Solved Slow computer startups/shutdowns, programs, IE7, Google chrome unresponsive

Status
Not open for further replies.
C

chiehs

Posts: 13   +0
Hello,

Recently my computer has been slowing down significantly. Starting the computer up and shutting it down take much more time than it used to.
Also, while running programs, the computer might suddenly hang, and attempting the task does not seem to work (have to force shutdown).
The same also applies for using IE7 and Chrome, as loading some pages may cause it to hang and become unresponsive. I have noticed this happening more often when trying to access sites that play videos like youtube.

I have ran virus scans with Avira and Malwarebytes, but they did not seem to find anything.

Hope that you can help!

*GMER has an error when I run it because I am using 64-bit Windows 7.
 
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4438

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

17/8/2010 3:38:31 PM
mbam-log-2010-08-17 (15-38-31).txt

Scan type: Quick scan
Objects scanned: 148626
Time elapsed: 5 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



DDS (Ver_10-03-17.01)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 15/6/2010 1:48:51 PM
System Uptime: 17/8/2010 3:08:39 PM (0 hours ago)

Motherboard: ASUSTeK Computer Inc. | | K42Jv
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz | Socket 989 | 1176/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 116 GiB total, 54.812 GiB free.
D: is FIXED (NTFS) - 333 GiB total, 247.774 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Description: A60BATTP IDE Controller
Device ID: ACPI\PNPA000\4&5D18F2DF&0
Manufacturer: (Standard mass storage controllers)
Name: A60BATTP IDE Controller
PNP Device ID: ACPI\PNPA000\4&5D18F2DF&0
Service: ahgaat8d

==== System Restore Points ===================

RP74: 14/8/2010 12:26:49 AM - StopZILLA! Restore Point.
RP75: 14/8/2010 12:28:39 AM - Windows Update
RP76: 14/8/2010 1:04:17 AM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
RP77: 14/8/2010 1:05:10 AM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
RP78: 17/8/2010 11:26:38 AM - Installed Java(TM) 6 Update 21

==== Installed Programs ======================

Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3.3 MUI
Advanced SystemCare 3
ASUS AI Recovery
ASUS AP Bank
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS MultiFrame
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ASUS WebStorage
ATK Package
Avira AntiVir Personal - Free Antivirus
Combined Community Codec Pack 2009-09-09
ControlDeck
CyberLink LabelPrint
CyberLink Power2Go
CyberLink PowerDVD 9
Definition update for Microsoft Office 2010 (KB982726)
FXCM Trading Station
Garena 2010
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
Java Auto Updater
Java(TM) 6 Update 21
JMicron Ethernet Adapter NDIS Driver
JMicron Flash Media Controller Driver
Junk Mail filter update
Malwarebytes' Anti-Malware
MetaTrader 4.00
Microsoft Choice Guard
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Mobile Broadband Modem
MSVCRT
MSXML 4.0 SP3 Parser (KB973685)
NVIDIA PhysX
NVIDIA Updatus
Realtek High Definition Audio Driver
Skype™ 4.2
StarCraft II
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Outlook Social Connector (KB983403)
Visual C++ 8.0 Runtime Setup Package (x64)
VLC media player 1.1.0
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
WinFlash
Wireless Console 3

==== Event Viewer Messages From Past Week ========

17/8/2010 3:08:54 PM, Error: volmgr [46] - Crash dump initialization failed!
17/8/2010 2:44:54 PM, Error: Service Control Manager [7034] - The ASLDR Service service terminated unexpectedly. It has done this 1 time(s).
17/8/2010 11:22:27 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
16/8/2010 9:26:12 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
16/8/2010 12:41:32 AM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147023781.
16/8/2010 12:41:32 AM, Error: Service Control Manager [7023] - The IPsec Policy Agent service terminated with the following error: The authentication service is unknown.
16/8/2010 12:41:32 AM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x8007045B.
15/8/2010 10:09:58 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
15/8/2010 10:09:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
15/8/2010 10:09:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
15/8/2010 10:09:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
15/8/2010 10:09:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
15/8/2010 10:09:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
15/8/2010 10:09:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
15/8/2010 10:08:56 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx vwififlt Wanarpv6 WfpLwf
15/8/2010 10:08:56 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
15/8/2010 10:08:56 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
15/8/2010 10:08:56 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
15/8/2010 10:08:56 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
15/8/2010 10:08:56 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
15/8/2010 10:08:56 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
15/8/2010 10:08:55 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
15/8/2010 10:08:55 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
15/8/2010 10:08:55 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
15/8/2010 10:08:55 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
15/8/2010 10:08:36 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .
14/8/2010 1:05:50 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the szserver service.
13/8/2010 7:00:42 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
13/8/2010 7:00:42 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

==== End Of File ===========================
 
DDS (Ver_10-03-17.01) - NTFSX64
Run by Sian at 15:41:28.67 on Tue 17/08/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.65.1033.18.3884.2556 [GMT 8:00]

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Sian\Desktop\dds.com
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.sg/
uDefault_Page_URL = hxxp://asus.msn.com
mLocal Page = c:\windows\syswow64\blank.htm
mWinlogon: Userinit=c:\windows\syswow64\userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~2\micros~1\office14\URLREDIR.DLL
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files (x86)\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files (x86)\windows live\toolbar\wltcore.dll
uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun
uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
mRun: [BDRegion] c:\program files (x86)\cyberlink\shared files\brs.exe
mRun: [UpdateLBPShortCut] "c:\program files (x86)\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
mRun: [UpdateP2GoShortCut] "c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [ATKOSD2] c:\program files (x86)\asus\atk package\atkosd2\ATKOSD2.exe
mRun: [ATKMEDIA] c:\program files (x86)\asus\atk package\atk media\DMedia.exe
mRun: [HControlUser] c:\program files (x86)\asus\atk package\atk hotkey\HControlUser.exe
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [avgnt] "c:\program files (x86)\avira\antivir desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "c:\program files (x86)\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\fancys~1.lnk - c:\windows\installer\{2b81872b-a054-48da-be3b-fa5c164c303a}\_C4A2FC3E3722966204FDD8.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\srspre~1.lnk - c:\windows\installer\{e5cf6b9c-3abe-43c9-9413-ad5ffc98f049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~2\micros~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\micros~1\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files (x86)\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files (x86)\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs: c:\windows\syswow64\nvinit.dll
BHO-X64: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
BHO-X64: Windows Live Family Safety Browser Helper - No File
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg64.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun-x64: [Persistence] c:\windows\system32\igfxpers.exe
mRun-x64: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
mRun-x64: [Setwallpaper] c:\programdata\SetWallpaper.cmd
AppInit_DLLs-X64: c:\windows\system32\nvinitx.dll

============= SERVICES / DRIVERS ===============

R0 nvpciflt;nvpciflt;c:\windows\system32\drivers\nvpciflt.sys [2010-8-8 24680]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 59904]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/05/27 09:30:05];c:\program files (x86)\cyberlink\powerdvd9\000.fcl [2009-9-2 146928]
R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-5-28 379520]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\avira\antivir desktop\sched.exe [2010-8-17 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files (x86)\avira\antivir desktop\avguard.exe [2010-8-17 267432]
R2 ASMMAP64;ASMMAP64;c:\program files (x86)\asus\atk package\atkgfnex\ASMMAP64.sys [2009-7-3 15416]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-8-17 81072]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe [2010-6-24 1620584]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\drivers\TurboB.sys [2009-8-7 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\intel\intel(r) management engine components\uns\UNS.exe [2010-5-28 2314240]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-1-18 128512]
R3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-5-28 56344]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-2-26 158976]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2010-2-3 271872]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2009-8-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\drivers\JME.sys [2010-2-25 115312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-5-28 135664]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-7-1 52264]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-5-28 35104]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-7-17 61280]
S3 fsssvc;Windows Live Family Safety Service;c:\program files (x86)\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2010-6-25 116224]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSG664.sys [2009-6-11 56832]
S3 TurboBoost;TurboBoost;c:\program files\intel\turboboost\TurboBoost.exe [2009-8-7 118672]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-16 1255736]

=============== Created Last 30 ================

2010-08-17 03:39:27 0 d-----w- c:\users\sian\appdata\roaming\Avira
2010-08-17 03:27:28 0 d-----w- c:\programdata\Sun
2010-08-17 03:27:11 423656 ----a-w- c:\windows\syswow64\deployJava1.dll
2010-08-17 03:27:11 153376 ----a-w- c:\windows\syswow64\javaws.exe
2010-08-17 03:27:11 145184 ----a-w- c:\windows\syswow64\javaw.exe
2010-08-17 03:27:11 145184 ----a-w- c:\windows\syswow64\java.exe
2010-08-17 03:22:11 81072 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-08-17 03:22:11 0 d-----w- c:\programdata\Avira
2010-08-17 03:22:11 0 d-----w- c:\program files (x86)\Avira
2010-08-16 06:23:02 0 d-----w- c:\programdata\Kaspersky Lab
2010-08-15 14:05:03 0 d-----w- c:\programdata\IObit
2010-08-15 14:04:06 0 d-----w- c:\users\sian\appdata\roaming\Malwarebytes
2010-08-15 14:03:21 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-15 14:03:21 0 d-----w- c:\programdata\Malwarebytes
2010-08-15 14:03:21 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-08-15 14:02:31 65536 --sha-w- C:\ntuser.dat{d0a1a51a-a867-11df-96ac-1c4bd6122b68}.TM.blf
 
2010-08-15 14:02:31 65536 --sha-w- C:\ntuser.dat{d0a1a516-a867-11df-96ac-1c4bd6122b68}.TM.blf
2010-08-15 14:02:31 524288 --sha-w- C:\ntuser.dat{d0a1a51a-a867-11df-96ac-1c4bd6122b68}.TMContainer00000000000000000002.regtrans-ms
2010-08-15 14:02:31 524288 --sha-w- C:\ntuser.dat{d0a1a51a-a867-11df-96ac-1c4bd6122b68}.TMContainer00000000000000000001.regtrans-ms
2010-08-15 14:02:31 524288 --sha-w- C:\ntuser.dat{d0a1a516-a867-11df-96ac-1c4bd6122b68}.TMContainer00000000000000000002.regtrans-ms
2010-08-15 14:02:31 524288 --sha-w- C:\ntuser.dat{d0a1a516-a867-11df-96ac-1c4bd6122b68}.TMContainer00000000000000000001.regtrans-ms
2010-08-15 14:02:31 5120 --sha-w- C:\ntuser.dat.LOG1
2010-08-15 14:02:31 262144 ----a-w- C:\ntuser.dat
2010-08-15 14:02:31 0 --sha-w- C:\ntuser.dat.LOG2
2010-08-13 16:24:48 1240 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
2010-08-13 15:33:01 0 d-----w- c:\programdata\STOPzilla!
2010-08-11 14:22:10 463360 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-11 14:22:10 404992 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-11 14:22:10 340992 ----a-w- c:\windows\system32\schannel.dll
2010-08-11 14:22:10 224256 ----a-w- c:\windows\syswow64\schannel.dll
2010-08-11 14:22:10 162304 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-11 14:22:05 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-08-11 14:22:04 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-08-11 14:22:04 3955080 ----a-w- c:\windows\syswow64\ntkrnlpa.exe
2010-08-11 14:22:03 3899784 ----a-w- c:\windows\syswow64\ntoskrnl.exe
2010-08-07 17:21:42 24680 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2010-08-04 13:00:52 0 d-----w- c:\program files (x86)\Combined Community Codec Pack
2010-08-03 01:56:54 12867584 ----a-w- c:\windows\syswow64\shell32.dll
2010-08-02 15:41:37 0 d-----w- c:\program files (x86)\common files\Blizzard Entertainment.Trash
2010-08-02 15:33:37 0 d-----w- c:\programdata\Blizzard Entertainment
2010-08-02 15:33:37 0 d-----w- c:\program files (x86)\StarCraft II
2010-08-02 15:33:37 0 d-----w- c:\program files (x86)\common files\Blizzard Entertainment
2010-07-25 13:33:06 56 ---ha-w- c:\windows\syswow64\ezsidmv.dat

==================== Find3M ====================

2010-07-29 06:30:34 82944 ----a-w- c:\windows\syswow64\iccvid.dll
2010-07-09 08:17:26 347350 ----a-w- c:\windows\system32\nvcoproc.bin
2010-07-09 08:17:18 762472 ----a-w- c:\windows\system32\nv3dappshext.dll
2010-07-09 08:17:18 624744 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2010-07-09 08:17:18 53864 ----a-w- c:\windows\system32\nv3dappshextr.dll
2010-07-09 08:17:18 282728 ----a-w- c:\windows\system32\nvhotkey.dll
2010-07-09 08:17:18 1882216 ----a-w- c:\windows\system32\nvsvcr.dll
2010-07-09 08:17:18 159336 ----a-w- c:\windows\system32\nvvsvc.exe
2010-07-09 08:17:18 1585256 ----a-w- c:\windows\system32\nvsvc64.dll
2010-07-09 08:17:18 15314024 ----a-w- c:\windows\system32\nvcpl.dll
2010-07-09 08:17:18 116328 ----a-w- c:\windows\system32\nvmctray.dll
2010-07-07 06:03:20 660072 ----a-w- c:\windows\system32\nvuninst.exe
2010-06-30 07:13:46 1192960 ----a-w- c:\windows\system32\wininet.dll
2010-06-30 06:25:31 978432 ----a-w- c:\windows\syswow64\wininet.dll
2010-06-30 06:25:18 1226240 ----a-w- c:\windows\syswow64\urlmon.dll
2010-06-30 06:22:45 606208 ----a-w- c:\windows\syswow64\mstime.dll
2010-06-30 06:22:34 5971456 ----a-w- c:\windows\syswow64\mshtml.dll
2010-06-30 06:22:33 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2010-06-30 06:21:57 48128 ----a-w- c:\windows\syswow64\jsproxy.dll
2010-06-30 06:21:47 185856 ----a-w- c:\windows\syswow64\iepeers.dll
2010-06-30 06:21:47 176640 ----a-w- c:\windows\syswow64\ieui.dll
2010-06-30 06:21:46 10985472 ----a-w- c:\windows\syswow64\ieframe.dll
2010-06-30 06:21:44 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
2010-06-30 06:19:16 12800 ----a-w- c:\windows\syswow64\msfeedssync.exe
2010-06-23 02:49:21 178800 ----a-w- c:\windows\syswow64\CmdLineExt_x64.dll
2010-06-19 06:53:18 52224 ----a-w- c:\windows\system32\rtutils.dll
2010-06-19 06:23:50 37376 ----a-w- c:\windows\syswow64\rtutils.dll
2010-06-19 04:32:34 3122688 ----a-w- c:\windows\system32\win32k.sys
2010-06-08 06:02:06 1233920 ----a-w- c:\windows\syswow64\msxml3.dll
2010-06-08 05:36:31 1877504 ----a-w- c:\windows\system32\msxml3.dll
2010-06-07 23:58:00 3184744 ----a-w- c:\windows\system32\nvencodemft.dll
2010-06-07 23:58:00 2890856 ----a-w- c:\windows\syswow64\nvencodemft.dll
2010-06-07 23:58:00 255592 ----a-w- c:\windows\system32\nvcod1921.dll
2010-06-01 20:55:30 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-01 20:55:30 74072 ----a-w- c:\windows\syswow64\XAPOFX1_5.dll
2010-06-01 20:55:30 527192 ----a-w- c:\windows\syswow64\XAudio2_7.dll
2010-06-01 20:55:30 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-01 20:55:30 239960 ----a-w- c:\windows\syswow64\xactengine3_7.dll
2010-06-01 20:55:30 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-05-27 17:00:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2010-05-27 17:00:26 465408 ----a-w- c:\windows\syswow64\psisdecd.dll
2010-05-27 16:59:02 3054136 ----a-w- c:\windows\AsScrPro.exe
2010-05-27 16:59:01 7680 ----a-w- c:\windows\syswow64\instnm.exe
2010-05-27 16:59:01 5120 ----a-w- c:\windows\syswow64\wow32.dll
2010-05-27 16:59:01 25600 ----a-w- c:\windows\syswow64\setup16.exe
2010-05-27 16:59:01 243200 ----a-w- c:\windows\system32\wow64.dll
2010-05-27 16:59:01 2048 ----a-w- c:\windows\syswow64\user.exe
2010-05-27 16:59:01 14336 ----a-w- c:\windows\syswow64\ntvdm64.dll
2010-05-27 16:58:29 716800 ----a-w- c:\windows\syswow64\jscript.dll
2010-05-27 16:57:10 389632 ----a-w- c:\windows\system32\winlogon.exe
2010-05-27 16:57:10 2870272 ----a-w- c:\windows\explorer.exe
2010-05-27 16:57:10 2614272 ----a-w- c:\windows\syswow64\explorer.exe
2010-05-27 16:53:06 85504 ----a-w- c:\windows\syswow64\secproc_ssp_isv.dll
2010-05-27 16:52:30 70656 ----a-w- c:\windows\syswow64\fontsub.dll
2010-05-27 16:52:30 148480 ----a-w- c:\windows\system32\t2embed.dll
2010-05-27 16:52:30 108544 ----a-w- c:\windows\syswow64\t2embed.dll
2010-05-27 16:52:30 100864 ----a-w- c:\windows\system32\fontsub.dll
2010-05-27 16:48:47 311808 ----a-w- c:\windows\system32\msv1_0.dll
2010-05-27 16:48:47 257024 ----a-w- c:\windows\syswow64\msv1_0.dll
2010-05-27 16:48:13 46592 ----a-w- c:\windows\system32\msasn1.dll
2010-05-27 16:48:13 34816 ----a-w- c:\windows\syswow64\msasn1.dll
2010-05-27 16:46:51 1975296 ----a-w- c:\windows\system32\CertEnroll.dll
2010-05-27 16:46:51 1320960 ----a-w- c:\windows\syswow64\CertEnroll.dll
2010-05-27 16:46:51 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2010-05-27 16:46:51 12625408 ----a-w- c:\windows\syswow64\wmploc.DLL
2010-05-27 16:46:51 11406336 ----a-w- c:\windows\syswow64\wmp.dll
2010-05-27 16:28:18 353576 ----a-w- c:\windows\syswow64\msvcr71.dll
2010-05-27 16:28:18 29480 ----a-w- c:\windows\syswow64\msxml3a.dll
2010-05-27 16:28:17 505128 ----a-w- c:\windows\syswow64\msvcp71.dll
2010-05-27 07:24:13 34304 ----a-w- c:\windows\syswow64\atmlib.dll
2010-05-27 06:34:09 46080 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 04:11:32 366080 ----a-w- c:\windows\system32\atmfd.dll
2010-05-27 03:49:37 293888 ----a-w- c:\windows\syswow64\atmfd.dll
2010-05-26 03:41:02 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-05-26 03:41:02 470880 ----a-w- c:\windows\syswow64\d3dx10_43.dll
2010-05-26 03:41:02 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-05-26 03:41:02 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-05-26 03:41:02 248672 ----a-w- c:\windows\syswow64\d3dx11_43.dll
2010-05-26 03:41:02 2106216 ----a-w- c:\windows\syswow64\D3DCompiler_43.dll
2010-05-26 03:41:02 1998168 ----a-w- c:\windows\syswow64\D3DX9_43.dll
2010-05-26 03:41:02 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-05-26 03:41:02 1868128 ----a-w- c:\windows\syswow64\d3dcsx_43.dll
2010-05-26 03:41:00 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-05-21 06:14:28 270208 ------w- c:\windows\system32\MpSigStub.exe
2010-05-19 19:48:12 144384 ----a-w- c:\windows\system32\cdd.dll
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
============= FINISH: 15:42:10.39 ===============
 
Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

====================================================================

Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/

* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
* Close SUPERAntiSpyware.

Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

* Open SUPERAntiSpyware.
* Under "Configuration and Preferences", click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):

  • Close browsers before scanning.
    Scan for tracking cookies.
    Terminate memory threats before quarantining.
* Click the "Close" button to leave the control center screen.
* Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under "Complete Scan", choose Perform Complete Scan.
* Click "Next" to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
* Make sure everything has a checkmark next to it and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* If asked if you want to reboot, click "Yes".
* To retrieve the removal information after reboot, launch SUPERAntispyware again.

  • Click Preferences, then click the Statistics/Logs tab.
    Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    Please copy and paste the Scan Log results in your next reply.
* Click Close to exit the program.
Post SUPERAntiSpyware log.
 
Hi Broni,

Thanks for your quick assistance!

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: ASUSTeK Computer Inc.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: ASUSTeK Computer Inc.
System Product Name: K42Jv
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 204):
0x02E5F000 \SystemRoot\system32\ntoskrnl.exe
0x02E16000 \SystemRoot\system32\hal.dll
0x00BD5000 \SystemRoot\system32\kdcom.dll
0x00CB0000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CF4000 \SystemRoot\system32\PSHED.dll
0x00D08000 \SystemRoot\system32\CLFS.SYS
0x00E43000 \SystemRoot\system32\CI.dll
0x00F03000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00FA7000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x010C8000 \SystemRoot\System32\Drivers\spsp.sys
0x011EE000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x01000000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x0102F000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x01086000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x01090000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00FB6000 \SystemRoot\system32\DRIVERS\pci.sys
0x0109D000 \SystemRoot\System32\drivers\partmgr.sys
0x010B2000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x010BB000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00FE9000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00D66000 \SystemRoot\System32\drivers\volmgrx.sys
0x011F7000 \SystemRoot\system32\drivers\pciide.sys
0x00E00000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00E10000 \SystemRoot\System32\drivers\mountmgr.sys
0x012E1000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x014E9000 \SystemRoot\system32\DRIVERS\atapi.sys
0x014F2000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x0151C000 \SystemRoot\system32\DRIVERS\msahci.sys
0x01527000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01532000 \SystemRoot\system32\drivers\fltmgr.sys
0x0157E000 \SystemRoot\system32\drivers\fileinfo.sys
0x0160D000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01592000 \SystemRoot\System32\Drivers\msrpc.sys
0x017B0000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01200000 \SystemRoot\System32\Drivers\cng.sys
0x017CA000 \SystemRoot\System32\drivers\pcw.sys
0x017DB000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x0189E000 \SystemRoot\system32\drivers\ndis.sys
0x01990000 \SystemRoot\system32\drivers\NETIO.SYS
0x01800000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01A02000 \SystemRoot\System32\drivers\tcpip.sys
0x0182B000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01273000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01875000 \SystemRoot\System32\Drivers\spldr.sys
0x00DC2000 \SystemRoot\System32\drivers\rdyboost.sys
0x0187D000 \SystemRoot\system32\DRIVERS\nvpciflt.sys
0x01882000 \SystemRoot\System32\Drivers\mup.sys
0x01894000 \SystemRoot\System32\drivers\hwpolicy.sys
0x00C00000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x017E5000 \SystemRoot\system32\DRIVERS\disk.sys
0x00C3A000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x00C6A000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x019F0000 \SystemRoot\System32\Drivers\Null.SYS
0x019F9000 \SystemRoot\System32\Drivers\Beep.SYS
0x012BF000 \SystemRoot\System32\drivers\vga.sys
0x02E6E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x02E93000 \SystemRoot\System32\drivers\watchdog.sys
0x02EA3000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x02EAC000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02EB5000 \SystemRoot\system32\drivers\rdprefmp.sys
0x02EBE000 \SystemRoot\System32\Drivers\Msfs.SYS
0x02EC9000 \SystemRoot\System32\Drivers\Npfs.SYS
0x02EDA000 \SystemRoot\system32\DRIVERS\tdx.sys
0x02EF8000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x02F05000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02F4A000 \SystemRoot\system32\drivers\afd.sys
0x02FD4000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x02E00000 \SystemRoot\system32\DRIVERS\pacer.sys
0x02E26000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x02E3C000 \SystemRoot\system32\DRIVERS\netbios.sys
0x02E4B000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x02FDD000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03C25000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03C76000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03C82000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x03C8D000 \SystemRoot\System32\drivers\discache.sys
0x03C9C000 \SystemRoot\System32\Drivers\dfsc.sys
0x03CBA000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x03CCB000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x03CED000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x100E3000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x10D75000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x03E4E000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x03F42000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04A1A000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x04A00000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x03F88000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x03F99000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x03E00000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04015000 \SystemRoot\system32\DRIVERS\athrx.sys
0x0419E000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x041AB000 \SystemRoot\system32\DRIVERS\jmcr.sys
0x041D2000 \SystemRoot\system32\DRIVERS\JME.sys
0x03E24000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x10D77000 \SystemRoot\system32\DRIVERS\ETD.sys
0x041F1000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x04000000 \SystemRoot\system32\DRIVERS\kbfiltr.sys
0x03FEF000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x10D9C000 \SystemRoot\system32\DRIVERS\Impcd.sys
0x04008000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x04A11000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x10DC3000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0400D000 \SystemRoot\system32\DRIVERS\ATK64AMD.sys
0x10DD9000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x10DE9000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x10000000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x053F3000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x10024000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x10053000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x1006E000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x1008F000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x03FFE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x03D13000 \SystemRoot\system32\DRIVERS\ks.sys
0x100A9000 \SystemRoot\system32\DRIVERS\circlass.sys
0x100BB000 \SystemRoot\system32\DRIVERS\umbus.sys
0x03D56000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x100CD000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05AB8000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x05CF4000 \SystemRoot\system32\drivers\portcls.sys
0x05D31000 \SystemRoot\system32\drivers\drmk.sys
0x05D53000 \SystemRoot\system32\drivers\ksthunk.sys
0x05D59000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
0x000B0000 \SystemRoot\System32\win32k.sys
0x05DA0000 \SystemRoot\System32\drivers\Dxapi.sys
0x05DBA000 \SystemRoot\system32\DRIVERS\monitor.sys
0x05DEF000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x05DF8000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x05A0D000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x02C36000 \SystemRoot\system32\DRIVERS\snp2uvc.sys
0x02DEE000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x02C00000 \SystemRoot\system32\DRIVERS\sncduvc.SYS
0x005E0000 \SystemRoot\System32\TSDDD.dll
0x00660000 \SystemRoot\System32\cdd.dll
0x03DDC000 \SystemRoot\system32\drivers\luafv.sys
0x042D1000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x0430E000 \SystemRoot\system32\drivers\WudfPf.sys
0x04296000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x043AA000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x042AB000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x00E2A000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x042BE000 \SystemRoot\system32\DRIVERS\TurboB.sys
0x042C5000 \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
0x06284000 \SystemRoot\system32\drivers\HTTP.sys
0x0634C000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0636A000 \SystemRoot\System32\drivers\mpsdrv.sys
0x06382000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x063AF000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x06200000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x06A02000 \SystemRoot\system32\drivers\peauth.sys
0x06AA8000 \SystemRoot\System32\Drivers\secdrv.SYS
0x06AB3000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x06AE0000 \SystemRoot\System32\drivers\tcpipreg.sys
0x06AF2000 \??\C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl
0x06B1D000 \SystemRoot\System32\DRIVERS\srv2.sys
0x06C1F000 \SystemRoot\System32\DRIVERS\srv.sys
0x06CB5000 \SystemRoot\System32\Drivers\fastfat.SYS
0x06D64000 \SystemRoot\system32\DRIVERS\ewusbfake.sys
0x06D81000 \SystemRoot\system32\DRIVERS\ewusbmdm.sys
0x06C00000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x06CEB000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x06D10000 \SystemRoot\System32\Drivers\crashdmp.sys
0x06D9E000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x06DAC000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x06DC5000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x77CA0000 \Windows\System32\ntdll.dll
0x483A0000 \Windows\System32\smss.exe
0xFFFC0000 \Windows\System32\apisetschema.dll
0xFF570000 \Windows\System32\autochk.exe
0xFFF30000 \Windows\System32\shlwapi.dll
0xFFE50000 \Windows\System32\oleaut32.dll
0xFFDB0000 \Windows\System32\clbcatq.dll
0xFFBD0000 \Windows\System32\setupapi.dll
0xFFB80000 \Windows\System32\Wldap32.dll
0xFFA00000 \Windows\System32\urlmon.dll
0x77B80000 \Windows\System32\kernel32.dll
0xFF930000 \Windows\System32\usp10.dll
0xFF6D0000 \Windows\System32\iertutil.dll
0xFF5A0000 \Windows\System32\rpcrt4.dll
0xFF570000 \Windows\System32\autochk.exe
0xFF550000 \Windows\System32\imagehlp.dll
0x77A80000 \Windows\System32\user32.dll
0xFF420000 \Windows\System32\wininet.dll
0xFF3A0000 \Windows\System32\difxapi.dll
0xFF390000 \Windows\System32\lpk.dll
0xFF280000 \Windows\System32\msctf.dll
0xFF270000 \Windows\System32\nsi.dll
0x77E70000 \Windows\System32\psapi.dll
0xFF250000 \Windows\System32\sechost.dll
0xFF1E0000 \Windows\System32\gdi32.dll
0xFE450000 \Windows\System32\shell32.dll
0xFE3B0000 \Windows\System32\msvcrt.dll
0xFE310000 \Windows\System32\comdlg32.dll
0x77E60000 \Windows\System32\normaliz.dll
0xFE2C0000 \Windows\System32\ws2_32.dll
0xFE0B0000 \Windows\System32\ole32.dll
0xFDFD0000 \Windows\System32\advapi32.dll
0xFDE60000 \Windows\System32\crypt32.dll
0xFDDC0000 \Windows\System32\comctl32.dll
0xFDD80000 \Windows\System32\cfgmgr32.dll
0xFDD40000 \Windows\System32\wintrust.dll
0xFDCD0000 \Windows\System32\KernelBase.dll
0xFDCB0000 \Windows\System32\devobj.dll
0xFDCA0000 \Windows\System32\msasn1.dll
0x75CD0000 \Windows\SysWOW64\normaliz.dll

Processes (total 87):
0 System Idle Process
4 System
328 C:\Windows\System32\smss.exe
464 csrss.exe
564 C:\Windows\System32\wininit.exe
584 csrss.exe
620 C:\Windows\System32\services.exe
644 C:\Windows\System32\lsass.exe
652 C:\Windows\System32\lsm.exe
760 C:\Windows\System32\svchost.exe
876 C:\Windows\System32\svchost.exe
936 C:\Windows\System32\svchost.exe
968 C:\Windows\System32\svchost.exe
996 C:\Windows\System32\svchost.exe
500 C:\Windows\System32\svchost.exe
372 C:\Windows\System32\svchost.exe
1112 C:\Windows\System32\winlogon.exe
1236 C:\Windows\System32\FBAgent.exe
1320 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
1440 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
1508 C:\Windows\System32\spoolsv.exe
1572 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
1692 C:\Windows\System32\svchost.exe
1820 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
1856 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
1896 C:\Windows\System32\svchost.exe
1988 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1792 C:\Windows\System32\svchost.exe
2300 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
2308 C:\Windows\System32\conhost.exe
2600 C:\Windows\System32\svchost.exe
2824 C:\Windows\System32\svchost.exe
2312 C:\Windows\System32\taskhost.exe
2904 C:\Windows\System32\taskeng.exe
1612 C:\Windows\System32\dwm.exe
2984 C:\Windows\explorer.exe
256 C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2064 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
1040 C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
1256 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
1728 C:\Program Files\P4G\BatteryLife.exe
1600 C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
2208 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
2816 WmiPrvSE.exe
2924 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
1180 C:\Windows\System32\igfxtray.exe
688 C:\Windows\System32\hkcmd.exe
1656 C:\Windows\System32\igfxpers.exe
2112 C:\Program Files\Elantech\ETDCtrl.exe
3088 C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
3120 WmiPrvSE.exe
3468 C:\Program Files (x86)\CyberLink\Shared files\brs.exe
3484 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
3516 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
3584 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
3640 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
3648 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
3656 C:\Program Files\Elantech\ETDCtrlHelper.exe
3668 C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
3716 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
3736 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3868 C:\Windows\System32\SearchIndexer.exe
1160 C:\Windows\SysWOW64\ACEngSvr.exe
3240 C:\Windows\System32\svchost.exe
1412 C:\Program Files\Windows Media Player\wmpnetwk.exe
4836 C:\Windows\AsScrPro.exe
4856 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
5016 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
5084 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
4368 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
4008 C:\Windows\System32\svchost.exe
2780 C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
5304 C:\Program Files (x86)\Garena\Garena.exe
4448 C:\Program Files (x86)\Mobile Broadband Modem\Mobile Broadband Modem.exe
5928 C:\Windows\System32\audiodg.exe
5488 C:\Program Files (x86)\Internet Explorer\iexplore.exe
7944 C:\Program Files (x86)\Internet Explorer\iexplore.exe
472 C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe
8152 C:\Program Files (x86)\Internet Explorer\iexplore.exe
9792 C:\Program Files (x86)\Internet Explorer\iexplore.exe
6720 C:\Program Files (x86)\Internet Explorer\iexplore.exe
8088 C:\Windows\System32\SearchProtocolHost.exe
8520 C:\Windows\System32\SearchFilterHost.exe
7408 C:\Windows\System32\SearchProtocolHost.exe
4916 C:\Users\Sian\Desktop\MBRCheck.exe
5500 C:\Windows\System32\conhost.exe
9372 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000004`26676e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000021`426eac00 (NTFS)

PhysicalDrive0 Model Number: ST9500325AS, Rev: 0003SDM1

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!
 
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/18/2010 at 11:46 AM

Application Version : 4.41.1000

Core Rules Database Version : 5372
Trace Rules Database Version: 3184

Scan type : Complete Scan
Total Scan Time : 00:41:40

Memory items scanned : 310
Memory threats detected : 0
Registry items scanned : 13107
Registry threats detected : 0
File items scanned : 101597
File threats detected : 143

Adware.Tracking Cookie
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@richmedia.yahoo[1].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@ad.yieldmanager[3].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@mediacorp.112.2o7[1].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@chitika[3].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@msnportal.112.2o7[2].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@ads.bleepingcomputer[2].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@atdmt[6].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@toplist[2].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@content.yieldmanager[5].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@sistic.122.2o7[1].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@2o7[2].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@statcounter[2].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@collective-media[1].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@ads.admaxasia[2].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@content.yieldmanager[4].txt
.atdmt.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificmedia.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
cdn4.specificclick.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
cdn4.specificclick.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
cdn4.specificclick.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.stopzilla.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.stopzilla.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.stopzilla.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.stopzilla.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.dmtracker.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.bs.serving-sys.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.xiti.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
rotator.adjuggler.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
rotator.adjuggler.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
rotator.adjuggler.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
adsrv.admediate.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
adsrv.admediate.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.webmasterplan.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
adsrv.admediate.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.webmasterplan.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.webmasterplan.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.traffictrack.de [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.game-advertising-online.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adfarm1.adition.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zanox-affiliate.de [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
www.zanox-affiliate.de [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.kaspersky.122.2o7.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.yadro.ru [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.chitika.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.toplist.cz [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediaonenetwork.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.pointroll.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.pointroll.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.sistic.122.2o7.net [ C:\Users\Sian\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@ad.yieldmanager[1].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@ads.admaxasia[1].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@ads.pubmatic[1].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@atdmt[2].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@atdmt[3].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@atdmt[4].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@atdmt[5].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@chitika[1].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@content.yieldmanager[2].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@content.yieldmanager[3].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@invitemedia[1].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@mediaonenetwork[1].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@stopzilla[1].txt
C:\Users\Sian\AppData\Roaming\Microsoft\Windows\Cookies\sian@tacoda[1].txt
 
So far, all looks clean :)

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:



netsvcs
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\system32\spool\prtprocs\w32x86\*.tmp
%systemroot%\*. /mp /s
/md5start
/md5stop
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs



* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
Hmm, it seems after I did the SUPERAntiSpyware scan and rebooted my computer, my Internet Explorer browser becomes unresponsive whenever I open it. Have to go back to using Chrome again now, do you have any idea what the problem might be?
 
I see no connection.
Super removed only some tracking cookies.
They're merely text files...more, or less harmless.

Go ahead with OTL. We'll see what happens.
 
Yup okay, just asking! Will probably just try reinstalling it to see if it fixes the problem later.

The txt files are too large to post in the reply, so I attached them. Hope that's okay.
 

Attachments

  • OTL.Txt
    136.7 KB · Views: 1
  • Extras.Txt
    44.6 KB · Views: 1
I don't see much here.....
I hope, you're not using registry part of Advanced System Care....

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{0136a372-8024-11df-8de2-1c4bd6122b68}\Shell - "" = AutoRun
O33 - MountPoints2\{0136a372-8024-11df-8de2-1c4bd6122b68}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/23 02:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{0136a38c-8024-11df-8de2-1c4bd6122b68}\Shell - "" = AutoRun
O33 - MountPoints2\{0136a38c-8024-11df-8de2-1c4bd6122b68}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/23 02:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{4ae60454-802d-11df-8c96-1c4bd6122b68}\Shell - "" = AutoRun
O33 - MountPoints2\{4ae60454-802d-11df-8c96-1c4bd6122b68}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/23 02:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/23 02:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
[2010/08/13 23:33:01 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!


:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
 
All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\control panel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\restrictions\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\control panel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\restrictions\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui\ deleted successfully.
C:\Windows\SysNative\igfxdev.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0136a372-8024-11df-8de2-1c4bd6122b68}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0136a372-8024-11df-8de2-1c4bd6122b68}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0136a372-8024-11df-8de2-1c4bd6122b68}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0136a372-8024-11df-8de2-1c4bd6122b68}\ not found.
File move failed. G:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0136a38c-8024-11df-8de2-1c4bd6122b68}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0136a38c-8024-11df-8de2-1c4bd6122b68}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0136a38c-8024-11df-8de2-1c4bd6122b68}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0136a38c-8024-11df-8de2-1c4bd6122b68}\ not found.
File move failed. G:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ae60454-802d-11df-8c96-1c4bd6122b68}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ae60454-802d-11df-8c96-1c4bd6122b68}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ae60454-802d-11df-8c96-1c4bd6122b68}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ae60454-802d-11df-8c96-1c4bd6122b68}\ not found.
File move failed. G:\AutoRun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.
File move failed. G:\AutoRun.exe scheduled to be moved on reboot.
C:\ProgramData\STOPzilla!\vdb folder moved successfully.
C:\ProgramData\STOPzilla!\Quarantine folder moved successfully.
C:\ProgramData\STOPzilla! folder moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Sian
->Temp folder emptied: 1438095 bytes
->Temporary Internet Files folder emptied: 99372717 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 22379383 bytes
->Flash cache emptied: 1944 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: UpdatusUser.Sian-PC
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 15116 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 48955 bytes

Total Files Cleaned = 118.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Sian
->Flash cache emptied: 0 bytes

User: UpdatusUser
->Flash cache emptied: 0 bytes

User: UpdatusUser.Sian-PC
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.10.0 log created on 08182010_132712

Files\Folders moved on Reboot...
File move failed. G:\AutoRun.exe scheduled to be moved on reboot.
C:\Users\Sian\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VMT4MW2R\7rnylnyt[1].css moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VMT4MW2R\google_com_sg[1].htm moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VMT4MW2R\home[1].htm moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VMT4MW2R\home[2].htm moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V1J2P0K3\6pa1za89[1].css moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V1J2P0K3\8t0jwey6[1].css moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V1J2P0K3\aaiezkrf[1].css moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V1J2P0K3\google_com_sg[1].htm moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V1J2P0K3\home[1].htm moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V1J2P0K3\redirectiframe[1].html moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IXIYJ9GQ\AC_RunActiveContent[1].js moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IXIYJ9GQ\bw7hgwyd[1].css moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IXIYJ9GQ\google_com_sg[1].htm moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IXIYJ9GQ\home[1].htm moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IXIYJ9GQ\jumboseafood_com_sg[1].htm moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IXIYJ9GQ\pnfo76ka[1].css moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BGNYR72Q\google_com_sg[1].htm moved successfully.
C:\Users\Sian\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...
 
Actually I was using it...is it bad for the computer? I didn't know..
 

Attachments

  • OTL.Txt
    114 KB · Views: 1
Good :)

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Go to Kaspersky website and perform an online antivirus scan.

  • Disable your active antivirus program.
  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
    • Archives
    • Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
 
The Kaspersky online scan looks like it may take a looong while, so I'll just post the Security checkup first.


Results of screen317's Security Check version 0.99.5
Windows 7 (UAC is disabled!)
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 21
Adobe Flash Player
Adobe Reader 9.3.3 MUI
````````````````````````````````
Process Check:
objlist.exe by Laurent
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````
 
The online scan didn't seem to find anything...strange...I wonder why my computer is acting so strangely.


--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Wednesday, August 18, 2010
Operating system: Microsoft (build 7600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Wednesday, August 18, 2010 00:54:29
Records in database: 4138097
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
G:\
H:\

Scan statistics:
Objects scanned: 106003
Threats found: 0
Infected objects found: 0
Suspicious objects found: 0
Scan duration: 02:07:02

No threats found. Scanned area is clean.

Selected area has been scanned.
 
Excellent :)

OTL Clean-Up
Clean up with OTL:

* Double-click OTL.exe to start the program.
* Close all other programs apart from OTL as this step will require a reboot
* On the OTL main screen, press the CLEANUP button
* Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

=====================================================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point.

Turn off System Restore:

- Windows XP:
1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore".
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
- Windows Vista and 7:
1. Click Start.
2. Right-click the Computer icon, and then click Properties.
3. Click on System Protection under the Tasks column on the left side
4. Click on Continue on the "User Account Control" window that pops up
5. Under the System Protection tab, find Available Disks
6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:")
7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
8. Click OK

2. Restart computer.

3. Turn System Restore on.

4. Make sure, Windows Updates are current.

5. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

8. Run Temporary File Cleaner (TFC) weekly.

9. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

10. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

11. Run defrag at your convenience.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

13. Please, let me know, how your computer is doing.
 
Hi Broni, did as you said, so far my computer seems to be running fine again. Thanks so much for all your help! :)
 
Cool
dancing_dude.gif

Good luck and stay safe :)
 
Status
Not open for further replies.

Similar threads

Cal Jeffrey
End of an era: The last two print computer magazines just pressed their last issues
Replies
16
Views
932
Cal Jeffrey
Cal Jeffrey
G
Computer boots to Windows once only when moving RAM to a different slot. Also have display issues
Replies
6
Views
3K
Kshipper
Kshipper
Humza
Google addresses criticisms over Stadia's 4K performance
Replies
8
Views
2K
lipe123
L

Latest posts

Back