Hi this is my first post here and I hope I'm following all the rules correctly. My computer started acting up about three days ago. Internet explorer kept starting by itself and also whenever I searched through google I got redirected to other weird search sites. Also now internet explorer doesn't open a window but the iexplore.exe process starts running in my task manager all the time and when I end it, it starts up again by itself. When I right clicked on the iexplore.exe process I noticed that UAC virtualization has a check mark next to it and if I uncheck it and end it, iexplore.exe starts up again with it checked. The last weird thing I've noticed is in the iexplore.exe properties under the security tab all the system, user, and administrators permissions are only set to read and read and execute but there's a fourth group named TrustedInstaller and it has full permissions and I can't change the permissions any way I try. That's all I know so far I'll try to attach all the logs that the rules state and I'd truly appreciate any help anyone could lend my way.
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 12/3/2009 12:39:14 PM
System Uptime: 10/15/2011 3:59:07 PM (1 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K70IC
Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz | Socket 478 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 75 GiB total, 9.997 GiB free.
D: is FIXED (NTFS) - 209 GiB total, 71.585 GiB free.
E: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Leawo AVI Converter version 3.1.0.0
Update for Microsoft Office 2007 (KB2508958)
Torrent
Microsoft Office Excel 2007 Help (KB963678)
Microsoft Office Powerpoint 2007 Help (KB963669)
Microsoft Office Word 2007 Help (KB963665)
Acrobat.com
Actualizao do Microsoft Office Excel 2007 Help (KB963678)
Actualizao do Microsoft Office Powerpoint 2007 Help (KB963669)
Actualizao do Microsoft Office Word 2007 Help (KB963665)
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.0)
Alcor Micro USB Card Reader
Amnesia: The Dark Descent
Apple Application Support
Apple Software Update
ASUS AI Recovery
ASUS Data Security Manager
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS MultiFrame
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ASUS_Screensaver
ATK Generic Function Service
ATK Hotkey
ATK Media
ATKOSD2
Atualizao do produto Microsoft Office Excel 2007 Help (KB963678)
Atualizao do produto Microsoft Office Powerpoint 2007 Help (KB963669)
Atualizao do produto Microsoft Office Word 2007 Help (KB963665)
Bing Bar
Borderlands
CCleaner
Choice Guard
CodeBlocks
ControlDeck
Counter-Strike: Source
CyberLink LabelPrint
CyberLink Power2Go
Darkspore
DivX Setup
DVD Flick 1.3.0.7
FileZilla Client 3.3.0
FOREXTraderPro
FreeStar Free DVD Ripper
Garry's Mod
Gbridge (remove only)
HiJackThis
ImgBurn
Java(TM) 6 Update 17
jGRASP
Junk Mail filter update
K-Lite Codec Pack 6.5.0 (Basic)
Kindle Auto eBook Converter 0.4.50
Last.fm 1.5.4.24567
League of Legends
Magicka
MakeMKV v1.6.14
Malwarebytes' Anti-Malware version 1.51.2.1300
Memeo Instant Backup
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft Default Manager
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel 2007 Help (KB963678)
Microsoft Office Excel 2007 Help (KB963678)
Microsoft Office Excel 2007 Help Actualizacin (KB963678)
Microsoft Office Excel 2007 Help Gncelletirmesi (KB963678)
Microsoft Office Excel 2007 Help s{ (KB963678)
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office Excel MUI (Chinese (Simplified)) 2007
Microsoft Office Excel MUI (Chinese (Traditional)) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (French) 2007
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007
Microsoft Office Excel MUI (Spanish) 2007
Microsoft Office Excel MUI (Thai) 2007
Microsoft Office Excel MUI (Turkish) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office IME (Chinese (Simplified)) 2007
Microsoft Office IME (Chinese (Traditional)) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (Arabic) 2007
Microsoft Office OneNote MUI (Chinese (Simplified)) 2007
Microsoft Office OneNote MUI (Chinese (Traditional)) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office OneNote MUI (French) 2007
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007
Microsoft Office OneNote MUI (Spanish) 2007
Microsoft Office OneNote MUI (Thai) 2007
Microsoft Office OneNote MUI (Turkish) 2007
Microsoft Office Powerpoint 2007 Help (KB963669)
Microsoft Office Powerpoint 2007 Help (KB963669)
Microsoft Office Powerpoint 2007 Help Actualizacin (KB963669)
Microsoft Office Powerpoint 2007 Help Gncelletirmesi (KB963669)
Microsoft Office Powerpoint 2007 Help s{ (KB963669)
Microsoft Office PowerPoint 2007 s{ (KB963669)
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007
Microsoft Office PowerPoint MUI (Spanish) 2007
Microsoft Office PowerPoint MUI (Thai) 2007
Microsoft Office PowerPoint MUI (Turkish) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Basque) 2007
Microsoft Office Proof (Catalan) 2007
Microsoft Office Proof (Chinese (Simplified)) 2007
Microsoft Office Proof (Chinese (Traditional)) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Galician) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Portuguese (Brazil)) 2007
Microsoft Office Proof (Portuguese (Portugal)) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Thai) 2007
Microsoft Office Proof (Turkish) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Proofing (Chinese (Simplified)) 2007
Microsoft Office Proofing (Chinese (Traditional)) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office Proofing (Portuguese (Brazil)) 2007
Microsoft Office Proofing (Portuguese (Portugal)) 2007
Microsoft Office Proofing (Spanish) 2007
Microsoft Office Proofing (Thai) 2007
Microsoft Office Proofing (Turkish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Shared MUI (Chinese (Simplified)) 2007
Microsoft Office Shared MUI (Chinese (Traditional)) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (French) 2007
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007
Microsoft Office Shared MUI (Spanish) 2007
Microsoft Office Shared MUI (Thai) 2007
Microsoft Office Shared MUI (Turkish) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word 2007 Help (KB963665)
Microsoft Office Word 2007 Help (KB963665)
Microsoft Office Word 2007 Help Actualizacin (KB963665)
Microsoft Office Word 2007 Help Gncelletirmesi (KB963665)
Microsoft Office Word 2007 Help s{ (KB963665)
Microsoft Office Word 2007 s{ (KB963665)
Microsoft Office Word MUI (Arabic) 2007
Microsoft Office Word MUI (Chinese (Simplified)) 2007
Microsoft Office Word MUI (Chinese (Traditional)) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Office Word MUI (Portuguese (Brazil)) 2007
Microsoft Office Word MUI (Portuguese (Portugal)) 2007
Microsoft Office Word MUI (Spanish) 2007
Microsoft Office Word MUI (Thai) 2007
Microsoft Office Word MUI (Turkish) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ Run Time Lib Setup
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Mise jour Microsoft Office Excel 2007 Help (KB963678)
Mise jour Microsoft Office Powerpoint 2007 Help (KB963669)
Mise jour Microsoft Office Word 2007 Help (KB963665)
Move Media Player
Mozilla Firefox 7.0.1 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA PhysX v8.10.29
OpenOffice.org 3.1
Pando Media Booster
Plants vs. Zombies: Game of the Year
Pod to PC 3.085
Portal 2
QuickTime
Rainmeter
Realtek 8136 8168 8169 Ethernet Driver
Realtek High Definition Audio Driver
Seagate Dashboard
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Offi
.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_17
Run by RK at 16:04:12 on 2011-10-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4095.3413 [GMT -7:00]
.
AV: AVG Anti-Virus 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
uDefault_Page_URL = hxxp://asus.msn.com
uInternet Settings,ProxyServer = http=127.0.0.1:57576
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No File
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
mRun: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVZOVgtTlNWVkwtTzRCWlEtUUlNQ0wtUVREQ0gtNElKTUg"&"inst=NzctNTg3NDIzNDAxLVhPMzYrMS1UQjkrMi1GTCs5LVFJWDErNC1GMTBNMTBEKzEtWDIwMTArMi1MSUMrMjItU1AxKzEtU1VEKzEtUzFJKzEtU1UzKzEtRkwxMCsx"&"prod=90"&"ver=10.0.1321
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.87.69.150 68.87.85.102
TCP: Interfaces\{3FE0FCDB-1F85-4BC3-915B-54C83D718C1E}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{3FE0FCDB-1F85-4BC3-915B-54C83D718C1E}\4337561637F6E6370213 : DhcpNameServer = 10.0.0.1
TCP: Interfaces\{3FE0FCDB-1F85-4BC3-915B-54C83D718C1E}\65562796A7F6E6024425F49444230273139383 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{3FE0FCDB-1F85-4BC3-915B-54C83D718C1E}\C416E6462797 : DhcpNameServer = 68.87.69.150 68.87.85.102
TCP: Interfaces\{3FE0FCDB-1F85-4BC3-915B-54C83D718C1E}\C696E6B6379737 : DhcpNameServer = 68.87.69.150 68.87.85.102
TCP: Interfaces\{723CF4EF-4862-4EB1-937F-BCB151323697} : DhcpNameServer = 68.87.69.150 68.87.85.102
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO-X64: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No File
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
mRun-x64: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscrip
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 7940
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
10/15/2011 7:06:33 AM
mbam-log-2011-10-15 (07-06-33).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 356605
Time elapsed: 42 minute(s), 58 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Hi and welcome to the Daniweb forums :).
==========
Just a reminder of the rules you mentioned :).
When you post your request for assistance, please be sure to submit (Copy & Paste, not as an attachment unless requested) these requested scanlogs:
• MalwareBytes’ Anti-Malware log
• GMER One.log and GMER Two.log
• BOTH DDS ScanLogs (DDS.txt & Attach.txt)
Please do not attach your logs as generally we do not have a desire to download to our PC's, logs from infected machines :).
You also missed the Gmer logs.
Sorry about that I must have missed the no attachments parts heres the files:
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 7940
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
10/15/2011 7:06:33 AM
mbam-log-2011-10-15 (07-06-33).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 356605
Time elapsed: 42 minute(s), 58 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
____________________________________
Heres the dds:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_17
Run by RK at 16:04:12 on 2011-10-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4095.3413 [GMT -7:00]
.
AV: AVG Anti-Virus 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
+C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
uDefault_Page_URL = hxxp://asus.msn.com
uInternet Settings,ProxyServer = http=127.0.0.1:57576
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No File
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
mRun: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVZOVgtTlNWVkwtTzRCWlEtUUlNQ0wtUVREQ0gtNElKTUg"&"inst=NzctNTg3NDIzNDAxLVhPMzYrMS1UQjkrMi1GTCs5LVFJWDErNC1GMTBNMTBEKzEtWDIwMTArMi1MSUMrMjItU1AxKzEtU1VEKzEtUzFJKzEtU1UzKzEtRkwxMCsx"&"prod=90"&"ver=10.0.1321
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.87.69.150 68.87.85.102
TCP: Interfaces\{3FE0FCDB-1F85-4BC3-915B-54C83D718C1E}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{3FE0FCDB-1F85-4BC3-915B-54C83D718C1E}\4337561637F6E6370213 : DhcpNameServer = 10.0.0.1
TCP: Interfaces\{3FE0FCDB-1F85-4BC3-915B-54C83D718C1E}\65562796A7F6E6024425F49444230273139383 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{3FE0FCDB-1F85-4BC3-915B-54C83D718C1E}\C416E6462797 : DhcpNameServer = 68.87.69.150 68.87.85.102
TCP: Interfaces\{3FE0FCDB-1F85-4BC3-915B-54C83D718C1E}\C696E6B6379737 : DhcpNameServer = 68.87.69.150 68.87.85.102
TCP: Interfaces\{723CF4EF-4862-4EB1-937F-BCB151323697} : DhcpNameServer = 68.87.69.150 68.87.85.102
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO-X64: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No File
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
mRun-x64: [Microsoft Pinyin IME Migration] C:\PROGRA~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce-x64: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVZOVgtTlNWVkwtTzRCWlEtUUlNQ0wtUVREQ0gtNElKTUg"&"inst=NzctNTg3NDIzNDAxLVhPMzYrMS1UQjkrMi1GTCs5LVFJWDErNC1GMTBNMTBEKzEtWDIwMTArMi1MSUMrMjItU1AxKzEtU1VEKzEtUzFJKzEtU1UzKzEtRkwxMCsx"&"prod=90"&"ver=10.0.1321
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\RK\AppData\Roaming\Mozilla\Firefox\Profiles\lx9x5m0j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=BABTDF&PC=BBLN&q=
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://google.com
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z045&form=ZGAADF&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 57576
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 8118
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\RK\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 gbridge;Gbridge Virtual Miniport;C:\Windows\system32\DRIVERS\gbridge64.sys --> C:\Windows\system32\DRIVERS\gbridge64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
S2 !SASCORE;SAS Core Service;"C:\Users\RK\Desktop\SASCORE64.EXE" --> C:\Users\RK\Desktop\SASCORE64.EXE [?]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
S2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
S2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2009-10-21 14904]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-4-18 7398752]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]
S2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-6-15 249648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-9-29 1153368]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-7-7 195336]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344]
S3 HPMo4DE3;Mouse Suite Driver_4DE3 (WDF Version);C:\Windows\system32\DRIVERS\HPMo4DE3.sys --> C:\Windows\system32\DRIVERS\HPMo4DE3.sys [?]
S3 HPub4DE3;USB Mouse Low Filter Driver_4DE3 (WDF Version);C:\Windows\system32\Drivers\HPub4DE3.sys --> C:\Windows\system32\Drivers\HPub4DE3.sys [?]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2010-4-22 25824]
S4 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2010-4-30 14088]
.
=============== Created Last 30 ================
.
2011-10-14 20:35:01 -------- d-----w- C:\Users\RK\AppData\Roaming\SUPERAntiSpyware.com
2011-10-14 20:35:01 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-10-14 20:29:37 -------- d-----w- C:\Users\RK\AppData\Roaming\DeviceDoctorSoftware
2011-10-14 15:32:56 -------- d-----w- C:\VundoFix Backups
2011-10-13 19:38:27 -------- d-----w- C:\Program Files (x86)\33616
2011-10-11 21:03:51 -------- d-----w- C:\Users\RK\AppData\Roaming\33616
2011-10-11 21:03:24 -------- d-----w- C:\Users\RK\AppData\Roaming\BA833
.
==================== Find3M ====================
.
2011-10-01 03:25:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-01 02:42:56 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-09-06 03:03:17 3138048 ----a-w- C:\Windows\System32\win32k.sys
2011-08-27 05:37:49 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-08-27 05:37:48 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-08-27 04:26:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-08-27 04:26:27 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-08-20 05:37:58 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-08-20 04:31:05 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-08-17 05:26:46 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2011-08-17 05:25:08 10802 ----a-w- C:\Windows\System32\psisrndr.ax
2011-08-17 04:24:12 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-08-17 04:19:27 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
.
============= FINISH: 16:13:05.43 ===============
I'm not exactly sure if I did the Gmer one right I tried to save a Gmer one log file and it saved as a blank file so here's my Gmer two log:
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-15 06:19:40
Windows 6.1.7601 Service Pack 1
Running: nznmbtqt.exe
---- Files - GMER 1.0.15 ----
File C:\ADSM_PData_0150 0 bytes
File C:\ADSM_PData_0150\DB 0 bytes
File C:\ADSM_PData_0150\DB\SI.db 624 bytes
File C:\ADSM_PData_0150\DB\UL.db 16 bytes
File C:\ADSM_PData_0150\DB\VL.db 16 bytes
File C:\ADSM_PData_0150\DB\WAL.db 2048 bytes
File C:\ADSM_PData_0150\DragWait.exe 315392 bytes executable
File C:\ADSM_PData_0150\_avt 512 bytes
File C:\Users\RK\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B44FALKR\ac3[4].htm 512 bytes
File C:\Users\RK\AppData\Local\Temp\~DF4CBAD95A58C3A170.TMP 512 bytes
File C:\Users\RK\AppData\Local\Temp\~DF64CE53CA152B5DCA.TMP 16384 bytes
File C:\Users\RK\AppData\Local\Temp\~DF665B0B0433443C99.TMP 512 bytes
File C:\Users\RK\AppData\Local\Temp\~DF726DCD5CE04D5816.TMP 32768 bytes
File C:\Users\RK\AppData\Local\Temp\~DF9370E9478BEDE79C.TMP 512 bytes
File C:\Users\RK\AppData\Local\Temp\~DFC0EA7299C0B47DB3.TMP 49152 bytes
File C:\Users\RK\AppData\Local\Temp\~DFC46606493D49CC6B.TMP 16384 bytes
---- EOF - GMER 1.0.15 ----
Ok I hope I did it all right this time and again I would appreciate any help.
Download OTL to your Desktop.
* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
Alright here's the files:
OTL logfile created on: 10/16/2011 6:36:28 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\RK\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.63 Gb Available Physical Memory | 65.77% Memory free
8.00 Gb Paging File | 6.54 Gb Available in Paging File | 81.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.52 Gb Total Space | 10.13 Gb Free Space | 13.60% Space Free | Partition Type: NTFS
Drive D: | 208.92 Gb Total Space | 71.58 Gb Free Space | 34.26% Space Free | Partition Type: NTFS
Drive E: | 7.17 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: RK-PC | User Name: RK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/10/16 06:34:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\RK\Desktop\OTL.exe
PRC - [2011/09/23 06:31:50 | 002,404,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011/09/12 06:23:46 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/07/18 01:32:42 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011/07/07 19:31:08 | 000,259,848 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
PRC - [2011/07/07 19:31:06 | 000,391,944 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
PRC - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009/11/12 11:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/10/21 18:25:15 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/09/03 10:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/08/19 20:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/08/17 09:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/08/12 14:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/06/24 12:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/18 15:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/13 20:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/07/18 19:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/03/31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
========== Modules (No Company Name) ==========
MOD - [2011/07/18 01:32:42 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2010/12/08 13:07:44 | 000,895,488 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Plus Web Player\libxml2.dll
MOD - [2009/11/12 11:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/09/03 10:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2008/08/27 16:32:36 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008/06/09 09:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2007/11/30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/09/15 13:21:58 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/10/13 11:26:35 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/12 06:23:46 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/11/20 05:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 05:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 05:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/04/30 07:47:00 | 000,014,088 | ---- | M] (Memeo) [Disabled | Stopped] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2010/04/22 17:33:04 | 000,025,824 | ---- | M] (Memeo) [Disabled | Stopped] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/03/31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/07/11 01:13:44 | 000,282,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/04/13 15:23:33 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2011/04/12 11:45:50 | 000,018,432 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPub4DE3.sys -- (HPub4DE3) USB Mouse Low Filter Driver_4DE3 (WDF Version)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/09 10:44:44 | 000,025,088 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPMo4DE3.sys -- (HPMo4DE3) Mouse Suite Driver_4DE3 (WDF Version)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/28 16:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/10/21 18:25:39 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2009/10/15 18:23:20 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/10/12 22:54:50 | 000,048,192 | ---- | M] (Gbridge LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gbridge64.sys -- (gbridge)
DRV:64bit: - [2009/10/05 17:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/08/11 22:45:29 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/07/20 02:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 07:52:29 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/12 18:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/04/30 19:13:33 | 000,081,440 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008/12/08 18:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008/05/23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/07/24 11:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://asus.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57576
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=BABTDF&PC=BBLN&q="
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://google.com"
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z045&form=ZGAADF&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 57576
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\RK\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010/12/13 19:12:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010/12/13 19:12:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011/10/15 16:33:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/01 22:10:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/20 13:24:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\RK\AppData\Roaming\Move Networks [2010/01/26 13:06:16 | 000,000,000 | ---D | M]
[2009/12/03 21:00:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RK\AppData\Roaming\Mozilla\Extensions
[2011/10/14 13:35:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RK\AppData\Roaming\Mozilla\Firefox\Profiles\lx9x5m0j.default\extensions
[2011/04/18 15:14:33 | 000,001,919 | ---- | M] () -- C:\Users\RK\AppData\Roaming\Mozilla\Firefox\Profiles\lx9x5m0j.default\searchplugins\bing-zugo.xml
[2011/01/17 19:50:00 | 000,001,832 | ---- | M] () -- C:\Users\RK\AppData\Roaming\Mozilla\Firefox\Profiles\lx9x5m0j.default\searchplugins\bing.xml
[2011/06/10 23:37:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/10 23:37:08 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/10/15 16:33:05 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4
[2011/10/01 22:10:35 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/01 22:10:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old
[2011/04/18 15:15:28 | 000,002,280 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.69.150 68.87.85.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{723CF4EF-4862-4EB1-937F-BCB151323697}: DhcpNameServer = 68.87.69.150 68.87.85.102
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{600194f6-e952-11de-8489-90e6ba8605bf}\Shell - "" = AutoRun
O33 - MountPoints2\{600194f6-e952-11de-8489-90e6ba8605bf}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{d768edbd-babc-11df-998a-90e6ba8605bf}\Shell - "" = AutoRun
O33 - MountPoints2\{d768edbd-babc-11df-998a-90e6ba8605bf}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/10/16 06:34:18 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\RK\Desktop\OTL.exe
[2011/10/15 16:36:40 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\Apple Computer
[2011/10/15 16:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2011/10/15 16:32:32 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\AVG2012
[2011/10/15 16:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011/10/15 16:27:27 | 003,900,592 | ---- | C] (AVG Technologies) -- C:\Users\RK\Desktop\avg_free_stb_all_2012_1831_cnet.exe
[2011/10/15 04:04:32 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\RK\Desktop\dds.scr
[2011/10/14 13:40:33 | 000,000,000 | ---D | C] -- C:\Users\RK\Desktop\SAS
[2011/10/14 13:36:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/10/14 13:35:01 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\SUPERAntiSpyware.com
[2011/10/14 13:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/10/14 13:33:45 | 000,000,000 | ---D | C] -- C:\Users\RK\Desktop\tdsskiller
[2011/10/14 13:29:37 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\DeviceDoctorSoftware
[2011/10/14 08:32:56 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2011/10/14 08:32:50 | 000,000,000 | ---D | C] -- C:\Users\RK\Desktop\VundoFix_v6.5.0
[2011/10/13 12:56:48 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\RK\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/13 12:38:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\33616
[2011/10/11 14:03:51 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\33616
[2011/10/11 14:03:24 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\BA833
========== Files - Modified Within 30 Days ==========
[2011/10/16 06:38:47 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/16 06:38:47 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/16 06:34:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\RK\Desktop\OTL.exe
[2011/10/16 06:31:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/16 06:31:06 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/15 16:42:07 | 069,556,252 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/10/15 16:33:05 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/10/15 16:27:27 | 003,900,592 | ---- | M] (AVG Technologies) -- C:\Users\RK\Desktop\avg_free_stb_all_2012_1831_cnet.exe
[2011/10/15 07:12:58 | 000,007,652 | -H-- | M] () -- C:\Users\RK\AppData\Local\Resmon.ResmonCfg
[2011/10/15 04:04:13 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\RK\Desktop\dds.scr
[2011/10/15 04:04:09 | 000,302,592 | ---- | M] () -- C:\Users\RK\Desktop\nznmbtqt.exe
[2011/10/14 20:00:27 | 000,001,718 | ---- | M] () -- C:\Users\RK\Desktop\Play League of Legends.lnk
[2011/10/14 17:20:05 | 000,000,398 | ---- | M] () -- C:\Users\RK\Desktop\cc_20111014_172000.reg
[2011/10/14 17:19:32 | 000,003,480 | ---- | M] () -- C:\Users\RK\Desktop\cc_20111014_171924.reg
[2011/10/14 17:18:59 | 000,152,988 | ---- | M] () -- C:\Users\RK\Desktop\cc_20111014_171836.reg
[2011/10/14 13:33:35 | 001,541,014 | ---- | M] () -- C:\Users\RK\Desktop\tdsskiller.zip
[2011/10/14 13:29:02 | 000,871,552 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/14 13:29:02 | 000,726,994 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/14 13:29:02 | 000,144,712 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/14 08:32:26 | 000,094,862 | ---- | M] () -- C:\Users\RK\Desktop\VundoFix_v6.5.0.zip
[2011/10/14 03:33:15 | 000,388,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/13 13:55:40 | 000,002,258 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/10/13 12:58:31 | 000,000,750 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/13 12:56:43 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\RK\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/01 22:11:06 | 000,002,058 | ---- | M] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/01 22:11:06 | 000,002,034 | ---- | M] () -- C:\Users\RK\Desktop\Mozilla Firefox.lnk
[2011/09/19 04:27:07 | 000,865,768 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== Files Created - No Company Name ==========
[2011/10/15 16:33:05 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/10/15 04:04:39 | 000,302,592 | ---- | C] () -- C:\Users\RK\Desktop\nznmbtqt.exe
[2011/10/14 20:00:27 | 000,001,718 | ---- | C] () -- C:\Users\RK\Desktop\Play League of Legends.lnk
[2011/10/14 17:20:03 | 000,000,398 | ---- | C] () -- C:\Users\RK\Desktop\cc_20111014_172000.reg
[2011/10/14 17:19:29 | 000,003,480 | ---- | C] () -- C:\Users\RK\Desktop\cc_20111014_171924.reg
[2011/10/14 17:18:40 | 000,152,988 | ---- | C] () -- C:\Users\RK\Desktop\cc_20111014_171836.reg
[2011/10/14 13:33:32 | 001,541,014 | ---- | C] () -- C:\Users\RK\Desktop\tdsskiller.zip
[2011/10/14 08:32:25 | 000,094,862 | ---- | C] () -- C:\Users\RK\Desktop\VundoFix_v6.5.0.zip
[2011/10/13 12:58:31 | 000,000,750 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/13 00:29:12 | 000,001,426 | -HS- | C] () -- C:\Users\RK\AppData\Local\deow1vg58852bdtc3g62w37712kpxb620d03722ipd
[2011/06/13 00:29:12 | 000,001,426 | -HS- | C] () -- C:\ProgramData\deow1vg58852bdtc3g62w37712kpxb620d03722ipd
[2011/06/10 23:43:05 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/21 13:52:37 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/04/15 14:19:14 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/04/02 00:20:31 | 000,000,239 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/01/04 02:13:41 | 000,003,584 | -H-- | C] () -- C:\Users\RK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/27 00:31:55 | 000,007,652 | -H-- | C] () -- C:\Users\RK\AppData\Local\Resmon.ResmonCfg
[2010/09/26 00:12:46 | 000,000,000 | -H-- | C] () -- C:\Users\RK\AppData\Local\prvlcl.dat
[2010/06/12 17:06:33 | 000,000,090 | -H-- | C] () -- C:\Users\RK\AppData\Local\fusioncache.dat
[2010/06/12 17:01:08 | 000,865,768 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/01/12 01:11:23 | 000,000,000 | ---- | C] () -- C:\Windows\iPlayer.INI
[2009/10/21 18:25:53 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/08/19 01:33:09 | 000,018,432 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2009/08/19 01:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/28 22:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/10/22 05:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
========== LOP Check ==========
[2011/09/17 12:10:39 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\.minecraft
[2011/10/13 13:53:36 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\33616
[2011/10/15 16:32:32 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\AVG2012
[2011/10/13 13:56:26 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\BA833
[2011/04/14 01:00:09 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\DarksporeData
[2010/12/17 23:49:44 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Dev-Cpp
[2011/10/14 13:29:37 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\DeviceDoctorSoftware
[2010/12/10 13:49:36 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Gbridge
[2010/07/27 04:33:00 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\GlarySoft
[2011/03/19 05:23:52 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\gtk-2.0
[2011/08/14 20:41:36 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\ImgBurn
[2011/03/31 16:40:25 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Leadertech
[2011/04/21 13:55:16 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Leawo
[2010/12/13 19:12:17 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Local
[2011/07/18 19:24:39 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\LolClient
[2011/03/31 16:48:26 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Memeo
[2011/04/21 13:55:18 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Moyea
[2011/01/24 02:34:15 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\mts
[2010/06/06 14:05:15 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Octoshape
[2010/01/11 01:13:34 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\OpenOffice.org
[2011/03/25 02:08:04 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Rainmeter
[2011/03/31 16:48:10 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Seagate
[2010/05/17 13:58:11 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\SystemRequirementsLab
[2011/04/13 15:39:06 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\TrueCrypt
[2010/06/12 17:07:27 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Turbine
[2011/07/26 16:02:55 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\uTorrent
[2011/10/13 12:42:44 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009/07/13 18:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/13 18:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/13 18:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/13 18:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/13 18:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 18:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 18:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/13 18:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2010/11/20 06:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 06:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/10 23:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/10 23:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/10 23:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/10 23:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/10 23:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/10 23:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/13 18:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/07/13 18:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 06:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 06:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 05:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 05:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/13 18:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009/07/13 18:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/10 23:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/10 23:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/10 23:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/10 23:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/10 23:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/10 23:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 06:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 06:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/13 18:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 18:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 05:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 05:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 06:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 06:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\System32\config\*.sav >
< CREATERESTOREPOIN >
< End of report >
And here's the extras one:
OTL Extras logfile created on: 10/16/2011 6:36:28 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\RK\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.63 Gb Available Physical Memory | 65.77% Memory free
8.00 Gb Paging File | 6.54 Gb Available in Paging File | 81.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.52 Gb Total Space | 10.13 Gb Free Space | 13.60% Space Free | Partition Type: NTFS
Drive D: | 208.92 Gb Total Space | 71.58 Gb Free Space | 34.26% Space Free | Partition Type: NTFS
Drive E: | 7.17 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: RK-PC | User Name: RK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AutoUpdateDisableNotify" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{2BEA2CD8-1A5D-4ADC-B000-C2A3207A6FCD}" = MobileMe Control Panel
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{48B0F24F-B828-4B1A-A22E-C65454B32A7A}" = Windows Live Family Safety
"{5349A735-7482-406F-9FE4-3BB24608479D}" = AVG 2012
"{64A3A4F4-B792-11D6-A78A-00B0D0160230}" = Java(TM) SE Development Kit 6 Update 23 (64-bit)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-0028-0404-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0804-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0401-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Arabic) 2007
"{90120000-002A-0404-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{90120000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
"{90120000-002A-041E-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Thai) 2007
"{90120000-002A-041F-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Turkish) 2007
"{90120000-002A-0804-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Simplified)) 2007
"{90120000-002A-0816-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007
"{90120000-002A-0C04-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007
"{90120000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B6EFD9A5-2ECE-4C22-BAEC-D16E73EA2013}" = iTunes
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{ED5E169E-490F-4F4C-B2BB-C89D510FA595}" = AVG 2012
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2012
"Elantech" = ETDWare PS/2-x64 7.0.5.9_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{331C520E-D8C3-4AB9-ADF7-A666A3561922}" = Alcor Micro USB Card Reader
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7D42B43A-EA63-4234-B00A-757C15B2B185}_is1" = Leawo AVI Converter version 3.1.0.0
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0401-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Arabic) 2007
"{90120000-0016-0401-0000-0000000FF1CE}_HOMESTUDENTR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0404-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007
"{90120000-0016-0404-0000-0000000FF1CE}_HOMESTUDENTR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
"{90120000-0016-0416-0000-0000000FF1CE}_HOMESTUDENTR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-041E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Thai) 2007
"{90120000-0016-041E-0000-0000000FF1CE}_HOMESTUDENTR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-041F-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Turkish) 2007
"{90120000-0016-041F-0000-0000000FF1CE}_HOMESTUDENTR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0804-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Simplified)) 2007
"{90120000-0016-0804-0000-0000000FF1CE}_HOMESTUDENTR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2007
"{90120000-0016-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C04-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007
"{90120000-0016-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0401-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Arabic) 2007
"{90120000-0018-0401-0000-0000000FF1CE}_HOMESTUDENTR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0404-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
"{90120000-0018-0404-0000-0000000FF1CE}_HOMESTUDENTR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
"{90120000-0018-0416-0000-0000000FF1CE}_HOMESTUDENTR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Thai) 2007
"{90120000-0018-041E-0000-0000000FF1CE}_HOMESTUDENTR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041F-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Turkish) 2007
"{90120000-0018-041F-0000-0000000FF1CE}_HOMESTUDENTR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0804-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007
"{90120000-0018-0804-0000-0000000FF1CE}_HOMESTUDENTR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007
"{90120000-0018-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C04-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
"{90120000-0018-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0401-0000-0000000FF1CE}" = Microsoft Office Word MUI (Arabic) 2007
"{90120000-001B-0401-0000-0000000FF1CE}_HOMESTUDENTR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0404-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007
"{90120000-001B-0404-0000-0000000FF1CE}_HOMESTUDENTR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007
"{90120000-001B-0416-0000-0000000FF1CE}_HOMESTUDENTR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Thai) 2007
"{90120000-001B-041E-0000-0000000FF1CE}_HOMESTUDENTR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041F-0000-0000000FF1CE}" = Microsoft Office Word MUI (Turkish) 2007
"{90120000-001B-041F-0000-0000000FF1CE}_HOMESTUDENTR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0804-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Simplified)) 2007
"{90120000-001B-0804-0000-0000000FF1CE}_HOMESTUDENTR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2007
"{90120000-001B-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C04-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007
"{90120000-001B-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_HOMESTUDENTR_{4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2007
"{90120000-001F-0404-0000-0000000FF1CE}_HOMESTUDENTR_{33FA7680-10ED-444E-BC72-214064317283}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041E-0000-0000000FF1CE}" = Microsoft Office Proof (Thai) 2007
"{90120000-001F-041E-0000-0000000FF1CE}_HOMESTUDENTR_{0ED7C31A-FB21-4F8E-BD16-921A5E69B2C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041F-0000-0000000FF1CE}" = Microsoft Office Proof (Turkish) 2007
"{90120000-001F-041F-0000-0000000FF1CE}_HOMESTUDENTR_{CB71F1CB-4CC3-47DE-B003-40413E64FE10}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0804-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Simplified)) 2007
"{90120000-001F-0804-0000-0000000FF1CE}_HOMESTUDENTR_{82E853AD-6911-4EA9-9EB0-2F9BE7747878}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007
"{90120000-001F-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C312E1CD-EC19-4270-A072-F36F634DFF79}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0404-0000-0000000FF1CE}_HOMESTUDENTR_{5E6C6E79-40BE-491B-9ABF-C665667E1B07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0404-1000-0000000FF1CE}_HOMESTUDENTR_{1252D255-DB26-4F85-9F0F-D59B9DFE339E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0804-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Simplified)) 2007
"{90120000-0028-0804-0000-0000000FF1CE}_HOMESTUDENTR_{4029CB10-E410-41AD-BB3F-052C95243407}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0028-0804-1000-0000000FF1CE}_HOMESTUDENTR_{B45C4BDA-CDBB-4D65-8970-6ABB35BE81B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0401-1000-0000000FF1CE}_HOMESTUDENTR_{C1547C6B-A758-4270-964E-4EE8D323C99D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0404-1000-0000000FF1CE}_HOMESTUDENTR_{3F96DD0A-F509-4CBD-8130-B3B3194A9C3D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0416-1000-0000000FF1CE}_HOMESTUDENTR_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-041E-1000-0000000FF1CE}_HOMESTUDENTR_{CEB4C8D4-2A39-45FD-B201-FBC950549C59}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-041F-1000-0000000FF1CE}_HOMESTUDENTR_{5BAE8A52-83CD-4A7B-90B0-5EFB57FD78C8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0804-1000-0000000FF1CE}_HOMESTUDENTR_{A844CE03-EE56-4609-808D-946E33AA9236}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0816-1000-0000000FF1CE}_HOMESTUDENTR_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0C04-1000-0000000FF1CE}_HOMESTUDENTR_{364CCAC1-F404-461B-8025-8586FC7CA772}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0C0A-1000-0000000FF1CE}_HOMESTUDENTR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0401-0000-0000000FF1CE}" = Microsoft Office Proofing (Arabic) 2007
"{90120000-002C-0404-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007
"{90120000-002C-041E-0000-0000000FF1CE}" = Microsoft Office Proofing (Thai) 2007
"{90120000-002C-041F-0000-0000000FF1CE}" = Microsoft Office Proofing (Turkish) 2007
"{90120000-002C-0804-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Simplified)) 2007
"{90120000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2007
"{90120000-002C-0C04-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0401-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Arabic) 2007
"{90120000-006E-0401-0000-0000000FF1CE}_HOMESTUDENTR_{C1547C6B-A758-4270-964E-4EE8D323C99D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0404-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007
"{90120000-006E-0404-0000-0000000FF1CE}_HOMESTUDENTR_{3F96DD0A-F509-4CBD-8130-B3B3194A9C3D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
"{90120000-006E-0416-0000-0000000FF1CE}_HOMESTUDENTR_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-041E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Thai) 2007
"{90120000-006E-041E-0000-0000000FF1CE}_HOMESTUDENTR_{CEB4C8D4-2A39-45FD-B201-FBC950549C59}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-041F-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Turkish) 2007
"{90120000-006E-041F-0000-0000000FF1CE}_HOMESTUDENTR_{5BAE8A52-83CD-4A7B-90B0-5EFB57FD78C8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0804-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Simplified)) 2007
"{90120000-006E-0804-0000-0000000FF1CE}_HOMESTUDENTR_{A844CE03-EE56-4609-808D-946E33AA9236}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2007
"{90120000-006E-0816-0000-0000000FF1CE}_HOMESTUDENTR_{A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0C04-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007
"{90120000-006E-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{364CCAC1-F404-461B-8025-8586FC7CA772}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{6113C11D-BACA-4D8E-8002-03C8D06FD5E6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0401-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Arabic) 2007
"{90120000-00A1-0401-0000-0000000FF1CE}_HOMESTUDENTR_{F3C3851B-43B8-4B86-89BA-ECAD6518AD22}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0404-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Chinese (Traditional)) 2007
"{90120000-00A1-0404-0000-0000000FF1CE}_HOMESTUDENTR_{E600B433-47CB-4AFC-90BF-2958E8E7EF99}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
"{90120000-00A1-0416-0000-0000000FF1CE}_HOMESTUDENTR_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-041E-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Thai) 2007
"{90120000-00A1-041E-0000-0000000FF1CE}_HOMESTUDENTR_{E84AA79E-3E58-4E65-92AC-38E929EB96DF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-041F-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Turkish) 2007
"{90120000-00A1-041F-0000-0000000FF1CE}_HOMESTUDENTR_{1FD10452-5023-4673-A939-7A2D1B4DCCB1}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0804-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Chinese (Simplified)) 2007
"{90120000-00A1-0804-0000-0000000FF1CE}_HOMESTUDENTR_{18EBA2E9-1310-46B3-91A2-536B0F314F2B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0816-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Portugal)) 2007
"{90120000-00A1-0816-0000-0000000FF1CE}_HOMESTUDENTR_{C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0C04-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Chinese (Traditional)) 2007
"{90120000-00A1-0C04-0000-0000000FF1CE}_HOMESTUDENTR_{45EDF005-5D73-4D75-9BD7-3FC67DB6FD0D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A16B3EA2-8798-4960-8D8B-18D3149AD617}" = OpenOffice.org 3.1
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B1AAE4BF-C98E-467E-94C7-4E1F51DD86E0}" = Darkspore™
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D1D696-84A8-465A-BC61-CDAC852B24CD}_is1" = Pod to PC 3.085
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ASUS_Screensaver" = ASUS_Screensaver
"C2EAA141-9893-42FD-BD44-685EA6E2F588" = FreeStar Free DVD Ripper
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"DVD Flick_is1" = DVD Flick 1.3.0.7
"FileZilla Client" = FileZilla Client 3.3.0
"Gbridge" = Gbridge (remove only)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ImgBurn" = ImgBurn
"InstallShield_{331C520E-D8C3-4AB9-ADF7-A666A3561922}" = Alcor Micro USB Card Reader
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"jGRASP" = jGRASP
"Kindle Auto eBook Converter" = Kindle Auto eBook Converter 0.4.50
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.5.0 (Basic)
"LastFM_is1" = Last.fm 1.5.4.24567
"MakeMKV" = MakeMKV v1.6.14
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"Rainmeter" = Rainmeter
"StarCraft II" = StarCraft II
"Steam App 240" = Counter-Strike: Source
"Steam App 3590" = Plants vs. Zombies: Game of the Year
"Steam App 4000" = Garry's Mod
"Steam App 40930" = The Misadventures of P.B. Winterbottom
"Steam App 42910" = Magicka
"Steam App 440" = Team Fortress 2
"Steam App 57300" = Amnesia: The Dark Descent
"Steam App 620" = Portal 2
"Steam App 8980" = Borderlands
"The KMPlayer" = The KMPlayer (remove only)
"TrueCrypt" = TrueCrypt
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"1df0cdb088182ccc" = FOREXTraderPro
"CodeBlocks" = CodeBlocks
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10/6/2011 6:31:00 AM | Computer Name = RK-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 10/6/2011 7:22:30 AM | Computer Name = RK-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 10/6/2011 8:19:28 AM | Computer Name = RK-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 10/7/2011 4:31:49 AM | Computer Name = RK-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 10/7/2011 10:55:32 PM | Computer Name = RK-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 10/8/2011 10:03:47 PM | Computer Name = RK-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 10/10/2011 4:02:14 AM | Computer Name = RK-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 10/10/2011 6:16:28 PM | Computer Name = RK-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "D:\Downloads D\SoftonicDownloader_for_clonedvd.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 10/10/2011 6:48:15 PM | Computer Name = RK-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 10/11/2011 3:22:48 AM | Computer Name = RK-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ Media Center Events ]
Error - 3/1/2011 1:27:32 PM | Computer Name = RK-PC | Source = MCUpdate | ID = 0
Description = 9:27:31 AM - Error connecting to the internet. 9:27:32 AM - Unable
to contact server..
Error - 3/1/2011 1:28:00 PM | Computer Name = RK-PC | Source = MCUpdate | ID = 0
Description = 9:27:49 AM - Error connecting to the internet. 9:27:49 AM - Unable
to contact server..
Error - 3/2/2011 3:07:40 AM | Computer Name = RK-PC | Source = MCUpdate | ID = 0
Description = 11:07:24 PM - Error connecting to the internet. 11:07:24 PM - Unable
to contact server..
Error - 3/3/2011 11:15:09 AM | Computer Name = RK-PC | Source = MCUpdate | ID = 0
Description = 7:15:09 AM - Error connecting to the internet. 7:15:09 AM - Unable
to contact server..
Error - 3/3/2011 11:15:23 AM | Computer Name = RK-PC | Source = MCUpdate | ID = 0
Description = 7:15:14 AM - Error connecting to the internet. 7:15:14 AM - Unable
to contact server..
[ System Events ]
Error - 10/15/2011 7:36:18 PM | Computer Name = RK-PC | Source = Service Control Manager | ID = 7003
Description = The SBSD Security Center Service service depends the following service:
wscsvc. This service might not be installed.
Error - 10/15/2011 7:36:24 PM | Computer Name = RK-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASDIFSV SASKUTIL
Error - 10/16/2011 2:25:03 AM | Computer Name = RK-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:52:34 PM on ?10/?15/?2011 was unexpected.
Error - 10/16/2011 2:25:13 AM | Computer Name = RK-PC | Source = Service Control Manager | ID = 7000
Description = The SAS Core Service service failed to start due to the following
error: %%2
Error - 10/16/2011 2:25:35 AM | Computer Name = RK-PC | Source = Service Control Manager | ID = 7003
Description = The SBSD Security Center Service service depends the following service:
wscsvc. This service might not be installed.
Error - 10/16/2011 2:25:41 AM | Computer Name = RK-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASDIFSV SASKUTIL
Error - 10/16/2011 9:31:08 AM | Computer Name = RK-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:36:49 AM on ?10/?16/?2011 was unexpected.
Error - 10/16/2011 9:31:16 AM | Computer Name = RK-PC | Source = Service Control Manager | ID = 7000
Description = The SAS Core Service service failed to start due to the following
error: %%2
Error - 10/16/2011 9:31:29 AM | Computer Name = RK-PC | Source = Service Control Manager | ID = 7003
Description = The SBSD Security Center Service service depends the following service:
wscsvc. This service might not be installed.
Error - 10/16/2011 9:31:41 AM | Computer Name = RK-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASDIFSV SASKUTIL
< End of report >
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found :Commands [purity] [emptyflash] [emptytemp] [resethosts] [Reboot]
- Then click the Run Fix button at the top.
- Let the program run unhindered, reboot the PC when it is done.
- Post log from this run.
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Let me know how the PC is please.
Ok here's the log from the run and I'll post the quick scan log when its done:
All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3721e85-f0ac-4b7e-ae4c-3e738011dc9d}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 56466 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: DefaultAppPool
->Flash cache emptied: 56466 bytes
User: Public
User: RK
->Flash cache emptied: 2856183 bytes
Total Flash Files Cleaned = 3.00 mb
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: Public
User: RK
->Temp folder emptied: 203164236 bytes
->Temporary Internet Files folder emptied: 2457929 bytes
->Java cache emptied: 54229350 bytes
->FireFox cache emptied: 52250574 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 21464 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67563 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 298.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.31.0 log created on 10172011_054539
Files\Folders moved on Reboot...
C:\Users\RK\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\RK\AppData\Local\Temp\~DF501F623A8117A4BB.TMP not found!
Registry entries deleted on Reboot...
Here's the quick scan:
OTL logfile created on: 10/17/2011 5:51:02 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\RK\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 60.12% Memory free
8.00 Gb Paging File | 6.30 Gb Available in Paging File | 78.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.52 Gb Total Space | 10.33 Gb Free Space | 13.87% Space Free | Partition Type: NTFS
Drive D: | 208.92 Gb Total Space | 71.56 Gb Free Space | 34.25% Space Free | Partition Type: NTFS
Drive E: | 7.17 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: RK-PC | User Name: RK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/10/16 06:34:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\RK\Desktop\OTL.exe
PRC - [2011/10/01 22:10:35 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/09/23 06:31:50 | 002,404,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011/09/12 06:23:46 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/07/18 01:32:42 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011/07/07 19:31:08 | 000,259,848 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
PRC - [2011/07/07 19:31:06 | 000,391,944 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
PRC - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009/11/12 11:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/09/03 10:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/08/19 20:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/08/17 09:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/08/12 14:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/18 15:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/13 20:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2007/11/30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
========== Modules (No Company Name) ==========
MOD - [2011/07/18 01:32:42 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2010/12/08 13:07:44 | 000,895,488 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Plus Web Player\libxml2.dll
MOD - [2009/11/12 11:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/09/03 10:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2007/11/30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/09/15 13:21:58 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/10/13 11:26:35 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/12 06:23:46 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/11/20 05:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 05:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 05:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/04/30 07:47:00 | 000,014,088 | ---- | M] (Memeo) [Disabled | Stopped] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2010/04/22 17:33:04 | 000,025,824 | ---- | M] (Memeo) [Disabled | Stopped] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/03/31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/07/11 01:13:44 | 000,282,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/04/13 15:23:33 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2011/04/12 11:45:50 | 000,018,432 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPub4DE3.sys -- (HPub4DE3) USB Mouse Low Filter Driver_4DE3 (WDF Version)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/09 10:44:44 | 000,025,088 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPMo4DE3.sys -- (HPMo4DE3) Mouse Suite Driver_4DE3 (WDF Version)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/28 16:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/10/21 18:25:39 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2009/10/15 18:23:20 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/10/12 22:54:50 | 000,048,192 | ---- | M] (Gbridge LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gbridge64.sys -- (gbridge)
DRV:64bit: - [2009/10/05 17:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/08/11 22:45:29 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/07/20 02:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 07:52:29 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/12 18:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/04/30 19:13:33 | 000,081,440 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008/12/08 18:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008/05/23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/07/24 11:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://asus.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57576
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=BABTDF&PC=BBLN&q="
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://google.com"
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z045&form=ZGAADF&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 57576
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\RK\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010/12/13 19:12:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010/12/13 19:12:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011/10/15 16:33:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/01 22:10:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/20 13:24:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\RK\AppData\Roaming\Move Networks [2010/01/26 13:06:16 | 000,000,000 | ---D | M]
[2009/12/03 21:00:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RK\AppData\Roaming\Mozilla\Extensions
[2011/10/14 13:35:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RK\AppData\Roaming\Mozilla\Firefox\Profiles\lx9x5m0j.default\extensions
[2011/04/18 15:14:33 | 000,001,919 | ---- | M] () -- C:\Users\RK\AppData\Roaming\Mozilla\Firefox\Profiles\lx9x5m0j.default\searchplugins\bing-zugo.xml
[2011/01/17 19:50:00 | 000,001,832 | ---- | M] () -- C:\Users\RK\AppData\Roaming\Mozilla\Firefox\Profiles\lx9x5m0j.default\searchplugins\bing.xml
[2011/06/10 23:37:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/10 23:37:08 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/10/15 16:33:05 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4
[2011/10/01 22:10:35 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/01 22:10:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old
[2011/04/18 15:15:28 | 000,002,280 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
O1 HOSTS File: ([2011/10/17 05:46:15 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.69.150 68.87.85.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{723CF4EF-4862-4EB1-937F-BCB151323697}: DhcpNameServer = 68.87.69.150 68.87.85.102
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{600194f6-e952-11de-8489-90e6ba8605bf}\Shell - "" = AutoRun
O33 - MountPoints2\{600194f6-e952-11de-8489-90e6ba8605bf}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{d768edbd-babc-11df-998a-90e6ba8605bf}\Shell - "" = AutoRun
O33 - MountPoints2\{d768edbd-babc-11df-998a-90e6ba8605bf}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/10/17 05:45:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/10/16 06:34:18 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\RK\Desktop\OTL.exe
[2011/10/15 16:36:40 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\Apple Computer
[2011/10/15 16:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2011/10/15 16:32:32 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\AVG2012
[2011/10/15 16:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011/10/15 16:27:27 | 003,900,592 | ---- | C] (AVG Technologies) -- C:\Users\RK\Desktop\avg_free_stb_all_2012_1831_cnet.exe
[2011/10/15 04:04:32 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\RK\Desktop\dds.scr
[2011/10/14 13:40:33 | 000,000,000 | ---D | C] -- C:\Users\RK\Desktop\SAS
[2011/10/14 13:36:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/10/14 13:35:01 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\SUPERAntiSpyware.com
[2011/10/14 13:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/10/14 13:33:45 | 000,000,000 | ---D | C] -- C:\Users\RK\Desktop\tdsskiller
[2011/10/14 13:29:37 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\DeviceDoctorSoftware
[2011/10/14 08:32:56 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2011/10/14 08:32:50 | 000,000,000 | ---D | C] -- C:\Users\RK\Desktop\VundoFix_v6.5.0
[2011/10/13 12:56:48 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\RK\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/13 12:38:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\33616
[2011/10/11 14:03:51 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\33616
[2011/10/11 14:03:24 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\BA833
========== Files - Modified Within 30 Days ==========
[2011/10/17 05:55:26 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/17 05:55:26 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/17 05:47:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/17 05:47:36 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/17 05:46:15 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/10/17 00:47:30 | 106,726,746 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/10/16 06:34:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\RK\Desktop\OTL.exe
[2011/10/15 16:33:05 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/10/15 16:27:27 | 003,900,592 | ---- | M] (AVG Technologies) -- C:\Users\RK\Desktop\avg_free_stb_all_2012_1831_cnet.exe
[2011/10/15 07:12:58 | 000,007,652 | -H-- | M] () -- C:\Users\RK\AppData\Local\Resmon.ResmonCfg
[2011/10/15 04:04:13 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\RK\Desktop\dds.scr
[2011/10/15 04:04:09 | 000,302,592 | ---- | M] () -- C:\Users\RK\Desktop\nznmbtqt.exe
[2011/10/14 20:00:27 | 000,001,718 | ---- | M] () -- C:\Users\RK\Desktop\Play League of Legends.lnk
[2011/10/14 17:20:05 | 000,000,398 | ---- | M] () -- C:\Users\RK\Desktop\cc_20111014_172000.reg
[2011/10/14 17:19:32 | 000,003,480 | ---- | M] () -- C:\Users\RK\Desktop\cc_20111014_171924.reg
[2011/10/14 17:18:59 | 000,152,988 | ---- | M] () -- C:\Users\RK\Desktop\cc_20111014_171836.reg
[2011/10/14 13:33:35 | 001,541,014 | ---- | M] () -- C:\Users\RK\Desktop\tdsskiller.zip
[2011/10/14 13:29:02 | 000,871,552 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/14 13:29:02 | 000,726,994 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/14 13:29:02 | 000,144,712 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/14 08:32:26 | 000,094,862 | ---- | M] () -- C:\Users\RK\Desktop\VundoFix_v6.5.0.zip
[2011/10/14 03:33:15 | 000,388,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/13 13:55:40 | 000,002,258 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/10/13 12:58:31 | 000,000,750 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/13 12:56:43 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\RK\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/01 22:11:06 | 000,002,058 | ---- | M] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/01 22:11:06 | 000,002,034 | ---- | M] () -- C:\Users\RK\Desktop\Mozilla Firefox.lnk
[2011/09/19 04:27:07 | 000,865,768 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== Files Created - No Company Name ==========
[2011/10/15 16:33:05 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/10/15 04:04:39 | 000,302,592 | ---- | C] () -- C:\Users\RK\Desktop\nznmbtqt.exe
[2011/10/14 20:00:27 | 000,001,718 | ---- | C] () -- C:\Users\RK\Desktop\Play League of Legends.lnk
[2011/10/14 17:20:03 | 000,000,398 | ---- | C] () -- C:\Users\RK\Desktop\cc_20111014_172000.reg
[2011/10/14 17:19:29 | 000,003,480 | ---- | C] () -- C:\Users\RK\Desktop\cc_20111014_171924.reg
[2011/10/14 17:18:40 | 000,152,988 | ---- | C] () -- C:\Users\RK\Desktop\cc_20111014_171836.reg
[2011/10/14 13:33:32 | 001,541,014 | ---- | C] () -- C:\Users\RK\Desktop\tdsskiller.zip
[2011/10/14 08:32:25 | 000,094,862 | ---- | C] () -- C:\Users\RK\Desktop\VundoFix_v6.5.0.zip
[2011/10/13 12:58:31 | 000,000,750 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/13 00:29:12 | 000,001,426 | -HS- | C] () -- C:\Users\RK\AppData\Local\deow1vg58852bdtc3g62w37712kpxb620d03722ipd
[2011/06/13 00:29:12 | 000,001,426 | -HS- | C] () -- C:\ProgramData\deow1vg58852bdtc3g62w37712kpxb620d03722ipd
[2011/06/10 23:43:05 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/21 13:52:37 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/04/15 14:19:14 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/04/02 00:20:31 | 000,000,239 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/01/04 02:13:41 | 000,003,584 | -H-- | C] () -- C:\Users\RK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/27 00:31:55 | 000,007,652 | -H-- | C] () -- C:\Users\RK\AppData\Local\Resmon.ResmonCfg
[2010/09/26 00:12:46 | 000,000,000 | -H-- | C] () -- C:\Users\RK\AppData\Local\prvlcl.dat
[2010/06/12 17:06:33 | 000,000,090 | -H-- | C] () -- C:\Users\RK\AppData\Local\fusioncache.dat
[2010/06/12 17:01:08 | 000,865,768 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/01/12 01:11:23 | 000,000,000 | ---- | C] () -- C:\Windows\iPlayer.INI
[2009/10/21 18:25:53 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/08/19 01:33:09 | 000,018,432 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2009/08/19 01:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/28 22:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/10/22 05:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
========== LOP Check ==========
[2011/09/17 12:10:39 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\.minecraft
[2011/10/13 13:53:36 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\33616
[2011/10/15 16:32:32 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\AVG2012
[2011/10/13 13:56:26 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\BA833
[2011/04/14 01:00:09 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\DarksporeData
[2010/12/17 23:49:44 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Dev-Cpp
[2011/10/14 13:29:37 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\DeviceDoctorSoftware
[2010/12/10 13:49:36 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Gbridge
[2010/07/27 04:33:00 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\GlarySoft
[2011/03/19 05:23:52 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\gtk-2.0
[2011/08/14 20:41:36 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\ImgBurn
[2011/03/31 16:40:25 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Leadertech
[2011/04/21 13:55:16 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Leawo
[2010/12/13 19:12:17 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Local
[2011/07/18 19:24:39 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\LolClient
[2011/03/31 16:48:26 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Memeo
[2011/04/21 13:55:18 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Moyea
[2011/01/24 02:34:15 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\mts
[2010/06/06 14:05:15 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Octoshape
[2010/01/11 01:13:34 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\OpenOffice.org
[2011/03/25 02:08:04 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Rainmeter
[2011/03/31 16:48:10 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Seagate
[2010/05/17 13:58:11 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\SystemRequirementsLab
[2011/04/13 15:39:06 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\TrueCrypt
[2010/06/12 17:07:27 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Turbine
[2011/07/26 16:02:55 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\uTorrent
[2011/10/13 12:42:44 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Here's the quick scan:
OTL logfile created on: 10/17/2011 5:51:02 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\RK\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 60.12% Memory free
8.00 Gb Paging File | 6.30 Gb Available in Paging File | 78.73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.52 Gb Total Space | 10.33 Gb Free Space | 13.87% Space Free | Partition Type: NTFS
Drive D: | 208.92 Gb Total Space | 71.56 Gb Free Space | 34.25% Space Free | Partition Type: NTFS
Drive E: | 7.17 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: RK-PC | User Name: RK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/10/16 06:34:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\RK\Desktop\OTL.exe
PRC - [2011/10/01 22:10:35 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/09/23 06:31:50 | 002,404,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011/09/12 06:23:46 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/07/18 01:32:42 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011/07/07 19:31:08 | 000,259,848 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
PRC - [2011/07/07 19:31:06 | 000,391,944 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
PRC - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009/11/12 11:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/09/03 10:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/08/19 20:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/08/17 09:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/08/12 14:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/18 15:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/13 20:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2007/11/30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
========== Modules (No Company Name) ==========
MOD - [2011/07/18 01:32:42 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2010/12/08 13:07:44 | 000,895,488 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Plus Web Player\libxml2.dll
MOD - [2009/11/12 11:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/09/03 10:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2007/11/30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/09/15 13:21:58 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2007/08/08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/10/13 11:26:35 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/12 06:23:46 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/11/20 05:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 05:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 05:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/04/30 07:47:00 | 000,014,088 | ---- | M] (Memeo) [Disabled | Stopped] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2010/04/22 17:33:04 | 000,025,824 | ---- | M] (Memeo) [Disabled | Stopped] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/03/31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/07/11 01:13:44 | 000,282,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/04/13 15:23:33 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2011/04/12 11:45:50 | 000,018,432 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPub4DE3.sys -- (HPub4DE3) USB Mouse Low Filter Driver_4DE3 (WDF Version)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/09 10:44:44 | 000,025,088 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPMo4DE3.sys -- (HPMo4DE3) Mouse Suite Driver_4DE3 (WDF Version)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/28 16:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/10/21 18:25:39 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2009/10/15 18:23:20 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/10/12 22:54:50 | 000,048,192 | ---- | M] (Gbridge LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gbridge64.sys -- (gbridge)
DRV:64bit: - [2009/10/05 17:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/08/11 22:45:29 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/07/20 02:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/22 07:52:29 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/12 18:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/04/30 19:13:33 | 000,081,440 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008/12/08 18:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008/05/23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/07/24 11:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://asus.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:57576
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=BABTDF&PC=BBLN&q="
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://google.com"
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z045&form=ZGAADF&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 57576
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\RK\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010/12/13 19:12:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010/12/13 19:12:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011/10/15 16:33:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/01 22:10:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/20 13:24:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\RK\AppData\Roaming\Move Networks [2010/01/26 13:06:16 | 000,000,000 | ---D | M]
[2009/12/03 21:00:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RK\AppData\Roaming\Mozilla\Extensions
[2011/10/14 13:35:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RK\AppData\Roaming\Mozilla\Firefox\Profiles\lx9x5m0j.default\extensions
[2011/04/18 15:14:33 | 000,001,919 | ---- | M] () -- C:\Users\RK\AppData\Roaming\Mozilla\Firefox\Profiles\lx9x5m0j.default\searchplugins\bing-zugo.xml
[2011/01/17 19:50:00 | 000,001,832 | ---- | M] () -- C:\Users\RK\AppData\Roaming\Mozilla\Firefox\Profiles\lx9x5m0j.default\searchplugins\bing.xml
[2011/06/10 23:37:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/10 23:37:08 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/10/15 16:33:05 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4
[2011/10/01 22:10:35 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/01 22:10:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old
[2011/04/18 15:15:28 | 000,002,280 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
O1 HOSTS File: ([2011/10/17 05:46:15 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.69.150 68.87.85.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{723CF4EF-4862-4EB1-937F-BCB151323697}: DhcpNameServer = 68.87.69.150 68.87.85.102
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{600194f6-e952-11de-8489-90e6ba8605bf}\Shell - "" = AutoRun
O33 - MountPoints2\{600194f6-e952-11de-8489-90e6ba8605bf}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{d768edbd-babc-11df-998a-90e6ba8605bf}\Shell - "" = AutoRun
O33 - MountPoints2\{d768edbd-babc-11df-998a-90e6ba8605bf}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/10/17 05:45:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/10/16 06:34:18 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\RK\Desktop\OTL.exe
[2011/10/15 16:36:40 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\Apple Computer
[2011/10/15 16:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2011/10/15 16:32:32 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\AVG2012
[2011/10/15 16:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011/10/15 16:27:27 | 003,900,592 | ---- | C] (AVG Technologies) -- C:\Users\RK\Desktop\avg_free_stb_all_2012_1831_cnet.exe
[2011/10/15 04:04:32 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\RK\Desktop\dds.scr
[2011/10/14 13:40:33 | 000,000,000 | ---D | C] -- C:\Users\RK\Desktop\SAS
[2011/10/14 13:36:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/10/14 13:35:01 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\SUPERAntiSpyware.com
[2011/10/14 13:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/10/14 13:33:45 | 000,000,000 | ---D | C] -- C:\Users\RK\Desktop\tdsskiller
[2011/10/14 13:29:37 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\DeviceDoctorSoftware
[2011/10/14 08:32:56 | 000,000,000 | ---D | C] -- C:\VundoFix Backups
[2011/10/14 08:32:50 | 000,000,000 | ---D | C] -- C:\Users\RK\Desktop\VundoFix_v6.5.0
[2011/10/13 12:56:48 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\RK\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/13 12:38:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\33616
[2011/10/11 14:03:51 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\33616
[2011/10/11 14:03:24 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\BA833
========== Files - Modified Within 30 Days ==========
[2011/10/17 05:55:26 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/17 05:55:26 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/17 05:47:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/17 05:47:36 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/17 05:46:15 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/10/17 00:47:30 | 106,726,746 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/10/16 06:34:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\RK\Desktop\OTL.exe
[2011/10/15 16:33:05 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/10/15 16:27:27 | 003,900,592 | ---- | M] (AVG Technologies) -- C:\Users\RK\Desktop\avg_free_stb_all_2012_1831_cnet.exe
[2011/10/15 07:12:58 | 000,007,652 | -H-- | M] () -- C:\Users\RK\AppData\Local\Resmon.ResmonCfg
[2011/10/15 04:04:13 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\RK\Desktop\dds.scr
[2011/10/15 04:04:09 | 000,302,592 | ---- | M] () -- C:\Users\RK\Desktop\nznmbtqt.exe
[2011/10/14 20:00:27 | 000,001,718 | ---- | M] () -- C:\Users\RK\Desktop\Play League of Legends.lnk
[2011/10/14 17:20:05 | 000,000,398 | ---- | M] () -- C:\Users\RK\Desktop\cc_20111014_172000.reg
[2011/10/14 17:19:32 | 000,003,480 | ---- | M] () -- C:\Users\RK\Desktop\cc_20111014_171924.reg
[2011/10/14 17:18:59 | 000,152,988 | ---- | M] () -- C:\Users\RK\Desktop\cc_20111014_171836.reg
[2011/10/14 13:33:35 | 001,541,014 | ---- | M] () -- C:\Users\RK\Desktop\tdsskiller.zip
[2011/10/14 13:29:02 | 000,871,552 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/14 13:29:02 | 000,726,994 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/14 13:29:02 | 000,144,712 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/14 08:32:26 | 000,094,862 | ---- | M] () -- C:\Users\RK\Desktop\VundoFix_v6.5.0.zip
[2011/10/14 03:33:15 | 000,388,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/13 13:55:40 | 000,002,258 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/10/13 12:58:31 | 000,000,750 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/13 12:56:43 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\RK\Desktop\mbam-setup-1.51.2.1300.exe
[2011/10/01 22:11:06 | 000,002,058 | ---- | M] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/01 22:11:06 | 000,002,034 | ---- | M] () -- C:\Users\RK\Desktop\Mozilla Firefox.lnk
[2011/09/19 04:27:07 | 000,865,768 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== Files Created - No Company Name ==========
[2011/10/15 16:33:05 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011/10/15 04:04:39 | 000,302,592 | ---- | C] () -- C:\Users\RK\Desktop\nznmbtqt.exe
[2011/10/14 20:00:27 | 000,001,718 | ---- | C] () -- C:\Users\RK\Desktop\Play League of Legends.lnk
[2011/10/14 17:20:03 | 000,000,398 | ---- | C] () -- C:\Users\RK\Desktop\cc_20111014_172000.reg
[2011/10/14 17:19:29 | 000,003,480 | ---- | C] () -- C:\Users\RK\Desktop\cc_20111014_171924.reg
[2011/10/14 17:18:40 | 000,152,988 | ---- | C] () -- C:\Users\RK\Desktop\cc_20111014_171836.reg
[2011/10/14 13:33:32 | 001,541,014 | ---- | C] () -- C:\Users\RK\Desktop\tdsskiller.zip
[2011/10/14 08:32:25 | 000,094,862 | ---- | C] () -- C:\Users\RK\Desktop\VundoFix_v6.5.0.zip
[2011/10/13 12:58:31 | 000,000,750 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/13 00:29:12 | 000,001,426 | -HS- | C] () -- C:\Users\RK\AppData\Local\deow1vg58852bdtc3g62w37712kpxb620d03722ipd
[2011/06/13 00:29:12 | 000,001,426 | -HS- | C] () -- C:\ProgramData\deow1vg58852bdtc3g62w37712kpxb620d03722ipd
[2011/06/10 23:43:05 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/21 13:52:37 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/04/15 14:19:14 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/04/02 00:20:31 | 000,000,239 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/01/04 02:13:41 | 000,003,584 | -H-- | C] () -- C:\Users\RK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/27 00:31:55 | 000,007,652 | -H-- | C] () -- C:\Users\RK\AppData\Local\Resmon.ResmonCfg
[2010/09/26 00:12:46 | 000,000,000 | -H-- | C] () -- C:\Users\RK\AppData\Local\prvlcl.dat
[2010/06/12 17:06:33 | 000,000,090 | -H-- | C] () -- C:\Users\RK\AppData\Local\fusioncache.dat
[2010/06/12 17:01:08 | 000,865,768 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/01/12 01:11:23 | 000,000,000 | ---- | C] () -- C:\Windows\iPlayer.INI
[2009/10/21 18:25:53 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/08/19 01:33:09 | 000,018,432 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2009/08/19 01:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/28 22:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/10/22 05:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
========== LOP Check ==========
[2011/09/17 12:10:39 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\.minecraft
[2011/10/13 13:53:36 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\33616
[2011/10/15 16:32:32 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\AVG2012
[2011/10/13 13:56:26 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\BA833
[2011/04/14 01:00:09 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\DarksporeData
[2010/12/17 23:49:44 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Dev-Cpp
[2011/10/14 13:29:37 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\DeviceDoctorSoftware
[2010/12/10 13:49:36 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Gbridge
[2010/07/27 04:33:00 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\GlarySoft
[2011/03/19 05:23:52 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\gtk-2.0
[2011/08/14 20:41:36 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\ImgBurn
[2011/03/31 16:40:25 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Leadertech
[2011/04/21 13:55:16 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Leawo
[2010/12/13 19:12:17 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Local
[2011/07/18 19:24:39 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\LolClient
[2011/03/31 16:48:26 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Memeo
[2011/04/21 13:55:18 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Moyea
[2011/01/24 02:34:15 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\mts
[2010/06/06 14:05:15 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Octoshape
[2010/01/11 01:13:34 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\OpenOffice.org
[2011/03/25 02:08:04 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Rainmeter
[2011/03/31 16:48:10 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Seagate
[2010/05/17 13:58:11 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\SystemRequirementsLab
[2011/04/13 15:39:06 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\TrueCrypt
[2010/06/12 17:07:27 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Turbine
[2011/07/26 16:02:55 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\uTorrent
[2011/10/13 12:42:44 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Was there anything else you were wanting me to post?
Sorry for missing your post. No idea how that happened.
How are things at the moment?
Things are still going the same. I reinstalled Windows completely and upon booting up the computer again I found that all the same problems are still persisting as before.
If you did a complete reformat then installed Windows, I cannot see how nothing has changed.
Are you sure you didn't just do a repair?
Please Run the ESET Online Scanner and post the ScanLog with your post for assistance.
- You will need to use Internet Explorer to complete this scan.
- You will need to temporarily Disable your current Anti-virus program.
- Be sure the option to Remove found threats is Un-checked at this time (we may have it clean what it finds at a later time), and the option to Scan unwanted applications is Checked.
- When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log for us as directed below.
NOTE: If you are unable to complete the ESET scan, please try another from the list below:
• Kaspersky Online Scanner • Panda Active Scan • Trend Micro HouseCall • F-Secure Online Virus Scanner
The scan completed but this is all the scanlog has in it:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
Can you try one of the other scanners please. Kaspersky, preferably.
Ok I tried the Kaspersky link and it said not found and so I googled it and the sight said that it's updating the online scanner so I think it's not up at the moment so I ran the panda one and wasn't sure if there was a scan log saved anywhere but I do have the event list here:
Panda Antivirus Pro 2012 incident report
Filter selected:All, Date: All
INCIDENT NOTIFIED BY DATE-TIME RESULT ADDITIONAL INFORMATION
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Scan complete On-demand antivirus scan 11/15/2011 12:43:39 AM Scan: Scanning the whole system
Spyware detected: Cookie/Mediaplex On-demand antivirus scan 11/14/2011 11:14:08 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\xv0aq02x.txt
Spyware detected: Cookie/FastClick On-demand antivirus scan 11/14/2011 11:14:08 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\u3xycsqe.txt
Spyware detected: Cookie/BurstNet On-demand antivirus scan 11/14/2011 11:14:07 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\rx82pdmk.txt
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 11/14/2011 11:14:07 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\mi9s3tv2.txt
Spyware detected: Cookie/YieldManager On-demand antivirus scan 11/14/2011 11:14:07 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\lp6kgk3e.txt
Spyware detected: Cookie/Apmebf On-demand antivirus scan 11/14/2011 11:14:07 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\kz9ffsh0.txt
Spyware detected: Cookie/Doubleclick On-demand antivirus scan 11/14/2011 11:14:06 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\f2qpq7yh.txt
Spyware detected: Cookie/Apmebf On-demand antivirus scan 11/14/2011 11:14:06 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\dx6ch7xs.txt
Spyware detected: Cookie/Advertising On-demand antivirus scan 11/14/2011 11:14:06 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\cupb66bb.txt
Spyware detected: Cookie/Tribalfusion On-demand antivirus scan 11/14/2011 11:14:05 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\bv28nxd7.txt
Spyware detected: Cookie/RealMedia On-demand antivirus scan 11/14/2011 11:14:05 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\b9t84ap6.txt
Spyware detected: Cookie/Advertising On-demand antivirus scan 11/14/2011 11:14:05 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\alfa2yg5.txt
Spyware detected: Cookie/Atlas DMT On-demand antivirus scan 11/14/2011 11:14:05 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\720ssbce.txt
Spyware detected: Cookie/QuestionMarket On-demand antivirus scan 11/14/2011 11:14:05 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\5zabue4s.txt
Spyware detected: Cookie/YieldManager On-demand antivirus scan 11/14/2011 11:14:05 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\4g0xnx4z.txt
Spyware detected: Cookie/PointRoll On-demand antivirus scan 11/14/2011 11:14:05 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\3r8f3a3u.txt
Scan started On-demand antivirus scan 11/14/2011 11:06:15 PM Scan: Scanning the whole system
Scan complete On-demand antivirus scan 11/14/2011 9:20:40 PM Scan: Scanning System
Scan complete On-demand antivirus scan 11/14/2011 9:20:15 PM Scan:
Update Updates system 11/14/2011 9:16:47 PM Correct Type: Identity protection
Update Updates system 11/14/2011 9:16:39 PM Correct File modification signatures
Scan started On-demand antivirus scan 11/14/2011 9:16:38 PM Scan:
Update Updates system 11/14/2011 9:16:35 PM Incorrect Error: Error in the download process
Update Updates system 11/14/2011 9:16:33 PM Incorrect Error: Error in the download process
Update Updates system 11/14/2011 9:16:23 PM Correct File: Threat signatures
Scan started On-demand antivirus scan 11/14/2011 9:15:45 PM Scan: Scanning System
Spyware detected: Cookie/Casalemedia On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\zolv06zc.txt
Spyware detected: Cookie/PointRoll On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\z84rtt41.txt
Spyware detected: Cookie/QuestionMarket On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\yzjl1pfi.txt
Spyware detected: Cookie/QuestionMarket On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\yquc0a7m.txt
Spyware detected: Cookie/Atlas DMT On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\y8qy8hp7.txt
Spyware detected: Cookie/YieldManager On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\xv40w1np.txt
Spyware detected: Cookie/Mediaplex On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\xdkfmft5.txt
Spyware detected: Cookie/RealMedia On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\xdhnyq2w.txt
Spyware detected: Cookie/PointRoll On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\x1uhiorp.txt
Spyware detected: Cookie/FastClick On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\wd3mhj04.txt
Spyware detected: Cookie/Traffic Mar... On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\vt9jzx4z.txt
Spyware detected: Cookie/Apmebf On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\vg0d7mei.txt
Spyware detected: Cookie/Smartadserver On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\u9mtw4sx.txt
Spyware detected: Cookie/RealMedia On-demand antivirus scan 11/14/2011 9:10:29 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\u4nf2cht.txt
Spyware detected: Cookie/Atwola On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\u0gz8atp.txt
Spyware detected: Cookie/PointRoll On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\soe83xa5.txt
Spyware detected: Cookie/Tribalfusion On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\si6j65f2.txt
Spyware detected: Cookie/Mediaplex On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\ryvzl5kb.txt
Spyware detected: Cookie/Doubleclick On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\r88jyx3b.txt
Spyware detected: Cookie/Advertising On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\r4g7qjrq.txt
Spyware detected: Cookie/FastClick On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\qjgoyje4.txt
Spyware detected: Cookie/QuestionMarket On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\qcxky77m.txt
Spyware detected: Cookie/Doubleclick On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\q6vw926n.txt
Spyware detected: Cookie/FastClick On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\pt9ixgww.txt
Spyware detected: Cookie/Tribalfusion On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\pfydkz08.txt
Spyware detected: Cookie/YieldManager On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\pfrym54o.txt
Spyware detected: Cookie/Statcounter On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\pedzt0lw.txt
Spyware detected: Cookie/Casalemedia On-demand antivirus scan 11/14/2011 9:10:28 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\p7f3ezk2.txt
Spyware detected: Cookie/BurstNet On-demand antivirus scan 11/14/2011 9:10:27 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\p1zit9ju.txt
Spyware detected: Cookie/Casalemedia On-demand antivirus scan 11/14/2011 9:10:27 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\oljcofww.txt
Spyware detected: Cookie/Atlas DMT On-demand antivirus scan 11/14/2011 9:10:27 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\lp2v40bo.txt
Spyware detected: Cookie/YieldManager On-demand antivirus scan 11/14/2011 9:10:27 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\lme5d2vb.txt
Spyware detected: Cookie/Mediaplex On-demand antivirus scan 11/14/2011 9:10:27 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\lft2gtwp.txt
Spyware detected: Cookie/Casalemedia On-demand antivirus scan 11/14/2011 9:10:27 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\ke2txz8y.txt
Spyware detected: Cookie/Advertising On-demand antivirus scan 11/14/2011 9:10:27 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\jylaeoiu.txt
Spyware detected: Cookie/FastClick On-demand antivirus scan 11/14/2011 9:10:27 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\jk4xnxh3.txt
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 11/14/2011 9:10:27 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\jbeg92f3.txt
Spyware detected: Cookie/QuestionMarket On-demand antivirus scan 11/14/2011 9:10:27 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\j1gyc28y.txt
Spyware detected: Cookie/Atlas DMT On-demand antivirus scan 11/14/2011 9:10:27 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\ivqh3xw5.txt
Spyware detected: Cookie/Zedo On-demand antivirus scan 11/14/2011 9:10:27 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\iqto52ul.txt
Spyware detected: Cookie/Advertising On-demand antivirus scan 11/14/2011 9:10:27 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\iko1nsv1.txt
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 11/14/2011 9:10:26 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\gz28x62r.txt
Spyware detected: Cookie/Apmebf On-demand antivirus scan 11/14/2011 9:10:26 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\frz4tl5c.txt
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 11/14/2011 9:10:26 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\exg0smql.txt
Spyware detected: Cookie/Overture On-demand antivirus scan 11/14/2011 9:10:26 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\el7ni7te.txt
Spyware detected: Cookie/YieldManager On-demand antivirus scan 11/14/2011 9:10:26 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\e3fw5tfm.txt
Spyware detected: Cookie/Advertising On-demand antivirus scan 11/14/2011 9:10:26 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\drt7q1fa.txt
Spyware detected: Cookie/Mediaplex On-demand antivirus scan 11/14/2011 9:10:26 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\ct7tfdpk.txt
Spyware detected: Cookie/PointRoll On-demand antivirus scan 11/14/2011 9:10:26 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\c9ncxugc.txt
Spyware detected: Cookie/QuestionMarket On-demand antivirus scan 11/14/2011 9:10:26 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\c7h1qlbm.txt
Spyware detected: Cookie/YieldManager On-demand antivirus scan 11/14/2011 9:10:26 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\c3s11b9m.txt
Spyware detected: Cookie/Statcounter On-demand antivirus scan 11/14/2011 9:10:26 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\bxpyyb18.txt
Spyware detected: Cookie/RealMedia On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\bvuq0zhx.txt
Spyware detected: Cookie/WebtrendsLive On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\bv0qcxsf.txt
Spyware detected: Cookie/RealMedia On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\an20qjam.txt
Spyware detected: Cookie/Zedo On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\a7uu0yw3.txt
Spyware detected: Cookie/RealMedia On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\a01y8dp5.txt
Spyware detected: Cookie/Doubleclick On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\9xbu0v8j.txt
Spyware detected: Cookie/RealMedia On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\9a2pnhxc.txt
Spyware detected: Cookie/Tribalfusion On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\8o2ryyrb.txt
Spyware detected: Cookie/Apmebf On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\8gm3r8xa.txt
Spyware detected: Cookie/Atlas DMT On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\7254i7yk.txt
Spyware detected: Cookie/BurstNet On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\6pwmk493.txt
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\1aw7fi8c.txt
Spyware detected: Cookie/PointRoll On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\0szqtuqh.txt
Spyware detected: Cookie/Apmebf On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\6ntvcrdy.txt
Spyware detected: Cookie/QuestionMarket On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\62f4rjva.txt
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\5pghf2ln.txt
Spyware detected: Cookie/Doubleclick On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\5ceck69v.txt
Spyware detected: Cookie/Atlas DMT On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\59m7bjvm.txt
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\4tfi8r5o.txt
Spyware detected: Cookie/RealMedia On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\4e8dy54i.txt
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\49zrjbfa.txt
Spyware detected: Cookie/QuestionMarket On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\3uyemnl8.txt
Spyware detected: Cookie/Doubleclick On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\2yjc0fkz.txt
Spyware detected: Cookie/FastClick On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\27gret32.txt
Spyware detected: Cookie/Advertising On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\20z4fobz.txt
Spyware detected: Cookie/Serving-sys On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\1tokxjab.txt
Spyware detected: Cookie/Mediaplex On-demand antivirus scan 11/14/2011 9:10:25 PM Deleted Path: c:\users\rk\appdata\roaming\microsoft\windows\cookies\0iolq6vz.txt
Scan started On-demand antivirus scan 11/14/2011 9:03:04 PM Scan: Scanning the whole system
Nothing but a bunch of cookies there.
Can you tell me how you reinstalled Windows exactly? Did you zero the drive first?
I have an ASUS laptop and it came with a windows recovery disc and I used that and it said it was going to completely remove everything on the computer in the process. Also on a side note I just finished the Panda online scanner and here's the full report if it helps:
Scanning Report
Tuesday, November 15, 2011 01:22:39 - 04:48:21
Computer name: RK-PC
Scanning type: Scan system for malware, spyware and rootkits
Target: C:\
2 malware found
Stealth_file (virus)
C:\ADSM_PDATA_0150\DRAGWAIT.EXE (Not cleaned & Submitted)
Stealth_file (virus)
C:\ADSM_PDATA_0150\_AVT (Not cleaned & Submitted)
Statistics
Scanned:
Files: 77220
System: 5553
Not scanned: 20
Actions:
Disinfected: 0
Renamed: 0
Deleted: 0
Not cleaned: 2
Submitted: 2
Files not scanned:
C:\HIBERFIL.SYS
C:\PAGEFILE.SYS
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\SAM
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SAM
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SYSTEM
C:\WINDOWS\SYSTEM32\CATROOT2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\CATDB
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SECURITY
C:\WINDOWS\SYSTEM32\CATROOT2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATDB
C:\USERS\RK\APPDATA\LOCAL\TEMP\HSPERFDATA_RK\5624
C:\USERS\RK\APPDATA\LOCAL\TEMP\HSPERFDATA_RK\2092
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C42266709A475524DFDC89A6E5C291C7_BE2FC24E-4D1F-48BD-9A27-FED31EF085CB
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5DE231DDA3474A55827ED043C3C5B42D_BE2FC24E-4D1F-48BD-9A27-FED31EF085CB
C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E9AF8C2D3942C282E1753DC47BD2E90D_BE2FC24E-4D1F-48BD-9A27-FED31EF085CB
C:\BOOT\BCD
Options
Scanning engines:
Scanning options:
Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
Use advanced heuristics
Sorry that's actually the f secure scanner report I just posted.
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:Files C:\ADSM_PDATA_0150 :OTL :Commands [purity] [emptyflash] [emptytemp] [Reboot]
- Then click the Run Fix button at the top.
- Let the program run unhindered, reboot the PC when it is done.
- Post log from this run.
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Ok here's the fix log:
All processes killed
========== FILES ==========
File\Folder C:\ADSM_PDATA_0150 not found.
========== OTL ==========
========== COMMANDS ==========
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: RK
->Flash cache emptied: 6720 bytes
Total Flash Files Cleaned = 0.00 mb
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: RK
->Temp folder emptied: 458430383 bytes
->Temporary Internet Files folder emptied: 166011895 bytes
->Java cache emptied: 40484 bytes
->FireFox cache emptied: 84491492 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 98514377 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 770.00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 11172011_035512
Files\Folders moved on Reboot...
C:\Users\RK\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
And here's the quick scan log:
OTL logfile created on: 11/17/2011 4:02:41 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\RK\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 54.91% Memory free
8.00 Gb Paging File | 5.91 Gb Available in Paging File | 73.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.44 Gb Total Space | 242.60 Gb Free Space | 85.59% Space Free | Partition Type: NTFS
Computer Name: RK-PC | User Name: RK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/11/17 03:53:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\RK\Downloads\OTL.exe
PRC - [2011/11/04 22:53:18 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/11/02 11:46:51 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011/11/02 09:51:32 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/04/14 07:07:56 | 000,173,888 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\TPSrvWow.exe
PRC - [2011/04/13 08:06:56 | 001,000,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\ApVxdWin.exe
PRC - [2010/10/20 15:49:18 | 000,202,048 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe
PRC - [2010/08/16 14:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\psksvc.exe
PRC - [2010/06/04 10:37:50 | 000,314,176 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe
PRC - [2010/05/28 13:42:32 | 000,225,600 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\AVENGINE.EXE
PRC - [2010/04/22 18:29:12 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\WebProxy.exe
PRC - [2009/09/10 17:08:38 | 000,461,440 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe
PRC - [2009/09/03 09:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/08/19 19:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/08/17 08:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/08/12 13:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsCtrlS.exe
PRC - [2009/07/24 09:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/06/24 11:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 09:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 09:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 16:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/18 14:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/12/22 16:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/13 20:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/13 19:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/06/19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe
PRC - [2008/03/31 01:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2008/02/04 17:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe
PRC - [2007/11/30 10:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/07 23:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
========== Modules (No Company Name) ==========
MOD - [2011/11/12 21:51:36 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/04 22:53:18 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/11/02 11:46:51 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2009/09/10 17:09:20 | 000,060,032 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Recovery\RecoveryDVDLang.dll
MOD - [2009/09/03 09:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009/07/24 09:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/03/09 09:29:12 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Recovery\LogonStart.dll
MOD - [2007/11/30 10:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/06/15 09:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/01 16:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2007/02/14 13:55:12 | 000,165,424 | ---- | M] () -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\MiniCrypto.dll
MOD - [2004/05/19 11:33:12 | 000,507,904 | ---- | M] () -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\LIBXML2.DLL
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/09/03 16:59:50 | 000,359,040 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/07 23:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/04/14 07:07:56 | 000,173,888 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\TPSrvWow.exe -- (TPSrv)
SRV - [2010/10/20 15:49:18 | 000,202,048 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2010/08/16 14:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe -- (PskSvcRetail)
SRV - [2010/06/04 10:37:50 | 000,314,176 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe -- (PAVSRV)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsCtrls.exe -- (Panda Software Controller)
SRV - [2009/06/15 16:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe -- (PSIMSVC)
SRV - [2008/03/31 01:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2008/02/04 17:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/11/02 09:51:57 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2011/03/10 22:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/06/22 18:20:18 | 000,030,792 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2010/05/21 13:50:50 | 000,065,608 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\amm6460.sys -- (AmFSM)
DRV:64bit: - [2009/10/27 12:07:42 | 000,048,136 | ---- | M] (Panda Security, S.L.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\ShldFlt.sys -- (ShldFlt)
DRV:64bit: - [2009/10/15 16:23:20 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/09/05 06:10:20 | 001,536,512 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/20 01:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 12:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 02:15:56 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/22 06:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/12 17:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/04/30 18:13:34 | 000,081,440 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008/05/23 16:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/07/24 10:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 60 AA D8 10 A5 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/12 12:20:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011/11/12 12:21:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RK\AppData\Roaming\Mozilla\Extensions
[2011/11/15 01:12:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/15 01:12:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/11/04 22:53:18 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/04 19:21:03 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/04 19:21:03 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.69.150 68.87.85.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5480706B-5368-44B2-A6B8-BEF8BB75B340}: DhcpNameServer = 68.87.69.150 68.87.85.102
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\avldr: DllName - (avldr64.dll) - C:\Windows\SysNative\avldr64.dll (On-Access Anti-Malware Scanner Sync)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/11/17 03:55:12 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/15 01:22:46 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\f-secure
[2011/11/15 01:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2011/11/15 01:12:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/11/14 22:11:30 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\Adobe
[2011/11/14 21:00:09 | 000,000,000 | ---D | C] -- C:\Windows\FltMgr
[2011/11/14 20:59:56 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\Panda Security
[2011/11/14 20:58:30 | 000,030,792 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\pavboot64.sys
[2011/11/14 20:57:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Antivirus Pro 2012
[2011/11/14 20:57:32 | 000,046,640 | ---- | C] (Panda Software) -- C:\Windows\SysNative\pavcpl64.cpl
[2011/11/14 20:57:07 | 000,446,464 | ---- | C] (eHelp Corporation.) -- C:\Windows\SysWow64\HHActiveX.dll
[2011/11/14 20:57:06 | 000,839,488 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavSHook64.dll
[2011/11/14 20:57:06 | 000,546,624 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavSHookWow.dll
[2011/11/14 20:57:06 | 000,323,392 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\TpUtil64.dll
[2011/11/14 20:57:06 | 000,202,048 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\TpUtilWow.dll
[2011/11/14 20:57:06 | 000,114,496 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavLspHook64.dll
[2011/11/14 20:57:06 | 000,090,944 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavIpc64.dll
[2011/11/14 20:57:06 | 000,087,872 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavLspHookWow.dll
[2011/11/14 20:57:06 | 000,066,880 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavIpcWow.dll
[2011/11/14 20:57:06 | 000,025,344 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\sysHelper64.dll
[2011/11/14 20:57:06 | 000,025,344 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\sysHelper32.dll
[2011/11/14 20:57:05 | 000,065,608 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\amm6460.sys
[2011/11/14 20:57:05 | 000,064,768 | ---- | C] (On-Access Anti-Malware Scanner Sync) -- C:\Windows\SysNative\avldr64.dll
[2011/11/14 20:57:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\PAV
[2011/11/14 20:57:05 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\Panda Security
[2011/11/14 20:57:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2011/11/14 20:57:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2011/11/14 20:47:09 | 000,048,136 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\ShldFlt.sys
[2011/11/14 20:47:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Panda Security
[2011/11/14 02:01:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/11/12 12:20:56 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\Mozilla
[2011/11/12 12:20:56 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\Mozilla
[2011/11/12 12:20:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/11/12 11:19:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/11/10 02:53:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/11/09 14:36:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/11/05 01:16:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/11/05 01:16:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/11/05 01:15:56 | 000,000,000 | ---D | C] -- C:\7c9a29b1c56c2c7f8c83e3ab1d
[2011/11/05 01:03:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011/11/05 01:03:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011/11/02 12:35:50 | 000,000,000 | ---D | C] -- C:\Users\RK\riotsGamesLogs
[2011/11/02 12:35:38 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\LolClient
[2011/11/02 12:27:06 | 000,000,000 | ---D | C] -- C:\Riot Games
[2011/11/02 12:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011/11/02 11:48:11 | 000,000,000 | ---D | C] -- C:\Users\RK\Desktop\LeagueOfLegends
[2011/11/02 11:47:42 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\PMB Files
[2011/11/02 11:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/11/02 11:46:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011/11/02 10:56:25 | 004,649,472 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\ETDUI.cpl
[2011/11/02 10:56:25 | 000,117,760 | ---- | C] (ELAN Microelectronic Corp.) -- C:\Windows\SysNative\drivers\ETD.sys
[2011/11/02 10:48:06 | 000,000,000 | ---D | C] -- C:\Users\RK\Documents\ASUS
[2011/11/02 10:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2011/11/02 10:47:54 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\ASUS
[2011/11/02 10:40:16 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\SRS Labs
[2011/11/02 10:35:55 | 000,000,000 | R--D | C] -- C:\Users\RK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/11/02 10:35:55 | 000,000,000 | R--D | C] -- C:\Users\RK\Searches
[2011/11/02 10:35:55 | 000,000,000 | R--D | C] -- C:\Users\RK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/11/02 10:35:55 | 000,000,000 | -H-D | C] -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/11/02 10:35:39 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\Identities
[2011/11/02 10:35:35 | 000,000,000 | R--D | C] -- C:\Users\RK\Contacts
[2011/11/02 10:31:45 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\Macromedia
[2011/11/02 10:31:14 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\Adobe
[2011/11/02 10:30:51 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\VirtualStore
[2011/11/02 10:30:27 | 000,000,000 | --SD | C] -- C:\Users\RK\AppData\Roaming\Microsoft
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Videos
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Saved Games
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Pictures
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Music
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Links
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Favorites
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Downloads
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Documents
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Desktop
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\AppData\Local\Temporary Internet Files
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Templates
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Start Menu
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\SendTo
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Recent
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\PrintHood
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\NetHood
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Documents\My Videos
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Documents\My Pictures
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Documents\My Music
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\My Documents
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Local Settings
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\AppData\Local\History
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Cookies
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Application Data
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\AppData\Local\Application Data
[2011/11/02 10:30:27 | 000,000,000 | -H-D | C] -- C:\Users\RK\AppData
[2011/11/02 10:30:27 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\Temp
[2011/11/02 10:30:27 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\Microsoft
[2011/11/02 10:30:27 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\Media Center Programs
[2011/11/02 10:26:39 | 001,536,512 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2011/11/02 10:19:12 | 000,062,976 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\nvapo64v.dll
[2011/11/02 10:17:16 | 000,019,008 | ---- | C] (Chicony (C) 2006 ATC) -- C:\Windows\DrvInst.exe
[2011/11/02 10:13:27 | 000,015,416 | ---- | C] ( ) -- C:\Windows\SysNative\drivers\kbfiltr.sys
[2011/11/02 10:13:25 | 000,015,928 | ---- | C] (ASUS) -- C:\Windows\SysNative\drivers\ATK64AMD.sys
[2011/11/02 10:00:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/11/02 09:51:57 | 000,035,384 | ---- | C] (ASUSTek Computer Inc) -- C:\Windows\SysNative\drivers\AsDsm.sys
[2011/11/02 09:51:41 | 000,359,040 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\FBAgent.exe
[2011/11/02 09:51:41 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2011/11/02 09:51:34 | 000,520,192 | ---- | C] (ScreenTime Media) -- C:\Windows\SysWow64\ASUS_Screensaver.scr
[2011/11/02 09:51:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ASUS_Screensaver dir
[2011/11/02 09:51:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011/11/02 09:51:31 | 003,058,304 | ---- | C] (ASUS) -- C:\Windows\AsScrPro.exe
[2011/11/02 09:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011/11/02 09:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/11/02 09:50:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/11/02 09:50:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/11/02 09:50:44 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT
[2011/11/02 09:49:59 | 000,183,296 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\ACEngSvr.exe
[2011/11/02 09:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2011/11/02 09:49:37 | 000,000,000 | ---D | C] -- C:\ProgramData\P4G
[2011/11/02 09:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\P4G
[2011/11/02 09:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2011/11/02 09:49:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun
[2011/11/02 09:48:48 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2011/11/02 09:48:06 | 000,215,040 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2011/11/02 09:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs
[2011/11/02 09:47:37 | 000,000,000 | ---D | C] -- C:\Program Files\SRS Labs
[2011/11/02 09:47:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2011/11/02 09:47:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011/11/02 09:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/11/02 09:47:14 | 000,363,008 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011/11/02 09:47:14 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011/11/02 09:47:14 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011/11/02 09:47:14 | 000,198,656 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011/11/02 09:47:14 | 000,095,744 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011/11/02 09:47:14 | 000,073,216 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011/11/02 09:47:13 | 000,294,912 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011/11/02 09:47:13 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011/11/02 09:47:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011/11/02 09:47:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011/11/02 09:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2011/11/02 09:46:40 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/11/02 09:46:40 | 000,000,000 | ---D | C] -- C:\Program Files\ATKGFNEX
[2011/11/02 09:45:36 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/11/02 09:32:47 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/11/02 09:27:08 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2011/11/17 04:04:56 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/17 04:04:56 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/17 04:04:34 | 005,187,648 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/17 04:04:34 | 000,702,600 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2011/11/17 04:04:34 | 000,701,624 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2011/11/17 04:04:34 | 000,687,512 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2011/11/17 04:04:34 | 000,671,974 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2011/11/17 04:04:34 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/17 04:04:34 | 000,618,372 | ---- | M] () -- C:\Windows\SysNative\perfh01F.dat
[2011/11/17 04:04:34 | 000,386,040 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2011/11/17 04:04:34 | 000,137,196 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2011/11/17 04:04:34 | 000,133,886 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2011/11/17 04:04:34 | 000,130,274 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2011/11/17 04:04:34 | 000,128,228 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2011/11/17 04:04:34 | 000,121,660 | ---- | M] () -- C:\Windows\SysNative\perfc01F.dat
[2011/11/17 04:04:34 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/17 04:04:34 | 000,099,468 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2011/11/17 03:58:15 | 000,000,032 | ---- | M] () -- C:\Windows\SysNative\BootTime.ini
[2011/11/17 03:57:36 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2011/11/17 03:57:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/17 03:57:27 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/16 15:12:18 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2011/11/16 04:41:56 | 432,246,064 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/11/14 23:03:16 | 000,001,568 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/11/14 23:03:14 | 000,001,157 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/11/14 20:58:39 | 000,002,115 | ---- | M] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Antivirus Pro 2012.lnk
[2011/11/14 20:58:39 | 000,000,262 | ---- | M] () -- C:\Windows\SysNative\PavCPL64.dat
[2011/11/14 01:56:39 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2011/11/14 01:47:33 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
[2011/11/12 12:20:49 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/11/10 03:08:29 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/02 12:31:21 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2011/11/02 10:54:44 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_K70IC.alu
[2011/11/02 10:40:06 | 000,001,443 | ---- | M] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/02 10:28:47 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/11/02 10:28:47 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/11/02 10:00:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_K61IC_K70IC_V20_WIN7.MRK
[2011/11/02 09:57:59 | 000,002,595 | ---- | M] () -- C:\Users\Public\Desktop\AI Recovery Burner.lnk
[2011/11/02 09:55:59 | 000,001,106 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\tmchlang.lnk
[2011/11/02 09:52:13 | 000,001,236 | ---- | M] () -- C:\Users\Public\Desktop\ASUS Data Security Manager.Lnk
[2011/11/02 09:51:57 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) -- C:\Windows\SysNative\drivers\AsDsm.sys
[2011/11/02 09:51:49 | 000,002,595 | ---- | M] () -- C:\Users\Public\Desktop\ControlDeck.lnk
[2011/11/02 09:51:34 | 000,520,192 | ---- | M] (ScreenTime Media) -- C:\Windows\SysWow64\ASUS_Screensaver.scr
[2011/11/02 09:51:32 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
[2011/11/02 09:50:54 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/11/02 09:50:44 | 000,002,617 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
[2011/11/02 09:50:32 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\LifeFrame.lnk
[2011/11/02 09:50:22 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\ASUS MultiFrame.lnk
[2011/11/02 09:49:59 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\Splendid Utility.Lnk
[2011/11/02 09:49:46 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\SmartLogon Manager.lnk
[2011/11/02 09:47:37 | 000,002,855 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
========== Files Created - No Company Name ==========
[2011/11/14 21:16:31 | 000,008,627 | ---- | C] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2011/11/14 20:58:39 | 000,002,115 | ---- | C] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Antivirus Pro 2012.lnk
[2011/11/14 20:58:39 | 000,000,262 | ---- | C] () -- C:\Windows\SysNative\PavCPL64.dat
[2011/11/14 02:01:21 | 432,246,064 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/11/12 12:20:49 | 000,001,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/11/12 12:20:49 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/11/02 12:31:21 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2011/11/02 10:54:44 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_K70IC.alu
[2011/11/02 10:40:06 | 000,001,415 | ---- | C] () -- C:\Users\RK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/11/02 10:39:49 | 000,001,449 | ---- | C] () -- C:\Users\RK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/11/02 10:30:54 | 000,001,443 | ---- | C] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/02 10:30:27 | 000,000,290 | ---- | C] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/11/02 10:30:27 | 000,000,272 | ---- | C] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/11/02 10:26:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\1043_ASUSTEK_K61IC_K70IC_V20_WIN7.MRK
[2011/11/02 10:19:12 | 000,001,407 | ---- | C] () -- C:\Windows\SysNative\nvhda.nvu
[2011/11/02 10:19:04 | 000,010,744 | ---- | C] () -- C:\Windows\SysNative\nvdisp.nvu
[2011/11/02 10:18:07 | 000,001,383 | ---- | C] () -- C:\Windows\SysNative\nvsmu.nvu
[2011/11/02 10:17:16 | 001,806,400 | ---- | C] () -- C:\Windows\SysNative\drivers\snp2uvc.sys
[2011/11/02 10:17:16 | 000,042,176 | ---- | C] () -- C:\Windows\SysNative\drivers\sncduvc.sys
[2011/11/02 10:17:15 | 000,002,266 | ---- | C] () -- C:\Windows\Uninstvga.bat
[2011/11/02 10:17:15 | 000,002,008 | ---- | C] () -- C:\Windows\Uninstsxga.bat
[2011/11/02 10:17:15 | 000,001,682 | ---- | C] () -- C:\Windows\Uninstuxga.bat
[2011/11/02 10:17:15 | 000,000,386 | ---- | C] () -- C:\Windows\Uninstuxga.reg
[2011/11/02 10:17:15 | 000,000,386 | ---- | C] () -- C:\Windows\Uninstsxga.reg
[2011/11/02 10:17:15 | 000,000,384 | ---- | C] () -- C:\Windows\Uninstvga.reg
[2011/11/02 10:13:30 | 000,000,014 | ---- | C] () -- C:\RECOVERY.DAT
[2011/11/02 10:13:29 | 001,048,576 | RH-- | C] () -- C:\K70IC.BIN
[2011/11/02 10:13:29 | 000,000,019 | ---- | C] () -- C:\K61IC_K70IC_WIN7.20
[2011/11/02 10:00:35 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_K61IC_K70IC_V20_WIN7.MRK
[2011/11/02 09:58:01 | 000,003,116 | ---- | C] () -- C:\Windows\SysNative\wimfltr.inf
[2011/11/02 09:58:00 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2011/11/02 09:57:59 | 000,002,595 | ---- | C] () -- C:\Users\Public\Desktop\AI Recovery Burner.lnk
[2011/11/02 09:55:59 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\tmchlang.lnk
[2011/11/02 09:52:13 | 000,001,236 | ---- | C] () -- C:\Users\Public\Desktop\ASUS Data Security Manager.Lnk
[2011/11/02 09:51:49 | 000,002,595 | ---- | C] () -- C:\Users\Public\Desktop\ControlDeck.lnk
[2011/11/02 09:51:41 | 000,274,560 | ---- | C] () -- C:\Windows\SysNative\GetBootTime.dll
[2011/11/02 09:51:41 | 000,001,568 | ---- | C] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/11/02 09:51:41 | 000,001,157 | ---- | C] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/11/02 09:51:41 | 000,000,105 | ---- | C] () -- C:\Windows\SysNative\FastBoot.ini
[2011/11/02 09:51:41 | 000,000,080 | ---- | C] () -- C:\Windows\SysNative\Defrag.ini
[2011/11/02 09:51:41 | 000,000,052 | ---- | C] () -- C:\Windows\SysNative\RemoveFont.ini
[2011/11/02 09:51:41 | 000,000,032 | ---- | C] () -- C:\Windows\SysNative\BootTime.ini
[2011/11/02 09:51:21 | 000,001,011 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
[2011/11/02 09:50:54 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/11/02 09:50:54 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/11/02 09:50:44 | 000,002,617 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
[2011/11/02 09:50:32 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\LifeFrame.lnk
[2011/11/02 09:50:22 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\ASUS MultiFrame.lnk
[2011/11/02 09:49:59 | 000,001,110 | ---- | C] () -- C:\Users\Public\Desktop\Splendid Utility.Lnk
[2011/11/02 09:49:46 | 000,001,150 | ---- | C] () -- C:\Users\Public\Desktop\SmartLogon Manager.lnk
[2011/11/02 09:48:06 | 000,067,584 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011/11/02 09:47:37 | 000,002,855 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
[2011/11/02 09:47:17 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\SamSfPa.dat
[2011/11/02 09:27:08 | 3220,647,936 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/28 21:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2011/11/15 01:22:46 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\f-secure
[2011/11/02 12:35:38 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\LolClient
[2011/11/14 20:57:05 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Panda Security
[2009/07/13 21:08:49 | 000,009,184 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
And here's the quick scan log:
OTL logfile created on: 11/17/2011 4:02:41 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\RK\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 54.91% Memory free
8.00 Gb Paging File | 5.91 Gb Available in Paging File | 73.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.44 Gb Total Space | 242.60 Gb Free Space | 85.59% Space Free | Partition Type: NTFS
Computer Name: RK-PC | User Name: RK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/11/17 03:53:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\RK\Downloads\OTL.exe
PRC - [2011/11/04 22:53:18 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/11/02 11:46:51 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011/11/02 09:51:32 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/04/14 07:07:56 | 000,173,888 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\TPSrvWow.exe
PRC - [2011/04/13 08:06:56 | 001,000,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\ApVxdWin.exe
PRC - [2010/10/20 15:49:18 | 000,202,048 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe
PRC - [2010/08/16 14:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\psksvc.exe
PRC - [2010/06/04 10:37:50 | 000,314,176 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe
PRC - [2010/05/28 13:42:32 | 000,225,600 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\AVENGINE.EXE
PRC - [2010/04/22 18:29:12 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\WebProxy.exe
PRC - [2009/09/10 17:08:38 | 000,461,440 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe
PRC - [2009/09/03 09:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/08/19 19:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/08/17 08:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/08/12 13:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsCtrlS.exe
PRC - [2009/07/24 09:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/06/24 11:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 09:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 09:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 16:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/18 14:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/12/22 16:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/13 20:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/13 19:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/06/19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe
PRC - [2008/03/31 01:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2008/02/04 17:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe
PRC - [2007/11/30 10:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/07 23:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
========== Modules (No Company Name) ==========
MOD - [2011/11/12 21:51:36 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/04 22:53:18 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/11/02 11:46:51 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2009/09/10 17:09:20 | 000,060,032 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Recovery\RecoveryDVDLang.dll
MOD - [2009/09/03 09:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009/07/24 09:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/03/09 09:29:12 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Recovery\LogonStart.dll
MOD - [2007/11/30 10:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/06/15 09:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/01 16:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2007/02/14 13:55:12 | 000,165,424 | ---- | M] () -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\MiniCrypto.dll
MOD - [2004/05/19 11:33:12 | 000,507,904 | ---- | M] () -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\LIBXML2.DLL
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/09/03 16:59:50 | 000,359,040 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/07 23:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/04/14 07:07:56 | 000,173,888 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\TPSrvWow.exe -- (TPSrv)
SRV - [2010/10/20 15:49:18 | 000,202,048 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2010/08/16 14:54:46 | 000,028,992 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PskSvc.exe -- (PskSvcRetail)
SRV - [2010/06/04 10:37:50 | 000,314,176 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\pavsrvx86.exe -- (PAVSRV)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsCtrls.exe -- (Panda Software Controller)
SRV - [2009/06/15 16:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/19 12:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\PsImSvc.exe -- (PSIMSVC)
SRV - [2008/03/31 01:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2008/02/04 17:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/11/02 09:51:57 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2011/03/10 22:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/06/22 18:20:18 | 000,030,792 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2010/05/21 13:50:50 | 000,065,608 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\amm6460.sys -- (AmFSM)
DRV:64bit: - [2009/10/27 12:07:42 | 000,048,136 | ---- | M] (Panda Security, S.L.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\ShldFlt.sys -- (ShldFlt)
DRV:64bit: - [2009/10/15 16:23:20 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/09/05 06:10:20 | 001,536,512 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/20 01:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 12:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 02:15:56 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/22 06:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/12 17:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/04/30 18:13:34 | 000,081,440 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008/05/23 16:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/07/24 10:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 60 AA D8 10 A5 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/12 12:20:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011/11/12 12:21:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RK\AppData\Roaming\Mozilla\Extensions
[2011/11/15 01:12:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/15 01:12:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/11/04 22:53:18 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/04 19:21:03 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/04 19:21:03 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2012\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.69.150 68.87.85.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5480706B-5368-44B2-A6B8-BEF8BB75B340}: DhcpNameServer = 68.87.69.150 68.87.85.102
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\avldr: DllName - (avldr64.dll) - C:\Windows\SysNative\avldr64.dll (On-Access Anti-Malware Scanner Sync)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/11/17 03:55:12 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/15 01:22:46 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\f-secure
[2011/11/15 01:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2011/11/15 01:12:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/11/14 22:11:30 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\Adobe
[2011/11/14 21:00:09 | 000,000,000 | ---D | C] -- C:\Windows\FltMgr
[2011/11/14 20:59:56 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\Panda Security
[2011/11/14 20:58:30 | 000,030,792 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\pavboot64.sys
[2011/11/14 20:57:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Antivirus Pro 2012
[2011/11/14 20:57:32 | 000,046,640 | ---- | C] (Panda Software) -- C:\Windows\SysNative\pavcpl64.cpl
[2011/11/14 20:57:07 | 000,446,464 | ---- | C] (eHelp Corporation.) -- C:\Windows\SysWow64\HHActiveX.dll
[2011/11/14 20:57:06 | 000,839,488 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavSHook64.dll
[2011/11/14 20:57:06 | 000,546,624 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavSHookWow.dll
[2011/11/14 20:57:06 | 000,323,392 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\TpUtil64.dll
[2011/11/14 20:57:06 | 000,202,048 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\TpUtilWow.dll
[2011/11/14 20:57:06 | 000,114,496 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavLspHook64.dll
[2011/11/14 20:57:06 | 000,090,944 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\PavIpc64.dll
[2011/11/14 20:57:06 | 000,087,872 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavLspHookWow.dll
[2011/11/14 20:57:06 | 000,066,880 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\PavIpcWow.dll
[2011/11/14 20:57:06 | 000,025,344 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\sysHelper64.dll
[2011/11/14 20:57:06 | 000,025,344 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysWow64\sysHelper32.dll
[2011/11/14 20:57:05 | 000,065,608 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\amm6460.sys
[2011/11/14 20:57:05 | 000,064,768 | ---- | C] (On-Access Anti-Malware Scanner Sync) -- C:\Windows\SysNative\avldr64.dll
[2011/11/14 20:57:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\PAV
[2011/11/14 20:57:05 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\Panda Security
[2011/11/14 20:57:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2011/11/14 20:57:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2011/11/14 20:47:09 | 000,048,136 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\ShldFlt.sys
[2011/11/14 20:47:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Panda Security
[2011/11/14 02:01:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/11/12 12:20:56 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\Mozilla
[2011/11/12 12:20:56 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\Mozilla
[2011/11/12 12:20:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/11/12 11:19:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/11/10 02:53:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/11/09 14:36:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011/11/05 01:16:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/11/05 01:16:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/11/05 01:15:56 | 000,000,000 | ---D | C] -- C:\7c9a29b1c56c2c7f8c83e3ab1d
[2011/11/05 01:03:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011/11/05 01:03:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011/11/02 12:35:50 | 000,000,000 | ---D | C] -- C:\Users\RK\riotsGamesLogs
[2011/11/02 12:35:38 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\LolClient
[2011/11/02 12:27:06 | 000,000,000 | ---D | C] -- C:\Riot Games
[2011/11/02 12:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011/11/02 11:48:11 | 000,000,000 | ---D | C] -- C:\Users\RK\Desktop\LeagueOfLegends
[2011/11/02 11:47:42 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\PMB Files
[2011/11/02 11:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/11/02 11:46:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011/11/02 10:56:25 | 004,649,472 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\ETDUI.cpl
[2011/11/02 10:56:25 | 000,117,760 | ---- | C] (ELAN Microelectronic Corp.) -- C:\Windows\SysNative\drivers\ETD.sys
[2011/11/02 10:48:06 | 000,000,000 | ---D | C] -- C:\Users\RK\Documents\ASUS
[2011/11/02 10:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2011/11/02 10:47:54 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\ASUS
[2011/11/02 10:40:16 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\SRS Labs
[2011/11/02 10:35:55 | 000,000,000 | R--D | C] -- C:\Users\RK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/11/02 10:35:55 | 000,000,000 | R--D | C] -- C:\Users\RK\Searches
[2011/11/02 10:35:55 | 000,000,000 | R--D | C] -- C:\Users\RK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/11/02 10:35:55 | 000,000,000 | -H-D | C] -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/11/02 10:35:39 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\Identities
[2011/11/02 10:35:35 | 000,000,000 | R--D | C] -- C:\Users\RK\Contacts
[2011/11/02 10:31:45 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\Macromedia
[2011/11/02 10:31:14 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\Adobe
[2011/11/02 10:30:51 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\VirtualStore
[2011/11/02 10:30:27 | 000,000,000 | --SD | C] -- C:\Users\RK\AppData\Roaming\Microsoft
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Videos
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Saved Games
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Pictures
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Music
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Links
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Favorites
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Downloads
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Documents
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\Desktop
[2011/11/02 10:30:27 | 000,000,000 | R--D | C] -- C:\Users\RK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\AppData\Local\Temporary Internet Files
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Templates
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Start Menu
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\SendTo
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Recent
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\PrintHood
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\NetHood
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Documents\My Videos
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Documents\My Pictures
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Documents\My Music
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\My Documents
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Local Settings
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\AppData\Local\History
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Cookies
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\Application Data
[2011/11/02 10:30:27 | 000,000,000 | -HSD | C] -- C:\Users\RK\AppData\Local\Application Data
[2011/11/02 10:30:27 | 000,000,000 | -H-D | C] -- C:\Users\RK\AppData
[2011/11/02 10:30:27 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\Temp
[2011/11/02 10:30:27 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Local\Microsoft
[2011/11/02 10:30:27 | 000,000,000 | ---D | C] -- C:\Users\RK\AppData\Roaming\Media Center Programs
[2011/11/02 10:26:39 | 001,536,512 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2011/11/02 10:19:12 | 000,062,976 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\nvapo64v.dll
[2011/11/02 10:17:16 | 000,019,008 | ---- | C] (Chicony (C) 2006 ATC) -- C:\Windows\DrvInst.exe
[2011/11/02 10:13:27 | 000,015,416 | ---- | C] ( ) -- C:\Windows\SysNative\drivers\kbfiltr.sys
[2011/11/02 10:13:25 | 000,015,928 | ---- | C] (ASUS) -- C:\Windows\SysNative\drivers\ATK64AMD.sys
[2011/11/02 10:00:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/11/02 09:51:57 | 000,035,384 | ---- | C] (ASUSTek Computer Inc) -- C:\Windows\SysNative\drivers\AsDsm.sys
[2011/11/02 09:51:41 | 000,359,040 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\FBAgent.exe
[2011/11/02 09:51:41 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2011/11/02 09:51:34 | 000,520,192 | ---- | C] (ScreenTime Media) -- C:\Windows\SysWow64\ASUS_Screensaver.scr
[2011/11/02 09:51:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ASUS_Screensaver dir
[2011/11/02 09:51:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011/11/02 09:51:31 | 003,058,304 | ---- | C] (ASUS) -- C:\Windows\AsScrPro.exe
[2011/11/02 09:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011/11/02 09:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/11/02 09:50:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/11/02 09:50:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/11/02 09:50:44 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT
[2011/11/02 09:49:59 | 000,183,296 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\ACEngSvr.exe
[2011/11/02 09:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2011/11/02 09:49:37 | 000,000,000 | ---D | C] -- C:\ProgramData\P4G
[2011/11/02 09:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\P4G
[2011/11/02 09:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2011/11/02 09:49:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun
[2011/11/02 09:48:48 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2011/11/02 09:48:06 | 000,215,040 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2011/11/02 09:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs
[2011/11/02 09:47:37 | 000,000,000 | ---D | C] -- C:\Program Files\SRS Labs
[2011/11/02 09:47:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2011/11/02 09:47:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011/11/02 09:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/11/02 09:47:14 | 000,363,008 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011/11/02 09:47:14 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011/11/02 09:47:14 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011/11/02 09:47:14 | 000,198,656 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011/11/02 09:47:14 | 000,095,744 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011/11/02 09:47:14 | 000,073,216 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011/11/02 09:47:13 | 000,294,912 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011/11/02 09:47:13 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011/11/02 09:47:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011/11/02 09:47:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011/11/02 09:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2011/11/02 09:46:40 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/11/02 09:46:40 | 000,000,000 | ---D | C] -- C:\Program Files\ATKGFNEX
[2011/11/02 09:45:36 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/11/02 09:32:47 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/11/02 09:27:08 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2011/11/17 04:04:56 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/17 04:04:56 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/17 04:04:34 | 005,187,648 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/17 04:04:34 | 000,702,600 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2011/11/17 04:04:34 | 000,701,624 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2011/11/17 04:04:34 | 000,687,512 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2011/11/17 04:04:34 | 000,671,974 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2011/11/17 04:04:34 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/17 04:04:34 | 000,618,372 | ---- | M] () -- C:\Windows\SysNative\perfh01F.dat
[2011/11/17 04:04:34 | 000,386,040 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2011/11/17 04:04:34 | 000,137,196 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2011/11/17 04:04:34 | 000,133,886 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2011/11/17 04:04:34 | 000,130,274 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2011/11/17 04:04:34 | 000,128,228 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2011/11/17 04:04:34 | 000,121,660 | ---- | M] () -- C:\Windows\SysNative\perfc01F.dat
[2011/11/17 04:04:34 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/17 04:04:34 | 000,099,468 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2011/11/17 03:58:15 | 000,000,032 | ---- | M] () -- C:\Windows\SysNative\BootTime.ini
[2011/11/17 03:57:36 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2011/11/17 03:57:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/17 03:57:27 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/16 15:12:18 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2011/11/16 04:41:56 | 432,246,064 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/11/14 23:03:16 | 000,001,568 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/11/14 23:03:14 | 000,001,157 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/11/14 20:58:39 | 000,002,115 | ---- | M] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Antivirus Pro 2012.lnk
[2011/11/14 20:58:39 | 000,000,262 | ---- | M] () -- C:\Windows\SysNative\PavCPL64.dat
[2011/11/14 01:56:39 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2011/11/14 01:47:33 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
[2011/11/12 12:20:49 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/11/10 03:08:29 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/02 12:31:21 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2011/11/02 10:54:44 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_K70IC.alu
[2011/11/02 10:40:06 | 000,001,443 | ---- | M] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/02 10:28:47 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/11/02 10:28:47 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/11/02 10:00:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_K61IC_K70IC_V20_WIN7.MRK
[2011/11/02 09:57:59 | 000,002,595 | ---- | M] () -- C:\Users\Public\Desktop\AI Recovery Burner.lnk
[2011/11/02 09:55:59 | 000,001,106 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\tmchlang.lnk
[2011/11/02 09:52:13 | 000,001,236 | ---- | M] () -- C:\Users\Public\Desktop\ASUS Data Security Manager.Lnk
[2011/11/02 09:51:57 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) -- C:\Windows\SysNative\drivers\AsDsm.sys
[2011/11/02 09:51:49 | 000,002,595 | ---- | M] () -- C:\Users\Public\Desktop\ControlDeck.lnk
[2011/11/02 09:51:34 | 000,520,192 | ---- | M] (ScreenTime Media) -- C:\Windows\SysWow64\ASUS_Screensaver.scr
[2011/11/02 09:51:32 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
[2011/11/02 09:50:54 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/11/02 09:50:44 | 000,002,617 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
[2011/11/02 09:50:32 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\LifeFrame.lnk
[2011/11/02 09:50:22 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\ASUS MultiFrame.lnk
[2011/11/02 09:49:59 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\Splendid Utility.Lnk
[2011/11/02 09:49:46 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\SmartLogon Manager.lnk
[2011/11/02 09:47:37 | 000,002,855 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
========== Files Created - No Company Name ==========
[2011/11/14 21:16:31 | 000,008,627 | ---- | C] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2011/11/14 20:58:39 | 000,002,115 | ---- | C] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Panda Antivirus Pro 2012.lnk
[2011/11/14 20:58:39 | 000,000,262 | ---- | C] () -- C:\Windows\SysNative\PavCPL64.dat
[2011/11/14 02:01:21 | 432,246,064 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/11/12 12:20:49 | 000,001,152 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/11/12 12:20:49 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/11/02 12:31:21 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2011/11/02 10:54:44 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_K70IC.alu
[2011/11/02 10:40:06 | 000,001,415 | ---- | C] () -- C:\Users\RK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/11/02 10:39:49 | 000,001,449 | ---- | C] () -- C:\Users\RK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/11/02 10:30:54 | 000,001,443 | ---- | C] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/02 10:30:27 | 000,000,290 | ---- | C] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/11/02 10:30:27 | 000,000,272 | ---- | C] () -- C:\Users\RK\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/11/02 10:26:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\1043_ASUSTEK_K61IC_K70IC_V20_WIN7.MRK
[2011/11/02 10:19:12 | 000,001,407 | ---- | C] () -- C:\Windows\SysNative\nvhda.nvu
[2011/11/02 10:19:04 | 000,010,744 | ---- | C] () -- C:\Windows\SysNative\nvdisp.nvu
[2011/11/02 10:18:07 | 000,001,383 | ---- | C] () -- C:\Windows\SysNative\nvsmu.nvu
[2011/11/02 10:17:16 | 001,806,400 | ---- | C] () -- C:\Windows\SysNative\drivers\snp2uvc.sys
[2011/11/02 10:17:16 | 000,042,176 | ---- | C] () -- C:\Windows\SysNative\drivers\sncduvc.sys
[2011/11/02 10:17:15 | 000,002,266 | ---- | C] () -- C:\Windows\Uninstvga.bat
[2011/11/02 10:17:15 | 000,002,008 | ---- | C] () -- C:\Windows\Uninstsxga.bat
[2011/11/02 10:17:15 | 000,001,682 | ---- | C] () -- C:\Windows\Uninstuxga.bat
[2011/11/02 10:17:15 | 000,000,386 | ---- | C] () -- C:\Windows\Uninstuxga.reg
[2011/11/02 10:17:15 | 000,000,386 | ---- | C] () -- C:\Windows\Uninstsxga.reg
[2011/11/02 10:17:15 | 000,000,384 | ---- | C] () -- C:\Windows\Uninstvga.reg
[2011/11/02 10:13:30 | 000,000,014 | ---- | C] () -- C:\RECOVERY.DAT
[2011/11/02 10:13:29 | 001,048,576 | RH-- | C] () -- C:\K70IC.BIN
[2011/11/02 10:13:29 | 000,000,019 | ---- | C] () -- C:\K61IC_K70IC_WIN7.20
[2011/11/02 10:00:35 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_K61IC_K70IC_V20_WIN7.MRK
[2011/11/02 09:58:01 | 000,003,116 | ---- | C] () -- C:\Windows\SysNative\wimfltr.inf
[2011/11/02 09:58:00 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2011/11/02 09:57:59 | 000,002,595 | ---- | C] () -- C:\Users\Public\Desktop\AI Recovery Burner.lnk
[2011/11/02 09:55:59 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\tmchlang.lnk
[2011/11/02 09:52:13 | 000,001,236 | ---- | C] () -- C:\Users\Public\Desktop\ASUS Data Security Manager.Lnk
[2011/11/02 09:51:49 | 000,002,595 | ---- | C] () -- C:\Users\Public\Desktop\ControlDeck.lnk
[2011/11/02 09:51:41 | 000,274,560 | ---- | C] () -- C:\Windows\SysNative\GetBootTime.dll
[2011/11/02 09:51:41 | 000,001,568 | ---- | C] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/11/02 09:51:41 | 000,001,157 | ---- | C] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/11/02 09:51:41 | 000,000,105 | ---- | C] () -- C:\Windows\SysNative\FastBoot.ini
[2011/11/02 09:51:41 | 000,000,080 | ---- | C] () -- C:\Windows\SysNative\Defrag.ini
[2011/11/02 09:51:41 | 000,000,052 | ---- | C] () -- C:\Windows\SysNative\RemoveFont.ini
[2011/11/02 09:51:41 | 000,000,032 | ---- | C] () -- C:\Windows\SysNative\BootTime.ini
[2011/11/02 09:51:21 | 000,001,011 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
[2011/11/02 09:50:54 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/11/02 09:50:54 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/11/02 09:50:44 | 000,002,617 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
[2011/11/02 09:50:32 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\LifeFrame.lnk
[2011/11/02 09:50:22 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\ASUS MultiFrame.lnk
[2011/11/02 09:49:59 | 000,001,110 | ---- | C] () -- C:\Users\Public\Desktop\Splendid Utility.Lnk
[2011/11/02 09:49:46 | 000,001,150 | ---- | C] () -- C:\Users\Public\Desktop\SmartLogon Manager.lnk
[2011/11/02 09:48:06 | 000,067,584 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011/11/02 09:47:37 | 000,002,855 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
[2011/11/02 09:47:17 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\SamSfPa.dat
[2011/11/02 09:27:08 | 3220,647,936 | -HS- | C] () -- C:\hiberfil.sys
[2009/07/28 21:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2011/11/15 01:22:46 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\f-secure
[2011/11/02 12:35:38 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\LolClient
[2011/11/14 20:57:05 | 000,000,000 | ---D | M] -- C:\Users\RK\AppData\Roaming\Panda Security
[2009/07/13 21:08:49 | 000,009,184 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
I don't know if this helps any but I've noticed that iexplore.exe doesn't start by itself and no other unwanted things have happened when I'm running the computer offline.
Sorry for lat reply. I totally missed your posts.
Download Bootkit Remover to your Desktop.
- You then need to extract the remover.exe file from the RAR using a program capable of extracting RAR compressed files. If you don't have an extraction program, you can use 7-Zip: http://www.7-zip.org/
- After extracting remover.exe to your Desktop, double-click on remover.exe to run the program (Vista/7 users,right click on remover.exe and click Run As Administrator.
- It will show a Black screen with some data on it.
- Right click on the screen and click Select All.
- Press CTRL+C
- Open a Notepad and press CTRL+V
- Post the output back here.
Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com
Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Home Premium Edition (build 7600), 64-bit
System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000003`a9700000
ATA_Read(): DeviceIoControl() ERROR 1
Boot sector MD5 is: 0ec6b2481fc707d1e901dc2a875f2826
Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)
Done;
Press any key to quit...
Is that what you were lookin for?
Yep. That looks good.
Are you able to reboot your modem or router? Try doing that and then update me on what is happening with the PC still.
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.