 19:50:45 | 000,000,000 | ---D | C] -- C:_OTL

[2011/11/18 14:58:36 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:UsersJoe GregoryDesktopOTL.exe

[2011/11/18 13:57:34 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuPrograms2K Games

[2011/11/18 13:56:32 | 000,000,000 | ---D | C] -- C:Program Files (x86)2K Games

[2011/11/18 13:28:35 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsDungeon Siege 2

[2011/11/18 13:26:23 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft Games

[2011/11/18 10:46:38 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN

[2011/11/18 10:31:13 | 000,000,000 | -HSD | C] -- C:$RECYCLE.BIN

[2011/11/18 08:58:25 | 004,300,722 | R--- | C] (Swearware) -- C:UsersJoe GregoryDesktopComboFix.exe

[2011/11/18 08:22:41 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryDesktopGaming

[2011/11/17 15:53:03 | 000,000,000 | -H-D | C] -- C:ProgramDataCanonBJ

[2011/11/17 12:25:39 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:WindowsSysNativejavaws.exe

[2011/11/17 12:25:39 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:WindowsSysNativejavaw.exe

[2011/11/17 12:25:39 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:WindowsSysNativejava.exe

[2011/11/17 11:41:12 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsFoxit Reader 5.1

[2011/11/17 11:41:06 | 000,000,000 | ---D | C] -- C:Program Files (x86)Foxit Software

[2011/11/16 08:58:41 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:WindowsSysNativedriversmbam.sys

[2011/11/15 18:37:32 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocaltemp

[2011/11/15 09:12:53 | 000,518,144 | ---- | C] (SteelWerX) -- C:WindowsSWREG.exe

[2011/11/15 09:12:53 | 000,406,528 | ---- | C] (SteelWerX) -- C:WindowsSWSC.exe

[2011/11/15 09:12:53 | 000,060,416 | ---- | C] (NirSoft) -- C:WindowsNIRCMD.exe

[2011/11/15 09:12:44 | 000,000,000 | ---D | C] -- C:WindowsERDNT

[2011/11/15 09:09:36 | 000,000,000 | ---D | C] -- C:Qoobox

[2011/11/14 10:50:55 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalNVIDIA Corporation

[2011/11/13 20:29:14 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsBurnInTest

[2011/11/13 20:29:13 | 000,000,000 | ---D | C] -- C:WindowsSysNativetemp

[2011/11/13 20:29:13 | 000,000,000 | ---D | C] -- C:ProgramDataPassMark

[2011/11/13 20:29:02 | 000,000,000 | ---D | C] -- C:Program FilesBurnInTest

[2011/11/13 15:13:23 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft Security Client

[2011/11/13 15:13:13 | 000,000,000 | ---D | C] -- C:Program FilesMicrosoft Security Client

[2011/11/13 15:08:41 | 000,000,000 | ---D | C] -- C:ProgramDataPCPitstop

[2011/11/13 14:57:47 | 000,000,000 | ---D | C] -- C:Windowspss

[2011/11/13 14:48:15 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsCPU Speed Professional

[2011/11/13 14:48:13 | 000,000,000 | ---D | C] -- C:Program Files (x86)CPU Speed Pro

[2011/11/13 11:42:53 | 000,000,000 | ---D | C] -- C:Program Files (x86)Seagate

[2011/11/13 10:31:44 | 000,000,000 | ---D | C] -- C:Program Files (x86)WinTools Software

[2011/11/13 08:56:39 | 000,000,000 | ---D | C] -- C:Program FilesCPUID

[2011/11/13 07:58:01 | 000,000,000 | ---D | C] -- C:ProgramDataNVIDIA Corporation

[2011/11/13 06:47:38 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataRoamingMalwarebytes

[2011/11/13 06:47:25 | 000,000,000 | ---D | C] -- C:ProgramDataMalwarebytes

[2011/11/13 06:40:32 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalSkyrim

[2011/11/12 22:31:21 | 000,000,000 | ---D | C] -- C:Program Files (x86)CleanMyPC

[2011/11/08 21:20:08 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalwb games

[2011/10/30 19:54:25 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocal{1F653DA0-AFFE-473C-9586-85A551C16693}

[2011/10/30 06:00:01 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalChromium

[2011/10/30 05:41:40 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryDocumentsStronghold 3

[2011/10/29 14:43:36 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsPKR

[2011/10/29 14:43:36 | 000,000,000 | ---D | C] -- C:Program Files (x86)PKR

[2011/10/29 12:06:06 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataRoamingMicrosoftWindowsStart MenuProgramsAtari

[2011/10/29 09:08:20 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsNVIDIA Corporation

[2011/10/29 09:02:57 | 000,174,184 | ---- | C] (NVIDIA Corporation) -- C:WindowsSysNativedriversnvhda64v.sys

[2011/10/29 09:02:57 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:WindowsSysNativenvhdap64.dll

[2011/10/29 09:02:56 | 001,452,648 | ---- | C] (NVIDIA Corporation) -- C:WindowsSysNativenvhdagenco6420102.dll

[2011/10/29 09:02:41 | 001,533,248 | ---- | C] (NVIDIA Corporation) -- C:WindowsSysNativenvdispco64.dll

[2011/10/29 09:02:41 | 001,454,400 | ---- | C] (NVIDIA Corporation) -- C:WindowsSysNativenvgenco64.dll

[2011/10/29 08:59:39 | 000,000,000 | ---D | C] -- C:NVIDIA

[2011/10/29 08:11:05 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesJava

[2011/10/29 08:10:53 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:WindowsSysWow64javaws.exe

[2011/10/29 08:10:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:WindowsSysWow64javaw.exe

[2011/10/29 08:10:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:WindowsSysWow64java.exe

[2011/10/28 11:56:04 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalESN Sonar

[2011/10/28 09:54:56 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalPunkBuster

[2011/10/28 09:54:48 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryDocumentsBattlefield 3

[2011/10/28 09:54:00 | 000,000,000 | ---D | C] -- C:Program Files (x86)Battlelog Web Plugins

[2011/10/28 09:52:02 | 000,000,000 | ---D | C] -- C:ProgramDataEA Core

[2011/10/28 09:50:13 | 000,000,000 | -H-D | C] -- C:Program Files (x86)Common FilesEAInstaller

[2011/10/26 15:57:32 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryDocumentsOrcs Must Die

[2011/10/26 15:57:26 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_7.dll

[2011/10/26 15:57:26 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_7.dll

[2011/10/26 15:57:26 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_5.dll

[2011/10/26 15:57:26 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_5.dll

[2011/10/26 15:57:25 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_7.dll

[2011/10/26 15:57:25 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_7.dll

[2011/10/26 15:57:24 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_43.dll

[2011/10/26 15:57:24 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_43.dll

[2011/10/26 15:57:23 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dcsx_43.dll

[2011/10/26 15:57:23 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dcsx_43.dll

[2011/10/26 15:57:23 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_43.dll

[2011/10/26 15:57:23 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_43.dll

[2011/10/26 15:57:23 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx11_43.dll

[2011/10/26 15:57:23 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx11_43.dll

[2011/10/26 15:57:22 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_43.dll

[2011/10/26 15:57:22 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_43.dll

[2011/10/26 15:57:21 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_6.dll

[2011/10/26 15:57:21 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_6.dll

[2011/10/26 15:57:21 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_6.dll

[2011/10/26 15:57:21 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_6.dll

[2011/10/26 15:57:21 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_4.dll

[2011/10/26 15:57:21 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_4.dll

[2011/10/26 15:57:21 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_7.dll

[2011/10/26 15:57:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_7.dll

[2011/10/26 15:57:20 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_5.dll

[2011/10/26 15:57:20 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_5.dll

[2011/10/26 15:57:20 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_5.dll

[2011/10/26 15:57:20 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_5.dll

[2011/10/26 15:57:19 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_42.dll

[2011/10/26 15:57:19 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_42.dll

[2011/10/26 15:57:18 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dcsx_42.dll

[2011/10/26 15:57:18 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dcsx_42.dll

[2011/10/26 15:57:17 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_42.dll

[2011/10/26 15:57:17 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_42.dll

[2011/10/26 15:57:17 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx11_42.dll

[2011/10/26 15:57:17 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx11_42.dll

[2011/10/26 15:57:16 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_42.dll

[2011/10/26 15:57:16 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_42.dll

[2011/10/26 15:57:15 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_41.dll

[2011/10/26 15:57:15 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_41.dll

[2011/10/26 15:57:13 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_41.dll

[2011/10/26 15:57:13 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_41.dll

[2011/10/26 15:57:13 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_4.dll

[2011/10/26 15:57:13 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_4.dll

[2011/10/26 15:57:13 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_3.dll

[2011/10/26 15:57:13 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_3.dll

[2011/10/26 15:57:12 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_4.dll

[2011/10/26 15:57:12 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_4.dll

[2011/10/26 15:57:12 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_6.dll

[2011/10/26 15:57:12 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_6.dll

[2011/10/26 15:57:11 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_40.dll

[2011/10/26 15:57:11 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_40.dll

[2011/10/26 15:57:11 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_40.dll

[2011/10/26 15:57:11 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_40.dll

[2011/10/26 15:57:09 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_40.dll

[2011/10/26 15:57:09 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_40.dll

[2011/10/26 15:57:09 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_3.dll

[2011/10/26 15:57:09 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_3.dll

[2011/10/26 15:57:09 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_2.dll

[2011/10/26 15:57:09 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_2.dll

[2011/10/26 15:57:08 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_2.dll

[2011/10/26 15:57:08 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_2.dll

[2011/10/26 15:57:08 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_3.dll

[2011/10/26 15:57:08 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_3.dll

[2011/10/26 15:57:08 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_1.dll

[2011/10/26 15:57:08 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_1.dll

[2011/10/26 15:57:08 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_5.dll

[2011/10/26 15:57:08 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_5.dll

[2011/10/26 15:57:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_2.dll

[2011/10/26 15:57:07 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_2.dll

[2011/10/26 15:57:06 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_39.dll

[2011/10/26 15:57:06 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_39.dll

[2011/10/26 15:57:06 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_39.dll

[2011/10/26 15:57:06 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_39.dll

[2011/10/26 15:57:05 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_39.dll

[2011/10/26 15:57:05 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_39.dll

[2011/10/26 15:57:05 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_1.dll

[2011/10/26 15:57:05 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_1.dll

[2011/10/26 15:57:05 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_0.dll

[2011/10/26 15:57:05 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_0.dll

[2011/10/26 15:57:04 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_1.dll

[2011/10/26 15:57:04 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_1.dll

[2011/10/26 15:57:04 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_4.dll

[2011/10/26 15:57:04 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_4.dll

[2011/10/26 15:57:03 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_38.dll

[2011/10/26 15:57:03 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_38.dll

[2011/10/26 15:57:03 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_38.dll

[2011/10/26 15:57:03 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_38.dll

[2011/10/26 15:57:02 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_38.dll

[2011/10/26 15:57:02 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_38.dll

[2011/10/26 15:57:02 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_0.dll

[2011/10/26 15:57:02 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_0.dll

[2011/10/26 15:57:01 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_0.dll

[2011/10/26 15:57:01 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_0.dll

[2011/10/26 15:57:01 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_3.dll

[2011/10/26 15:57:01 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_3.dll

[2011/10/26 15:57:00 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_37.dll

[2011/10/26 15:57:00 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_37.dll

[2011/10/26 15:57:00 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_37.dll

[2011/10/26 15:57:00 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_37.dll

[2011/10/26 15:56:59 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_37.dll

[2011/10/26 15:56:59 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_37.dll

[2011/10/26 15:56:58 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_10.dll

[2011/10/26 15:56:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_10.dll

[2011/10/26 15:56:57 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_36.dll

[2011/10/26 15:56:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_36.dll

[2011/10/26 15:56:57 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_36.dll

[2011/10/26 15:56:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_36.dll

[2011/10/26 15:56:56 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_36.dll

[2011/10/26 15:56:56 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_36.dll

[2011/10/26 15:56:55 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_9.dll

[2011/10/26 15:56:55 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_9.dll

[2011/10/26 15:56:54 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_35.dll

[2011/10/26 15:56:54 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_35.dll

[2011/10/26 15:56:54 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_35.dll

[2011/10/26 15:56:54 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_35.dll

[2011/10/26 15:56:53 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_35.dll

[2011/10/26 15:56:53 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_35.dll

[2011/10/26 15:56:52 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_8.dll

[2011/10/26 15:56:52 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_8.dll

[2011/10/26 15:56:52 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_2.dll

[2011/10/26 15:56:52 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_2.dll

[2011/10/26 15:56:51 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_34.dll

[2011/10/26 15:56:51 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_34.dll

[2011/10/26 15:56:51 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_34.dll

[2011/10/26 15:56:51 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_34.dll

[2011/10/26 15:56:51 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_34.dll

[2011/10/26 15:56:51 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_34.dll

[2011/10/26 15:56:50 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_7.dll

[2011/10/26 15:56:50 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_7.dll

[2011/10/26 15:56:50 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexinput1_3.dll

[2011/10/26 15:56:50 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xinput1_3.dll

[2011/10/26 15:56:49 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_33.dll

[2011/10/26 15:56:49 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_33.dll

[2011/10/26 15:56:49 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_33.dll

[2011/10/26 15:56:49 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_33.dll

[2011/10/26 15:56:48 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_33.dll

[2011/10/26 15:56:48 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_33.dll

[2011/10/26 15:56:47 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_6.dll

[2011/10/26 15:56:47 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_5.dll

[2011/10/26 15:56:47 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_6.dll

[2011/10/26 15:56:47 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_5.dll

[2011/10/26 15:56:46 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10.dll

[2011/10/26 15:56:46 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10.dll

[2011/10/26 15:56:45 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_32.dll

[2011/10/26 15:56:45 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_32.dll

[2011/10/26 15:56:45 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_4.dll

[2011/10/26 15:56:45 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_4.dll

[2011/10/26 15:56:45 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativex3daudio1_1.dll

[2011/10/26 15:56:45 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64x3daudio1_1.dll

[2011/10/26 15:56:43 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_31.dll

[2011/10/26 15:56:43 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_31.dll

[2011/10/26 15:56:43 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_3.dll

[2011/10/26 15:56:43 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_3.dll

[2011/10/26 15:56:42 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_2.dll

[2011/10/26 15:56:42 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_2.dll

[2011/10/26 15:56:42 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexinput1_2.dll

[2011/10/26 15:56:42 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xinput1_2.dll

[2011/10/26 15:56:41 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_1.dll

[2011/10/26 15:56:41 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_1.dll

[2011/10/26 15:56:41 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexinput1_1.dll

[2011/10/26 15:56:41 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xinput1_1.dll

[2011/10/26 15:56:34 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_30.dll

[2011/10/26 15:56:34 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_30.dll

[2011/10/26 15:56:33 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_0.dll

[2011/10/26 15:56:33 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_0.dll

[2011/10/26 15:56:33 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativex3daudio1_0.dll

[2011/10/26 15:56:33 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64x3daudio1_0.dll

[2011/10/26 15:56:32 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_29.dll

[2011/10/26 15:56:32 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_29.dll

[2011/10/26 15:56:31 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_28.dll

[2011/10/26 15:56:31 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_28.dll

[2011/10/26 15:56:30 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_27.dll

[2011/10/26 15:56:30 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_27.dll

[2011/10/26 15:56:29 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_26.dll

[2011/10/26 15:56:29 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_26.dll

[2011/10/26 15:56:28 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_25.dll

[2011/10/26 15:56:28 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_25.dll

[2011/10/26 15:56:27 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_24.dll

[2011/10/26 15:56:27 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_24.dll

[2011/10/26 14:23:33 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataRoamingOrigin

[2011/10/26 14:23:28 | 000,000,000 | ---D | C] -- C:UsersJoe GregoryAppDataLocalOrigin

[2011/10/26 14:23:10 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsOrigin

[2011/10/26 14:23:05 | 000,000,000 | ---D | C] -- C:Program Files (x86)Origin Games

[2011/10/26 14:23:05 | 000,000,000 | ---D | C] -- C:ProgramDataOrigin

[2011/10/26 14:23:05 | 000,000,000 | ---D | C] -- C:ProgramDataElectronic Arts

[2011/10/26 14:22:47 | 000,000,000 | ---D | C] -- C:Program Files (x86)Origin

[2011/10/26 13:41:26 | 000,000,000 | ---D | C] -- C:UsersJoe Gregory.swt

[2011/10/25 05:46:29 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsiTunes

[2011/10/25 05:45:57 | 000,000,000 | ---D | C] -- C:Program FilesiTunes

[2011/10/25 05:45:57 | 000,000,000 | ---D | C] -- C:Program Files (x86)iTunes

[2011/10/25 05:45:57 | 000,000,000 | ---D | C] -- C:Program FilesiPod

[2011/10/25 05:44:02 | 000,000,000 | ---D | C] -- C:Program FilesBonjour

[2011/10/25 05:44:02 | 000,000,000 | ---D | C] -- C:Program Files (x86)Bonjour

 

========== Files - Modified Within 30 Days ==========

 

[2011/11/18 20:02:21 | 000,014,240 | -H-- | M] () -- C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/11/18 20:02:21 | 000,014,240 | -H-- | M] () -- C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/11/18 20:00:31 | 000,782,742 | ---- | M] () -- C:WindowsSysNativePerfStringBackup.INI

[2011/11/18 20:00:31 | 000,662,674 | ---- | M] () -- C:WindowsSysNativeperfh009.dat

[2011/11/18 20:00:31 | 000,122,470 | ---- | M] () -- C:WindowsSysNativeperfc009.dat

[2011/11/18 19:59:00 | 000,000,932 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskUserS-1-5-21-1250342304-491281939-1565465998-1000UA.job

[2011/11/18 19:54:19 | 000,067,584 | --S- | M] () -- C:Windowsbootstat.dat

[2011/11/18 19:54:10 | 527,826,943 | -HS- | M] () -- C:hiberfil.sys

[2011/11/18 19:51:02 | 000,000,098 | ---- | M] () -- C:WindowsSysNativedriversetcHosts

[2011/11/18 14:58:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:UsersJoe GregoryDesktopOTL.exe

[2011/11/18 08:58:43 | 004,300,722 | R--- | M] (Swearware) -- C:UsersJoe GregoryDesktopComboFix.exe

[2011/11/18 05:59:00 | 000,000,880 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskUserS-1-5-21-1250342304-491281939-1565465998-1000Core.job

[2011/11/17 12:25:16 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:WindowsSysNativejavaws.exe

[2011/11/17 12:25:15 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:WindowsSysNativedeployJava1.dll

[2011/11/17 12:25:15 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:WindowsSysNativejavaw.exe

[2011/11/17 12:25:15 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:WindowsSysNativejava.exe

[2011/11/17 11:41:13 | 000,001,152 | ---

Share this post


Link to post
Share on other sites

Hi,

 

It looks like the end of the OTL scan you ran after the fix has been cut off. Could you re-post that please.

 

From what I see of it so far though it looks pretty good. Did that help improve your system?

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...