Solved Virus/Malware plays a wierd sound in random intervals

J

jadariin

Posts: 17   +0
This started 2 days ago and my computer plays a wierd sound reminiscent of a starcraft soundbyte in random intervals. At first I thought it was a messenger alert tone but Ive muted every single one of them including steam/origin/etc but the sound is still there. Ive tried every malware/spyware/virus remover ive had but still to no avail. The sound is still there. Its tolerable but the idea of having a virus/spyware in my computer gives me a scare since I use this pc for banking and other personal stuff and prompted me to change all my passwords. Can you please help me?


LOGS


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8089

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

11/6/2011 7:31:38 AM
mbam-log-2011-11-06 (07-31-38).txt

Scan type: Quick scan
Objects scanned: 169096
Time elapsed: 1 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Start (Disabled.Cryptsvc) -> Bad: (4) Good: (2) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-06 07:45:27
Windows 6.1.7601 Service Pack 1
Running: few7wolv.exe


---- Files - GMER 1.0.15 ----

File C:\## aswSnx private storage 0 bytes
File C:\## aswSnx private storage\snx_rhive 262144 bytes
File C:\## aswSnx private storage\snx_rhive.LOG1 148480 bytes
File C:\## aswSnx private storage\snx_rhive.LOG2 0 bytes
File C:\## aswSnx private storage\snx_rhive{2270c1f8-0799-11e1-9904-002522183aa8}.TM.blf 65536 bytes
File C:\## aswSnx private storage\snx_rhive{2270c1f8-0799-11e1-9904-002522183aa8}.TMContainer00000000000000000001.regtrans-ms 524288 bytes
File C:\## aswSnx private storage\snx_rhive{2270c1f8-0799-11e1-9904-002522183aa8}.TMContainer00000000000000000002.regtrans-ms 524288 bytes
File C:\## aswSnx private storage\webStorage 0 bytes
File C:\## aswSnx private storage\webStorage\attrib 0 bytes
File C:\## aswSnx private storage\webStorage\image 0 bytes
File C:\## aswSnx private storage\webStorage\image\Windows 0 bytes
File C:\## aswSnx private storage\webStorage\image\Windows\Prefetch 0 bytes
File C:\## aswSnx private storage\webStorage\image\Windows\Prefetch\CONHOST.EXE-3218E401.pf 16580 bytes
File C:\## aswSnx private storage\webStorage\image\Windows\Prefetch\IEXPLORE.EXE-BC8A94AF.pf 16140 bytes
File C:\## aswSnx private storage\webStorage\image\Windows\Prefetch\PEV.3XE-49CBEEB9.pf 16012 bytes
File C:\## aswSnx private storage\webStorage\snx_fs.dat 740 bytes

---- EOF - GMER 1.0.15 ----


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514
Run by Jaime at 7:46:11 on 2011-11-06
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe,
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\PKMCDO.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: IDMIEHlprObj Class: {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO-X64: IDM Helper - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jaime\AppData\Roaming\Mozilla\Firefox\Profiles\g4am3xke.default\
FF - component: C:\Users\Jaime\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - C:\Users\Jaime\AppData\Roaming\IDM\idmmzcc3
FF - Ext: avast! WebRep: wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2011-11-05 12:08:14 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-11-05 12:08:14 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-11-05 10:29:11 -------- d-----w- C:\Program Files (x86)\AMD APP
2011-11-05 10:29:07 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2011-11-05 10:28:19 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2011-11-05 10:27:31 -------- d-----w- C:\Program Files\ATI Technologies
2011-11-05 09:09:43 -------- d-----w- C:\Users\Jaime\AppData\Roaming\Malwarebytes
2011-11-05 09:07:14 -------- d-----w- C:\ProgramData\Malwarebytes
2011-11-05 09:07:11 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-05 09:07:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-05 08:29:39 -------- d-----w- C:\Windows\pss
2011-11-05 08:09:11 -------- d-----w- C:\Program Files (x86)\Smart Virus Remover
2011-11-05 03:56:04 16432 ----a-w- C:\Windows\System32\lsdelete.exe
2011-11-05 00:50:57 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2011-11-05 00:26:37 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys
2011-11-05 00:26:19 -------- d-----w- C:\Program Files (x86)\Lavasoft
2011-11-04 15:24:37 -------- d-----w- C:\Program Files\Ragnarok Online
2011-11-03 23:49:47 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2011-10-31 06:55:07 -------- d--h--w- C:\Windows\msdownld.tmp
2011-10-31 06:55:07 -------- d-----w- C:\Windows\SysWow64\directx
2011-10-31 06:54:57 -------- d-----w- C:\Program Files (x86)\PCSX2 0.9.8
2011-10-29 23:18:40 -------- d-----w- C:\Program Files (x86)\uTorrent
2011-10-29 23:18:17 -------- d-----w- C:\Users\Jaime\AppData\Roaming\uTorrent
2011-10-29 23:18:17 -------- d-----w- C:\Users\Jaime\AppData\Local\uTorrent
2011-10-28 10:32:29 -------- d-----w- C:\Users\Jaime\AppData\Local\ESN Sonar
2011-10-27 22:17:49 -------- d-----w- C:\Program Files\AntiFreeze
2011-10-27 21:53:00 -------- d-----w- C:\Program Files (x86)\AnVir Task Manager Free
2011-10-27 21:52:52 -------- d-----w- C:\Users\Jaime\AppData\Local\AnVir
2011-10-27 13:53:26 -------- d-----w- C:\Users\Jaime\AppData\Local\ODUI
2011-10-27 13:53:16 -------- d-----w- C:\Users\Jaime\AppData\Roaming\Stardock
2011-10-27 13:53:11 -------- d-----w- C:\Users\Jaime\AppData\Local\Stardock
2011-10-27 13:53:07 -------- dc-h--w- C:\ProgramData\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
2011-10-27 13:53:05 -------- d-----w- C:\Program Files (x86)\Stardock
2011-10-27 13:52:55 -------- d-----w- C:\Users\Jaime\AppData\Local\PackageAware
2011-10-27 04:48:54 -------- d-----w- C:\Users\Jaime\AppData\Roaming\Mumble
2011-10-27 04:42:23 -------- d-----w- C:\Program Files (x86)\Mumble
2011-10-27 03:23:23 21992 ----a-w- C:\Windows\System32\drivers\cpuz135_x64.sys
2011-10-27 03:23:23 -------- d-----w- C:\Program Files\CPUID
2011-10-26 13:26:10 -------- d-----w- C:\Users\Jaime\AppData\Local\SKIDROW
2011-10-26 13:21:51 -------- d-----w- C:\Program Files (x86)\Bethesda Softworks
2011-10-26 12:59:02 -------- d-----w- C:\Program Files (x86)\Black_Box
2011-10-26 04:31:25 -------- d-----w- C:\Program Files (x86)\Microsoft ActiveSync
2011-10-26 04:23:22 -------- d-----w- C:\ProgramData\Nero
2011-10-26 04:23:22 -------- d-----w- C:\Program Files (x86)\Nero
2011-10-26 04:18:45 -------- d-----w- C:\Program Files (x86)\VideoLAN
2011-10-26 03:51:07 -------- d-----w- C:\Windows\Panther
2011-10-26 03:06:44 -------- d-----w- C:\Windows.old
2011-10-26 00:08:42 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins
2011-10-26 00:02:26 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-10-26 00:02:22 -------- d-----w- C:\Users\Jaime\AppData\Local\PunkBuster
2011-10-26 00:02:05 -------- d-----w- C:\ProgramData\EA Core
2011-10-26 00:00:12 450048 ----a-w- C:\Windows\System32\drivers\rtl8187B.sys
2011-10-26 00:00:12 448512 ----a-w- C:\Windows\System32\drivers\rtl8187.sys
2011-10-26 00:00:10 614400 ----a-w- C:\Windows\SysWow64\Rtlihvs.dll
2011-10-26 00:00:10 380928 ----a-w- C:\Windows\RtlUI2.exe
2011-10-26 00:00:10 188416 ----a-w- C:\Windows\SysWow64\RTLExtUI.dll
2011-10-26 00:00:09 451072 ----a-w- C:\Windows\SysWow64\ISSRemoveSP.exe
2011-10-26 00:00:09 -------- d-----w- C:\Program Files (x86)\REALTEK
2011-10-25 23:10:58 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2011-10-25 23:10:34 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-10-25 23:10:34 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-10-25 23:10:30 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-10-25 22:26:11 -------- d-----w- C:\Users\Jaime\AppData\Roaming\Origin
2011-10-25 22:26:10 -------- d-----w- C:\Users\Jaime\AppData\Local\Origin
2011-10-25 22:26:02 -------- d-----w- C:\ProgramData\Origin
2011-10-25 22:26:01 -------- d-----w- C:\ProgramData\Electronic Arts
2011-10-25 22:26:01 -------- d-----w- C:\Program Files (x86)\Origin Games
2011-10-25 22:25:52 -------- d-----w- C:\Program Files (x86)\Origin
2011-10-25 22:20:59 65368 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-10-25 22:20:59 601944 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-10-25 22:20:54 41184 ----a-w- C:\Windows\avastSS.scr
2011-10-25 14:35:55 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-25 14:00:23 -------- d-----w- C:\Users\Jaime\AppData\Local\Google
2011-10-25 13:58:25 -------- d-----w- C:\ProgramData\AVAST Software
2011-10-25 13:58:24 -------- d-----w- C:\Program Files\AVAST Software
2011-10-25 13:56:22 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2011-10-25 13:56:21 -------- d-----w- C:\Program Files (x86)\Steam
2011-10-25 13:29:38 -------- d-----w- C:\Program Files (x86)\ACD Systems
2011-10-25 13:22:29 601088 ----a-w- C:\Windows\System32\VMAPO64.DLL
2011-10-25 13:21:54 414632 ------w- C:\Windows\difxapi.dll
2011-10-25 13:21:54 -------- d-----w- C:\Program Files (x86)\VIA
2011-10-25 13:21:04 -------- d-----w- C:\Users\Jaime\AppData\Local\AMD
2011-10-25 13:20:24 -------- d-----w- C:\Users\Jaime\AppData\Local\ATI
2011-10-25 13:18:39 0 ----a-w- C:\Windows\ativpsrm.bin
2011-10-25 13:04:33 -------- d-----w- C:\ProgramData\AMD
2011-10-25 13:04:13 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
2011-10-25 12:58:56 -------- d-----w- C:\Program Files\ATI
2011-10-25 12:51:58 -------- d-----w- C:\Program Files\NVIDIA Corporation
2011-10-25 12:51:18 -------- d-sh--w- C:\Windows\Installer
2011-10-25 12:50:32 702976 ----a-r- C:\Windows\System32\cohelper.dll
2011-10-25 12:50:32 5940 ----a-r- C:\Windows\System32\drivers\nvphy.bin
2011-10-25 12:50:29 899584 ----a-w- C:\Windows\System32\fdco1.dll
2011-10-25 12:50:29 339360 ----a-w- C:\Windows\System32\drivers\nvmf6264.sys
2011-10-25 12:50:29 159232 ----a-w- C:\Windows\System32\nvconrm.dll
2011-10-25 12:50:22 506400 ----a-w- C:\Windows\System32\NVUNINST.EXE
2011-10-25 12:47:23 -------- d-----w- C:\Users\Jaime\AppData\Local\VirtualStore
2011-10-25 12:43:13 -------- d-sh--w- C:\Recovery
2011-10-25 11:04:23 -------- d-sh--w- C:\Boot
2011-10-22 00:18:52 -------- d-----w- C:\AMD
2011-10-19 14:14:52 59904 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-10-19 02:33:15 -------- d-----w- C:\ATI
2011-10-07 05:21:40 10207232 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-10-07 03:47:08 24996864 ----a-w- C:\Windows\System32\atio6axx.dll
2011-10-07 03:33:56 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-10-07 03:33:44 736768 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-10-07 03:32:12 867328 ----a-w- C:\Windows\System32\aticfx64.dll
2011-10-07 03:29:24 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-10-07 03:29:10 487936 ----a-w- C:\Windows\System32\atieclxx.exe
2011-10-07 03:28:34 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-10-07 03:27:18 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-10-07 03:27:00 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-10-07 03:26:54 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-10-07 03:26:42 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-10-07 03:26:36 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2011-10-07 03:26:32 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-10-07 03:26:26 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-10-07 03:25:04 18836992 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-10-07 03:23:22 4231680 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-10-07 03:12:56 4960768 ----a-w- C:\Windows\System32\atidxx64.dll
2011-10-07 03:01:18 4289024 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-10-07 02:54:32 5431808 ----a-w- C:\Windows\System32\atiumd64.dll
2011-10-07 02:53:10 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-10-07 02:53:08 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-10-07 02:52:58 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-10-07 02:52:56 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-10-07 02:52:46 9809920 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-10-07 02:49:02 8390656 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-10-07 02:46:48 479744 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-10-07 02:46:40 335872 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-10-07 02:46:26 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-10-07 02:46:22 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-10-07 02:46:22 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-10-07 02:46:18 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-10-07 02:46:10 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-10-07 02:46:02 317952 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-10-07 02:45:12 40960 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-10-07 02:45:06 31744 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-10-07 02:45:00 38912 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-10-07 02:44:52 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-10-07 02:44:18 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-10-07 02:43:32 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-10-07 02:42:56 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-10-07 02:42:44 4023296 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-10-07 02:31:52 4174848 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-10-07 02:22:22 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-10-07 02:14:06 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2011-10-07 02:14:06 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-10-07 02:14:00 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-10-07 02:14:00 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
.
==================== Find3M ====================
.
2011-10-06 14:30:54 66048 ----a-w- C:\Windows\System32\OpenVideo64.dll
2011-10-06 14:30:48 56832 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2011-10-06 14:30:36 16787456 ----a-w- C:\Windows\System32\amdocl64.dll
2011-10-06 14:29:54 13753856 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-10-06 14:29:04 51200 ----a-w- C:\Windows\System32\OpenCL.dll
2011-10-06 14:29:00 43520 ----a-w- C:\Windows\SysWow64\OpenCL.dll
.
============= FINISH: 7:47:57.82 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
.
==== Disk Partitions =========================
.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
µTorrent
ACDSee Trial Version
Ad-Aware
Adobe Flash Player 10 Plugin
AMD VISION Engine Control Center
AnVir Task Manager Free
avast! Free Antivirus
Battlefield 3™
Battlelog Web Plugins
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
DC Universe Online
ESN Sonar
Google Chrome
Google Update Helper
HydraVision
Internet Download Manager
LightScribe System Software
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft Office XP Professional with FrontPage
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox (3.5.6)
Mumble 1.2.3
Nero 8 Essentials
neroxml
NVIDIA ForceWare Network Access Manager
ObjectDock Free
Origin
PCSX2 - Playstation 2 Emulator
Platform
PunkBuster Services
REALTEK Wireless LAN Driver and Utility
Spybot - Search & Destroy
Steam
VCRedistSetup
VIA Platform Device Manager
VLC media player 1.1.11
WinRAR archiver
.
==== End Of File ===========================
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan:


On completion of the scan click "Save log", save it to your desktop and post in your next reply:


NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

=================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode (How to...)

2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
Ok done. Will update if I hear the sound again. here are the logs :)


aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-06 09:40:39
-----------------------------
09:40:39.825 OS Version: Windows x64 6.1.7601 Service Pack 1
09:40:39.825 Number of processors: 4 586 0x403
09:40:39.825 ComputerName: JAIME-PC UserName: Jaime
09:40:41.012 Initialize success
09:40:41.528 AVAST engine defs: 11110503
09:40:42.559 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000067
09:40:42.559 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
09:40:44.622 Disk 0 MBR read successfully
09:40:44.622 Disk 0 MBR scan
09:40:44.622 Disk 0 Windows 7 default MBR code
09:40:44.637 Service scanning
09:40:46.985 Modules scanning
09:40:46.985 Disk 0 trace - called modules:
09:40:47.001 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor.sys
09:40:47.001 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800474b060]
09:40:47.001 3 CLASSPNP.SYS[fffff8800196743f] -> nt!IofCallDriver -> [0xfffffa800365cab0]
09:40:47.001 5 ACPI.sys[fffff88000e7d7a1] -> nt!IofCallDriver -> \Device\00000067[0xfffffa80037d9060]
09:40:47.313 AVAST engine scan C:\Windows
09:40:51.129 AVAST engine scan C:\Windows\system32
09:42:06.630 AVAST engine scan C:\Windows\system32\drivers
09:42:14.630 AVAST engine scan C:\Users\Jaime
09:44:16.406 AVAST engine scan C:\ProgramData
09:44:44.751 Scan finished successfully
09:46:29.844 Disk 0 MBR has been saved successfully to "C:\Users\Jaime\Documents\SHOW THESE\next\MBR.dat"
09:46:29.844 The log file has been saved successfully to "C:\Users\Jaime\Documents\SHOW THESE\next\aswMBR.txt"


ComboFix 11-11-05.03 - Jaime 11/06/2011 9:57.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.63.1033.18.4095.1803 [GMT 8:00]
Running from: c:\users\Jaime\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Jaime\AppData\Local\Temp\7zS692E\HPSLPSVC64.DLL
c:\users\Jaime\AppData\Roaming\IDM\idmmzcc3
c:\users\Jaime\AppData\Roaming\IDM\idmmzcc3\chrome.manifest
c:\users\Jaime\AppData\Roaming\IDM\idmmzcc3\chrome\idmmzcc.jar
c:\users\Jaime\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
c:\users\Jaime\AppData\Roaming\IDM\idmmzcc3\components\iIDMMzCC.xpt
c:\users\Jaime\AppData\Roaming\IDM\idmmzcc3\install.js
c:\users\Jaime\AppData\Roaming\IDM\idmmzcc3\install.rdf
c:\users\Jaime\AppData\Roaming\IDM\idmmzcc3\META-INF\manifest.mf
c:\users\Jaime\AppData\Roaming\IDM\idmmzcc3\META-INF\zigbert.rsa
c:\users\Jaime\AppData\Roaming\IDM\idmmzcc3\META-INF\zigbert.sf
c:\users\Jaime\Desktop\Smart Virus Remover.lnk
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HPSLPSVC
.
.
((((((((((((((((((((((((( Files Created from 2011-10-06 to 2011-11-06 )))))))))))))))))))))))))))))))
.
.
2011-11-06 02:03 . 2011-11-06 02:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-05 12:08 . 2011-11-05 22:44 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-11-05 12:08 . 2011-11-05 12:29 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-11-05 10:31 . 2011-11-05 10:31 -------- d-----w- c:\programdata\ATI
2011-11-05 10:29 . 2011-11-05 10:29 -------- d-----w- c:\program files (x86)\AMD APP
2011-11-05 10:29 . 2011-11-05 10:29 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-11-05 10:28 . 2011-11-05 10:28 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-11-05 10:27 . 2011-11-05 10:28 -------- d-----w- c:\program files\ATI Technologies
2011-11-05 09:07 . 2011-11-05 09:07 -------- d-----w- c:\programdata\Malwarebytes
2011-11-05 09:07 . 2011-11-05 09:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-11-05 09:07 . 2011-08-31 09:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-05 08:09 . 2011-11-05 08:09 -------- d-----w- c:\program files (x86)\Smart Virus Remover
2011-11-05 03:56 . 2011-11-05 00:50 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-11-05 00:50 . 2011-11-05 00:50 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-11-05 00:26 . 2011-11-05 00:26 -------- dc----w- c:\windows\system32\DRVSTORE
2011-11-05 00:26 . 2011-11-03 04:06 69376 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-11-05 00:26 . 2011-11-05 00:26 -------- d-----w- c:\program files (x86)\Lavasoft
2011-11-05 00:26 . 2011-11-05 00:26 -------- d-----w- c:\programdata\Lavasoft
2011-11-04 15:24 . 2011-11-05 03:56 -------- d-----w- c:\program files\Ragnarok Online
2011-11-03 23:49 . 2011-11-05 10:29 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-10-31 06:55 . 2011-10-31 06:55 -------- d--h--w- c:\windows\msdownld.tmp
2011-10-31 06:54 . 2011-10-31 06:55 -------- d-----w- c:\program files (x86)\PCSX2 0.9.8
2011-10-29 23:18 . 2011-10-29 23:18 -------- d-----w- c:\program files (x86)\uTorrent
2011-10-27 22:17 . 2011-10-27 22:17 -------- d-----w- c:\program files\AntiFreeze
2011-10-27 21:53 . 2011-10-27 21:53 -------- d-----w- c:\program files (x86)\AnVir Task Manager Free
2011-10-27 13:53 . 2011-10-27 13:53 -------- dc-h--w- c:\programdata\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
2011-10-27 13:53 . 2011-10-27 13:53 -------- d-----w- c:\program files (x86)\Stardock
2011-10-27 04:42 . 2011-10-27 04:42 -------- d-----w- c:\program files (x86)\Mumble
2011-10-27 03:23 . 2011-10-27 03:23 -------- d-----w- c:\program files\CPUID
2011-10-27 03:23 . 2010-11-09 07:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x64.sys
2011-10-26 13:21 . 2011-10-26 13:21 -------- d-----w- c:\program files (x86)\Bethesda Softworks
2011-10-26 12:59 . 2011-10-26 13:27 -------- d-----w- c:\program files (x86)\Black_Box
2011-10-26 04:31 . 2011-10-26 04:31 -------- d-----w- c:\program files (x86)\Microsoft ActiveSync
2011-10-26 04:26 . 2011-10-26 04:26 -------- d-----w- c:\program files (x86)\Common Files\LightScribe
2011-10-26 04:23 . 2011-10-26 04:25 -------- d-----w- c:\program files (x86)\Common Files\Nero
2011-10-26 04:23 . 2011-10-26 04:23 -------- d-----w- c:\programdata\Nero
2011-10-26 04:23 . 2011-10-26 04:23 -------- d-----w- c:\program files (x86)\Nero
2011-10-26 04:18 . 2011-10-26 04:18 -------- d-----w- c:\program files (x86)\VideoLAN
2011-10-26 03:51 . 2011-10-25 12:44 -------- d-----w- c:\windows\Panther
2011-10-26 03:06 . 2011-10-25 14:05 -------- d-----w- C:\Windows.old
2011-10-26 00:08 . 2011-11-04 15:18 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2011-10-26 00:02 . 2011-11-05 04:24 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-10-26 00:02 . 2011-10-26 00:02 -------- d-----w- c:\programdata\EA Core
2011-10-26 00:00 . 2010-03-31 03:10 450048 ----a-w- c:\windows\system32\drivers\rtl8187B.sys
2011-10-26 00:00 . 2010-01-07 03:20 448512 ----a-w- c:\windows\system32\drivers\rtl8187.sys
2011-10-26 00:00 . 2009-04-02 02:27 188416 ----a-w- c:\windows\SysWow64\RTLExtUI.dll
2011-10-26 00:00 . 2009-03-31 06:31 380928 ----a-w- c:\windows\RtlUI2.exe
2011-10-26 00:00 . 2008-07-01 04:31 614400 ----a-w- c:\windows\SysWow64\Rtlihvs.dll
2011-10-26 00:00 . 2011-10-26 00:00 -------- d-----w- c:\program files (x86)\REALTEK
2011-10-26 00:00 . 2010-12-01 01:31 451072 ----a-w- c:\windows\SysWow64\ISSRemoveSP.exe
2011-10-25 23:10 . 2011-10-25 23:10 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2011-10-25 23:10 . 2011-11-05 04:24 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-10-25 23:10 . 2011-11-05 00:46 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-10-25 23:10 . 2011-10-26 01:37 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-10-25 22:26 . 2011-10-26 00:01 -------- d-----w- c:\programdata\Origin
2011-10-25 22:26 . 2011-10-26 00:02 -------- d-----w- c:\programdata\Electronic Arts
2011-10-25 22:26 . 2011-10-25 22:47 -------- d-----w- c:\program files (x86)\Origin Games
2011-10-25 22:25 . 2011-10-25 22:37 -------- d-----w- c:\program files (x86)\Origin
2011-10-25 22:21 . 2011-09-06 20:38 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-25 22:21 . 2011-09-06 20:36 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-25 22:20 . 2011-09-06 20:38 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-25 22:20 . 2011-09-06 20:36 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-25 22:20 . 2011-09-06 20:36 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-25 22:20 . 2011-09-06 20:36 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-10-25 22:20 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-25 22:20 . 2011-09-06 20:45 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-10-25 14:35 . 2011-10-25 14:35 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-25 14:35 . 2011-10-25 14:35 -------- d-----w- c:\windows\SysWow64\Macromed
2011-10-25 14:00 . 2011-10-25 14:40 -------- d-----w- c:\program files (x86)\Google
2011-10-25 14:00 . 2011-09-06 20:45 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-25 13:58 . 2011-10-25 22:20 -------- d-----w- c:\programdata\AVAST Software
2011-10-25 13:58 . 2011-10-25 13:58 -------- d-----w- c:\program files\AVAST Software
2011-10-25 13:56 . 2011-11-05 07:53 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-10-25 13:56 . 2011-11-06 01:15 -------- d-----w- c:\program files (x86)\Steam
2011-10-25 13:29 . 2011-10-25 13:29 -------- d-----w- c:\program files (x86)\ACD Systems
2011-10-25 13:27 . 2011-10-25 13:28 -------- d-----w- c:\program files (x86)\Internet Download Manager
2011-10-25 13:21 . 2011-10-25 14:22 -------- d-----w- c:\program files (x86)\VIA
2011-10-25 13:21 . 2007-04-11 07:35 414632 ------w- c:\windows\difxapi.dll
2011-10-25 13:21 . 2011-10-25 13:21 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2011-10-25 13:18 . 2011-10-25 13:18 0 ----a-w- c:\windows\ativpsrm.bin
2011-10-25 13:04 . 2011-11-05 10:28 -------- d-----w- c:\programdata\AMD
2011-10-25 13:04 . 2010-02-18 01:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2011-10-25 12:58 . 2011-10-25 12:58 -------- d-----w- c:\program files\ATI
2011-10-25 12:52 . 2011-10-26 00:00 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-10-25 12:51 . 2011-10-25 12:51 -------- d-----w- c:\program files\NVIDIA Corporation
2011-10-25 12:51 . 2011-11-05 10:29 -------- d-sh--w- c:\windows\Installer
2011-10-25 12:50 . 2009-04-30 04:46 702976 ----a-r- c:\windows\system32\cohelper.dll
2011-10-25 12:50 . 2009-04-28 21:27 5940 ----a-r- c:\windows\system32\drivers\nvphy.bin
2011-10-25 12:50 . 2009-04-30 05:06 339360 ----a-w- c:\windows\system32\drivers\nvmf6264.sys
2011-10-25 12:50 . 2009-04-30 04:46 899584 ----a-w- c:\windows\system32\fdco1.dll
2011-10-25 12:50 . 2009-04-28 16:46 159232 ----a-w- c:\windows\system32\nvconrm.dll
2011-10-25 12:50 . 2009-04-26 01:32 506400 ----a-w- c:\windows\system32\NVUNINST.EXE
2011-10-25 12:44 . 2011-10-25 13:56 -------- d-----w- c:\users\Jaime
2011-10-25 12:43 . 2011-10-25 12:43 -------- d-----w- C:\Recovery
2011-10-25 11:04 . 2011-10-26 03:50 -------- d-----w- C:\Boot
2011-10-22 00:18 . 2011-10-25 12:55 -------- d-----w- C:\AMD
2011-10-19 14:14 . 2011-10-19 14:14 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-10-19 02:33 . 2011-10-19 02:33 -------- d-----w- C:\ATI
2011-10-07 05:21 . 2011-10-07 05:21 10207232 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-10-07 03:47 . 2011-10-07 03:47 24996864 ----a-w- c:\windows\system32\atio6axx.dll
2011-10-07 03:33 . 2011-10-07 03:33 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-10-07 03:33 . 2011-10-07 03:33 736768 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-10-07 03:32 . 2011-10-07 03:32 867328 ----a-w- c:\windows\system32\aticfx64.dll
2011-10-07 03:29 . 2011-10-07 03:29 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-10-07 03:29 . 2011-10-07 03:29 487936 ----a-w- c:\windows\system32\atieclxx.exe
2011-10-07 03:28 . 2011-10-07 03:28 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-10-07 03:27 . 2011-10-07 03:27 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-10-07 03:27 . 2011-10-07 03:27 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-10-07 03:26 . 2011-10-07 03:26 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-10-07 03:26 . 2011-10-07 03:26 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-10-07 03:26 . 2011-10-07 03:26 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-10-07 03:26 . 2011-10-07 03:26 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-10-07 03:26 . 2011-10-07 03:26 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-10-07 03:25 . 2011-10-07 03:25 18836992 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-10-07 03:23 . 2011-10-07 03:23 4231680 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-10-07 03:12 . 2011-10-07 03:12 4960768 ----a-w- c:\windows\system32\atidxx64.dll
2011-10-07 03:01 . 2011-10-07 03:01 4289024 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-10-07 02:54 . 2011-10-07 02:54 5431808 ----a-w- c:\windows\system32\atiumd64.dll
2011-10-07 02:53 . 2011-10-07 02:53 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-10-07 02:53 . 2011-10-07 02:53 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-10-07 02:52 . 2011-10-07 02:52 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-10-07 02:52 . 2011-10-07 02:52 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-10-07 02:52 . 2011-10-07 02:52 9809920 ----a-w- c:\windows\system32\aticaldd64.dll
2011-10-07 02:49 . 2011-10-07 02:49 8390656 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-10-07 02:46 . 2011-10-07 02:46 479744 ----a-w- c:\windows\system32\atiadlxx.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-06 14:30 . 2011-10-06 14:30 66048 ----a-w- c:\windows\system32\OpenVideo64.dll
2011-10-06 14:30 . 2011-10-06 14:30 56832 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2011-10-06 14:30 . 2011-10-06 14:30 16787456 ----a-w- c:\windows\system32\amdocl64.dll
2011-10-06 14:29 . 2011-10-06 14:29 13753856 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-10-06 14:29 . 2011-10-06 14:29 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-06 14:29 . 2011-10-06 14:29 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-10-29 641400]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2011-10-25 1242448]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-03-17 2387968]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2011-10-25 3171760]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2011-10-20 28651144]
"AnVir Task Manager Free"="c:\program files (x86)\AnVir Task Manager Free\AnVir.exe" [2009-09-28 1581280]
"AntiFreeze"="c:\program files\AntiFreeze\AntiFreeze.exe" [2007-12-16 139776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-06 343168]
"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-10 2221352]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-21 2583040]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
c:\users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDockFree\ObjectDock.exe [2010-10-7 3768176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-25 136176]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-25 136176]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-11-03 2152152]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-10-06 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-23 55424]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\REALTEK\Wireless LAN Utility\RtlService.exe [2010-04-16 36864]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-03-17 05:14 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-25 14:32]
.
2011-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-25 14:32]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF8633.3XE" [2010-11-21 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
TCP: Interfaces\{A25C20DD-909D-442E-8477-39459A156D11}: NameServer = 210.4.2.61 202.78.97.41
FF - ProfilePath - c:\users\Jaime\AppData\Roaming\Mozilla\Firefox\Profiles\g4am3xke.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\SysWOW64\IoctlSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\REALTEK\Wireless LAN Utility\RtWlan.exe
c:\program files (x86)\REALTEK\Wireless LAN Utility\RTLDHCP.exe
.
**************************************************************************
.
Completion time: 2011-11-06 10:09:54 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-06 02:09
.
Pre-Run: 21,325,860,864 bytes free
Post-Run: 21,065,019,392 bytes free
.
- - End Of File - - 8370B4458A0D6C33FB3813250D84C5F1
 
Combofix log looks clean.

You're running two AV programs, Lavasoft Ad-Watch Live! Anti-Virus and Avast.
One of them has to go.
I suggest Lavasoft goes.

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
Uninstalled Adaware and here is the log


10:50:16.0823 2120 TDSS rootkit removing tool 2.6.15.0 Nov 3 2011 17:15:49
10:50:17.0527 2120 ============================================================
10:50:17.0527 2120 Current date / time: 2011/11/06 10:50:17.0527
10:50:17.0527 2120 SystemInfo:
10:50:17.0527 2120
10:50:17.0527 2120 OS Version: 6.1.7601 ServicePack: 1.0
10:50:17.0527 2120 Product type: Workstation
10:50:17.0528 2120 ComputerName: JAIME-PC
10:50:17.0528 2120 UserName: Jaime
10:50:17.0528 2120 Windows directory: C:\Windows
10:50:17.0528 2120 System windows directory: C:\Windows
10:50:17.0528 2120 Running under WOW64
10:50:17.0528 2120 Processor architecture: Intel x64
10:50:17.0528 2120 Number of processors: 4
10:50:17.0528 2120 Page size: 0x1000
10:50:17.0528 2120 Boot type: Normal boot
10:50:17.0528 2120 ============================================================
10:50:18.0709 2120 Initialize success
10:50:20.0412 3556 ============================================================
10:50:20.0412 3556 Scan started
10:50:20.0412 3556 Mode: Manual;
10:50:20.0412 3556 ============================================================
10:50:21.0193 3556 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:50:21.0193 3556 1394ohci - ok
10:50:21.0240 3556 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:50:21.0240 3556 ACPI - ok
10:50:21.0255 3556 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:50:21.0255 3556 AcpiPmi - ok
10:50:21.0302 3556 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
10:50:21.0302 3556 adp94xx - ok
10:50:21.0349 3556 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
10:50:21.0349 3556 adpahci - ok
10:50:21.0365 3556 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
10:50:21.0365 3556 adpu320 - ok
10:50:21.0427 3556 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
10:50:21.0427 3556 AFD - ok
10:50:21.0474 3556 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:50:21.0474 3556 agp440 - ok
10:50:21.0505 3556 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:50:21.0505 3556 aliide - ok
10:50:21.0584 3556 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:50:21.0584 3556 amdide - ok
10:50:21.0630 3556 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
10:50:21.0630 3556 amdiox64 - ok
10:50:21.0662 3556 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
10:50:21.0662 3556 AmdK8 - ok
10:50:21.0849 3556 amdkmdag (43bd304bb9f43973a75b37c6d7c88a83) C:\Windows\system32\DRIVERS\atikmdag.sys
10:50:21.0896 3556 amdkmdag - ok
10:50:21.0959 3556 amdkmdap (783f10e1cb8503b556e5a9df0a264031) C:\Windows\system32\DRIVERS\atikmpag.sys
10:50:21.0959 3556 amdkmdap - ok
10:50:22.0005 3556 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:50:22.0005 3556 AmdPPM - ok
10:50:22.0037 3556 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
10:50:22.0037 3556 amdsata - ok
10:50:22.0084 3556 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
10:50:22.0084 3556 amdsbs - ok
10:50:22.0099 3556 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
10:50:22.0099 3556 amdxata - ok
10:50:22.0287 3556 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:50:22.0287 3556 AODDriver4.01 - ok
10:50:22.0334 3556 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:50:22.0334 3556 AppID - ok
10:50:22.0380 3556 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
10:50:22.0380 3556 arc - ok
10:50:22.0396 3556 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
10:50:22.0396 3556 arcsas - ok
10:50:22.0459 3556 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys
10:50:22.0459 3556 aswFsBlk - ok
10:50:22.0505 3556 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys
10:50:22.0505 3556 aswMonFlt - ok
10:50:22.0521 3556 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys
10:50:22.0537 3556 aswRdr - ok
10:50:22.0552 3556 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys
10:50:22.0552 3556 aswSnx - ok
10:50:22.0584 3556 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys
10:50:22.0584 3556 aswSP - ok
10:50:22.0599 3556 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys
10:50:22.0599 3556 aswTdi - ok
10:50:22.0630 3556 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:50:22.0630 3556 AsyncMac - ok
10:50:22.0677 3556 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:50:22.0677 3556 atapi - ok
10:50:22.0740 3556 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
10:50:22.0740 3556 AtiHDAudioService - ok
10:50:22.0818 3556 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
10:50:22.0818 3556 b06bdrv - ok
10:50:22.0834 3556 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:50:22.0834 3556 b57nd60a - ok
10:50:22.0865 3556 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:50:22.0865 3556 Beep - ok
10:50:22.0927 3556 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:50:22.0927 3556 blbdrive - ok
10:50:22.0943 3556 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
10:50:22.0943 3556 bowser - ok
10:50:22.0959 3556 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
10:50:22.0959 3556 BrFiltLo - ok
10:50:22.0974 3556 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
10:50:22.0974 3556 BrFiltUp - ok
10:50:22.0990 3556 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:50:22.0990 3556 Brserid - ok
10:50:23.0005 3556 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:50:23.0005 3556 BrSerWdm - ok
10:50:23.0052 3556 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:50:23.0068 3556 BrUsbMdm - ok
10:50:23.0146 3556 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:50:23.0146 3556 BrUsbSer - ok
10:50:23.0162 3556 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
10:50:23.0162 3556 BTHMODEM - ok
10:50:23.0193 3556 catchme - ok
10:50:23.0224 3556 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:50:23.0224 3556 cdfs - ok
10:50:23.0271 3556 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
10:50:23.0271 3556 cdrom - ok
10:50:23.0302 3556 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
10:50:23.0302 3556 circlass - ok
10:50:23.0349 3556 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:50:23.0349 3556 CLFS - ok
10:50:23.0396 3556 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
10:50:23.0396 3556 CmBatt - ok
10:50:23.0412 3556 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:50:23.0412 3556 cmdide - ok
10:50:23.0427 3556 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
10:50:23.0443 3556 CNG - ok
10:50:23.0474 3556 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
10:50:23.0474 3556 Compbatt - ok
10:50:23.0505 3556 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
10:50:23.0505 3556 CompositeBus - ok
10:50:23.0568 3556 cpuz135 (262969a3fab32b9e17e63e2d17a57744) C:\Windows\system32\drivers\cpuz135_x64.sys
10:50:23.0568 3556 cpuz135 - ok
10:50:23.0584 3556 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
10:50:23.0584 3556 crcdisk - ok
10:50:23.0646 3556 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
10:50:23.0662 3556 CSC - ok
10:50:23.0709 3556 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:50:23.0709 3556 DfsC - ok
10:50:23.0724 3556 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:50:23.0724 3556 discache - ok
10:50:23.0755 3556 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
10:50:23.0755 3556 Disk - ok
10:50:23.0787 3556 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
10:50:23.0787 3556 dmvsc - ok
10:50:23.0849 3556 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:50:23.0849 3556 drmkaud - ok
10:50:23.0880 3556 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:50:23.0880 3556 DXGKrnl - ok
10:50:23.0959 3556 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
10:50:23.0974 3556 ebdrv - ok
10:50:24.0005 3556 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
10:50:24.0005 3556 elxstor - ok
10:50:24.0021 3556 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:50:24.0021 3556 ErrDev - ok
10:50:24.0052 3556 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:50:24.0052 3556 exfat - ok
10:50:24.0084 3556 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:50:24.0084 3556 fastfat - ok
10:50:24.0115 3556 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
10:50:24.0115 3556 fdc - ok
10:50:24.0146 3556 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:50:24.0146 3556 FileInfo - ok
10:50:24.0162 3556 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:50:24.0162 3556 Filetrace - ok
10:50:24.0177 3556 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
10:50:24.0177 3556 flpydisk - ok
10:50:24.0193 3556 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:50:24.0209 3556 FltMgr - ok
10:50:24.0240 3556 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:50:24.0240 3556 FsDepends - ok
10:50:24.0255 3556 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:50:24.0255 3556 Fs_Rec - ok
10:50:24.0271 3556 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:50:24.0271 3556 fvevol - ok
10:50:24.0302 3556 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
10:50:24.0302 3556 gagp30kx - ok
10:50:24.0334 3556 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:50:24.0334 3556 hcw85cir - ok
10:50:24.0396 3556 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:50:24.0396 3556 HdAudAddService - ok
10:50:24.0443 3556 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:50:24.0443 3556 HDAudBus - ok
10:50:24.0443 3556 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
10:50:24.0443 3556 HidBatt - ok
10:50:24.0474 3556 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
10:50:24.0474 3556 HidBth - ok
10:50:24.0490 3556 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
10:50:24.0490 3556 HidIr - ok
10:50:24.0537 3556 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
10:50:24.0537 3556 HidUsb - ok
10:50:24.0552 3556 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:50:24.0552 3556 HpSAMD - ok
10:50:24.0599 3556 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:50:24.0599 3556 HTTP - ok
10:50:24.0646 3556 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:50:24.0646 3556 hwpolicy - ok
10:50:24.0677 3556 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
10:50:24.0677 3556 i8042prt - ok
10:50:24.0724 3556 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
10:50:24.0724 3556 iaStorV - ok
10:50:24.0755 3556 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
10:50:24.0755 3556 iirsp - ok
10:50:24.0771 3556 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:50:24.0771 3556 intelide - ok
10:50:24.0802 3556 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
10:50:24.0802 3556 intelppm - ok
10:50:24.0818 3556 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:50:24.0818 3556 IpFilterDriver - ok
10:50:24.0818 3556 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:50:24.0818 3556 IPMIDRV - ok
10:50:24.0834 3556 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:50:24.0834 3556 IPNAT - ok
10:50:24.0865 3556 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:50:24.0865 3556 IRENUM - ok
10:50:24.0880 3556 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:50:24.0880 3556 isapnp - ok
10:50:24.0912 3556 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:50:24.0912 3556 iScsiPrt - ok
10:50:24.0943 3556 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:50:24.0943 3556 kbdclass - ok
10:50:24.0974 3556 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
10:50:24.0974 3556 kbdhid - ok
10:50:24.0990 3556 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
10:50:24.0990 3556 KSecDD - ok
10:50:25.0005 3556 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
10:50:25.0005 3556 KSecPkg - ok
10:50:25.0021 3556 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:50:25.0021 3556 ksthunk - ok
10:50:25.0068 3556 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:50:25.0068 3556 lltdio - ok
10:50:25.0099 3556 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
10:50:25.0099 3556 LSI_FC - ok
10:50:25.0115 3556 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
10:50:25.0115 3556 LSI_SAS - ok
10:50:25.0130 3556 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
10:50:25.0130 3556 LSI_SAS2 - ok
10:50:25.0146 3556 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
10:50:25.0146 3556 LSI_SCSI - ok
10:50:25.0177 3556 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:50:25.0177 3556 luafv - ok
10:50:25.0224 3556 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
10:50:25.0224 3556 MBAMProtector - ok
10:50:25.0255 3556 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
10:50:25.0255 3556 megasas - ok
10:50:25.0287 3556 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
10:50:25.0287 3556 MegaSR - ok
10:50:25.0302 3556 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:50:25.0302 3556 Modem - ok
10:50:25.0334 3556 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:50:25.0334 3556 monitor - ok
10:50:25.0365 3556 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:50:25.0380 3556 mouclass - ok
10:50:25.0412 3556 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
10:50:25.0412 3556 mouhid - ok
10:50:25.0427 3556 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:50:25.0427 3556 mountmgr - ok
10:50:25.0459 3556 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:50:25.0459 3556 mpio - ok
10:50:25.0459 3556 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:50:25.0459 3556 mpsdrv - ok
10:50:25.0474 3556 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:50:25.0474 3556 MRxDAV - ok
10:50:25.0490 3556 mrxsmb (faf015b07e3a2874a790a39b7d2c579f) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:50:25.0490 3556 mrxsmb - ok
10:50:25.0505 3556 mrxsmb10 (08e2345df129082bcdffdc1440f9c00d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:50:25.0505 3556 mrxsmb10 - ok
10:50:25.0521 3556 mrxsmb20 (108d87409c5812ef47d81e22843e8c9d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:50:25.0521 3556 mrxsmb20 - ok
10:50:25.0537 3556 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:50:25.0537 3556 msahci - ok
10:50:25.0552 3556 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:50:25.0552 3556 msdsm - ok
10:50:25.0584 3556 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:50:25.0584 3556 Msfs - ok
10:50:25.0615 3556 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:50:25.0630 3556 mshidkmdf - ok
10:50:25.0646 3556 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:50:25.0646 3556 msisadrv - ok
10:50:25.0693 3556 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:50:25.0693 3556 MSKSSRV - ok
10:50:25.0740 3556 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:50:25.0740 3556 MSPCLOCK - ok
10:50:25.0771 3556 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:50:25.0771 3556 MSPQM - ok
10:50:25.0802 3556 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:50:25.0802 3556 MsRPC - ok
10:50:25.0818 3556 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
10:50:25.0818 3556 mssmbios - ok
10:50:25.0834 3556 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:50:25.0834 3556 MSTEE - ok
10:50:25.0849 3556 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
10:50:25.0849 3556 MTConfig - ok
10:50:25.0849 3556 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:50:25.0849 3556 Mup - ok
10:50:25.0912 3556 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:50:25.0912 3556 NativeWifiP - ok
10:50:25.0974 3556 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:50:25.0974 3556 NDIS - ok
10:50:26.0021 3556 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:50:26.0021 3556 NdisCap - ok
10:50:26.0068 3556 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:50:26.0068 3556 NdisTapi - ok
10:50:26.0130 3556 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:50:26.0130 3556 Ndisuio - ok
10:50:26.0130 3556 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:50:26.0130 3556 NdisWan - ok
10:50:26.0146 3556 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:50:26.0146 3556 NDProxy - ok
10:50:26.0209 3556 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:50:26.0209 3556 NetBIOS - ok
10:50:26.0224 3556 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:50:26.0224 3556 NetBT - ok
10:50:26.0271 3556 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
10:50:26.0271 3556 nfrd960 - ok
10:50:26.0318 3556 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:50:26.0318 3556 Npfs - ok
10:50:26.0349 3556 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:50:26.0349 3556 nsiproxy - ok
10:50:26.0427 3556 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
10:50:26.0427 3556 Ntfs - ok
10:50:26.0459 3556 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:50:26.0459 3556 Null - ok
10:50:26.0505 3556 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
10:50:26.0521 3556 NVENETFD - ok
10:50:26.0568 3556 NVNET (956a1f47826514c1ea0c295fe13c7377) C:\Windows\system32\DRIVERS\nvmf6264.sys
10:50:26.0568 3556 NVNET - ok
10:50:26.0599 3556 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
10:50:26.0599 3556 nvraid - ok
10:50:26.0630 3556 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
10:50:26.0630 3556 nvstor - ok
10:50:26.0630 3556 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:50:26.0630 3556 nv_agp - ok
10:50:26.0662 3556 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:50:26.0662 3556 ohci1394 - ok
10:50:26.0709 3556 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:50:26.0724 3556 Parport - ok
10:50:26.0724 3556 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
10:50:26.0724 3556 partmgr - ok
10:50:26.0740 3556 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:50:26.0740 3556 pci - ok
10:50:26.0771 3556 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:50:26.0771 3556 pciide - ok
10:50:26.0802 3556 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
10:50:26.0802 3556 pcmcia - ok
10:50:26.0818 3556 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:50:26.0818 3556 pcw - ok
10:50:26.0834 3556 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:50:26.0849 3556 PEAUTH - ok
10:50:26.0927 3556 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:50:26.0927 3556 PptpMiniport - ok
10:50:26.0943 3556 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
10:50:26.0943 3556 Processor - ok
10:50:27.0005 3556 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:50:27.0005 3556 Psched - ok
10:50:27.0052 3556 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
10:50:27.0052 3556 ql2300 - ok
10:50:27.0068 3556 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
10:50:27.0084 3556 ql40xx - ok
10:50:27.0099 3556 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:50:27.0099 3556 QWAVEdrv - ok
10:50:27.0115 3556 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:50:27.0115 3556 RasAcd - ok
10:50:27.0162 3556 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:50:27.0162 3556 RasAgileVpn - ok
10:50:27.0177 3556 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:50:27.0177 3556 Rasl2tp - ok
10:50:27.0193 3556 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:50:27.0193 3556 RasPppoe - ok
10:50:27.0224 3556 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:50:27.0224 3556 RasSstp - ok
10:50:27.0255 3556 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:50:27.0255 3556 rdbss - ok
10:50:27.0271 3556 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:50:27.0271 3556 rdpbus - ok
10:50:27.0287 3556 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:50:27.0287 3556 RDPCDD - ok
10:50:27.0334 3556 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
10:50:27.0334 3556 RDPDR - ok
10:50:27.0365 3556 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:50:27.0365 3556 RDPENCDD - ok
10:50:27.0380 3556 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:50:27.0380 3556 RDPREFMP - ok
10:50:27.0427 3556 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
10:50:27.0427 3556 RdpVideoMiniport - ok
10:50:27.0427 3556 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
10:50:27.0443 3556 RDPWD - ok
10:50:27.0474 3556 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:50:27.0474 3556 rdyboost - ok
10:50:27.0552 3556 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:50:27.0552 3556 rspndr - ok
10:50:27.0584 3556 RTL8187 (333224d4d25f9bcca488e08345083e1c) C:\Windows\system32\DRIVERS\rtl8187.sys
10:50:27.0584 3556 RTL8187 - ok
10:50:27.0615 3556 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
10:50:27.0615 3556 s3cap - ok
10:50:27.0630 3556 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:50:27.0646 3556 sbp2port - ok
10:50:27.0662 3556 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:50:27.0662 3556 scfilter - ok
10:50:27.0709 3556 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:50:27.0709 3556 secdrv - ok
10:50:27.0771 3556 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:50:27.0771 3556 Serenum - ok
10:50:27.0771 3556 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:50:27.0787 3556 Serial - ok
10:50:27.0818 3556 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
10:50:27.0818 3556 sermouse - ok
10:50:27.0849 3556 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:50:27.0849 3556 sffdisk - ok
10:50:27.0865 3556 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:50:27.0865 3556 sffp_mmc - ok
10:50:27.0880 3556 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:50:27.0880 3556 sffp_sd - ok
10:50:27.0912 3556 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
10:50:27.0912 3556 sfloppy - ok
10:50:27.0943 3556 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
10:50:27.0943 3556 SiSRaid2 - ok
10:50:27.0959 3556 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
10:50:27.0959 3556 SiSRaid4 - ok
10:50:27.0990 3556 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:50:27.0990 3556 Smb - ok
10:50:28.0037 3556 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:50:28.0037 3556 spldr - ok
10:50:28.0068 3556 srv (2098b8556d1cec2aca9a29cd479e3692) C:\Windows\system32\DRIVERS\srv.sys
10:50:28.0068 3556 srv - ok
10:50:28.0084 3556 srv2 (d0f73a42040f21f92fd314b42ac5c9e7) C:\Windows\system32\DRIVERS\srv2.sys
10:50:28.0084 3556 srv2 - ok
10:50:28.0099 3556 srvnet (2ba8f3250828ccdb4204ecf2c6f40b6a) C:\Windows\system32\DRIVERS\srvnet.sys
10:50:28.0099 3556 srvnet - ok
10:50:28.0255 3556 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
10:50:28.0255 3556 stexstor - ok
10:50:28.0334 3556 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
10:50:28.0334 3556 storflt - ok
10:50:28.0380 3556 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
10:50:28.0380 3556 storvsc - ok
10:50:28.0396 3556 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
10:50:28.0396 3556 swenum - ok
10:50:28.0443 3556 Synth3dVsc (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\synth3dvsc.sys
10:50:28.0443 3556 Synth3dVsc - ok
10:50:28.0490 3556 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
10:50:28.0505 3556 Tcpip - ok
10:50:28.0537 3556 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
10:50:28.0552 3556 TCPIP6 - ok
10:50:28.0584 3556 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:50:28.0584 3556 tcpipreg - ok
10:50:28.0615 3556 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:50:28.0615 3556 TDPIPE - ok
10:50:28.0630 3556 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
10:50:28.0630 3556 TDTCP - ok
10:50:28.0677 3556 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:50:28.0677 3556 tdx - ok
10:50:28.0709 3556 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
10:50:28.0709 3556 TermDD - ok
10:50:28.0740 3556 terminpt (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys
10:50:28.0740 3556 terminpt - ok
10:50:28.0771 3556 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:50:28.0771 3556 tssecsrv - ok
10:50:28.0802 3556 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:50:28.0802 3556 TsUsbFlt - ok
10:50:28.0802 3556 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
10:50:28.0802 3556 TsUsbGD - ok
10:50:28.0834 3556 tsusbhub (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys
10:50:28.0834 3556 tsusbhub - ok
10:50:28.0896 3556 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:50:28.0896 3556 tunnel - ok
10:50:28.0912 3556 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
10:50:28.0912 3556 uagp35 - ok
10:50:28.0943 3556 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:50:28.0943 3556 udfs - ok
10:50:28.0959 3556 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:50:28.0974 3556 uliagpkx - ok
10:50:29.0005 3556 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
10:50:29.0005 3556 umbus - ok
10:50:29.0021 3556 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
10:50:29.0021 3556 UmPass - ok
10:50:29.0037 3556 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys
10:50:29.0052 3556 usbccgp - ok
10:50:29.0068 3556 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:50:29.0068 3556 usbcir - ok
10:50:29.0084 3556 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\DRIVERS\usbehci.sys
10:50:29.0084 3556 usbehci - ok
10:50:29.0115 3556 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\DRIVERS\usbhub.sys
10:50:29.0115 3556 usbhub - ok
10:50:29.0146 3556 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
10:50:29.0146 3556 usbohci - ok
10:50:29.0193 3556 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:50:29.0193 3556 usbprint - ok
10:50:29.0209 3556 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:50:29.0209 3556 USBSTOR - ok
10:50:29.0224 3556 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
10:50:29.0224 3556 usbuhci - ok
10:50:29.0271 3556 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:50:29.0271 3556 vdrvroot - ok
10:50:29.0318 3556 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:50:29.0318 3556 vga - ok
10:50:29.0334 3556 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:50:29.0334 3556 VgaSave - ok
10:50:29.0334 3556 VGPU - ok
10:50:29.0365 3556 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:50:29.0365 3556 vhdmp - ok
10:50:29.0443 3556 VIAHdAudAddService (906a7c6b6659a650648cf21998270945) C:\Windows\system32\drivers\viahduaa.sys
10:50:29.0443 3556 VIAHdAudAddService - ok
10:50:29.0490 3556 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:50:29.0490 3556 viaide - ok
10:50:29.0537 3556 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
10:50:29.0537 3556 vmbus - ok
10:50:29.0552 3556 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
10:50:29.0552 3556 VMBusHID - ok
10:50:29.0568 3556 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:50:29.0568 3556 volmgr - ok
10:50:29.0584 3556 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:50:29.0584 3556 volmgrx - ok
10:50:29.0599 3556 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:50:29.0599 3556 volsnap - ok
10:50:29.0615 3556 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
10:50:29.0615 3556 vsmraid - ok
10:50:29.0646 3556 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
10:50:29.0646 3556 vwifibus - ok
10:50:29.0662 3556 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:50:29.0662 3556 vwififlt - ok
10:50:29.0677 3556 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
10:50:29.0677 3556 WacomPen - ok
10:50:29.0709 3556 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:50:29.0709 3556 WANARP - ok
10:50:29.0709 3556 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:50:29.0709 3556 Wanarpv6 - ok
10:50:29.0740 3556 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
10:50:29.0740 3556 Wd - ok
10:50:29.0771 3556 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:50:29.0771 3556 Wdf01000 - ok
10:50:29.0834 3556 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:50:29.0834 3556 WfpLwf - ok
10:50:29.0849 3556 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:50:29.0849 3556 WIMMount - ok
10:50:29.0880 3556 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:50:29.0880 3556 WmiAcpi - ok
10:50:29.0912 3556 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:50:29.0912 3556 ws2ifsl - ok
10:50:29.0943 3556 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:50:29.0943 3556 WudfPf - ok
10:50:29.0990 3556 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:50:29.0990 3556 WUDFRd - ok
10:50:30.0068 3556 xnacc (4a5ce13408945e525503b5f73d29b9c5) C:\Windows\system32\DRIVERS\xnacc.sys
10:50:30.0068 3556 xnacc - ok
10:50:30.0115 3556 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:50:30.0115 3556 \Device\Harddisk0\DR0 - ok
10:50:30.0115 3556 Boot (0x1200) (7a9b9c1ec6a3aacdd59c44beae061d30) \Device\Harddisk0\DR0\Partition0
10:50:30.0115 3556 \Device\Harddisk0\DR0\Partition0 - ok
10:50:30.0130 3556 Boot (0x1200) (0dad84adaeffc8707149c9c025a4b27e) \Device\Harddisk0\DR0\Partition1
10:50:30.0130 3556 \Device\Harddisk0\DR0\Partition1 - ok
10:50:30.0130 3556 ============================================================
10:50:30.0130 3556 Scan finished
10:50:30.0130 3556 ============================================================
10:50:30.0146 4708 Detected object count: 0
10:50:30.0146 4708 Actual detected object count: 0
 
Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
THE LATEST ONE


OTL Extras logfile created on: 11/6/2011 11:32:37 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jaime\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Republic of the Philippines | Language: ENP | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.65 Gb Available Physical Memory | 66.27% Memory free
8.00 Gb Paging File | 6.03 Gb Available in Paging File | 75.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 19.98 Gb Free Space | 13.40% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 8.45 Gb Free Space | 5.67% Space Free | Partition Type: NTFS
Drive E: | 3.78 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JAIME-PC | User Name: Jaime | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{36EAEAF0-CDC5-F32F-01D2-C7D01EF96472}" = AMD AVIVO64 Codecs
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7FA24ACE-BF20-5570-F94A-3AE540223771}" = AMD Catalyst Install Manager
"{B305CEFC-93A1-EF99-BFEF-CF7985E88D03}" = ccc-utility64
"{D0D59644-6282-D7C8-0EE3-4DDD7245C84C}" = AMD Media Foundation Decoders
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DDB6F0B2-7EF7-8FD3-0B37-9C42DC9E1C74}" = AMD Drag and Drop Transcoding
"{F5C71398-0779-7AF2-4C7A-B7E1E0A622A2}" = AMD Fuel
"AntiFreeze_is1" = AntiFreeze 1.01
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.18
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0DF70CB6-553A-4C57-8E6D-876322ECFB78}" = REALTEK Wireless LAN Driver and Utility
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22764EFF-300F-8F3D-564D-7A4C4662D120}" = CCC Help Polish
"{2894AAC3-9A08-FF3A-6737-41A6178D0A09}" = CCC Help Chinese Standard
"{2C13F8C1-570B-42A9-87B4-8C7903ECD602}" = ObjectDock Free
"{3536AD21-940C-D198-DD10-078011A5C13B}" = CCC Help Thai
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{49D87A8F-D04F-7749-DD32-BDBF9B24B232}" = CCC Help Finnish
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{660C748F-A503-B771-7BD6-2D7C5AA1DBB4}" = CCC Help Dutch
"{6E03FAB5-6253-58B8-B939-AA83F64C3278}" = CCC Help Swedish
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7A75AFE3-A0C3-951D-4804-54721360FF90}" = CCC Help Hungarian
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{7FD7FB8C-2C75-4A8E-A236-EB23C5CD1033}" = Nero 8 Essentials
"{8BD626B2-7EFA-73E5-D50F-5BEDD5D99F3D}" = HydraVision
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F218882-4CF1-F411-111A-B9B68770C0CE}" = CCC Help Czech
"{A1EF8DA8-E0CB-C805-4ACA-B7C028CF36F2}" = CCC Help Italian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F27D99-8478-C124-8978-09595FA9D805}" = CCC Help Portuguese
"{AAB0D88E-85D7-22CC-6935-0D2247152700}" = CCC Help French
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{C104E9E6-F21E-2762-FBF0-6FE820B2D739}" = CCC Help Korean
"{C5632631-95E3-4DAF-2EB1-487EBE04DE19}" = AMD VISION Engine Control Center
"{C95E964C-FCF4-13DB-1445-4FA8062271F8}" = CCC Help Spanish
"{D7A8C334-7974-54A4-6533-EB84D19D7133}" = CCC Help English
"{D89F00EB-7868-A817-D618-AA446C0D56B3}" = CCC Help Chinese Traditional
"{D9AB20FE-5267-7A1A-2064-8F18969DF88D}" = CCC Help German
"{DA45F8EC-4226-EA6A-4DA9-F1148F801BDA}" = CCC Help Russian
"{DA7747E1-1F8D-BBC5-BE66-00B21BE5B81B}" = CCC Help Turkish
"{DADEC9BB-66FC-A3E4-8BC9-83E73BA1B5B2}" = CCC Help Greek
"{DD0FDF02-6AA4-8C7D-AAB0-4C8C7207C0C1}" = CCC Help Japanese
"{E0D5CB1C-7D35-709E-7F58-6CF6FFC3D6B7}" = Catalyst Control Center Graphics Previews Common
"{EB20F561-2AF5-0368-E353-AF093FBBADC2}" = CCC Help Norwegian
"{ECDE16E7-E3FC-F094-F14D-0326D03B9D96}" = Catalyst Control Center InstallProxy
"{F38AF6F6-059C-C683-826F-00539526D86D}" = CCC Help Danish
"{FCD58710-F023-E26C-6373-79C72FED0B90}" = Catalyst Control Center Localization All
"ACDSee Trial Version" = ACDSee Trial Version
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnVir Task Manager Free" = AnVir Task Manager Free
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"Internet Download Manager" = Internet Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"ObjectDock Free" = ObjectDock Free
"Origin" = Origin
"pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
"PunkBusterSvc" = PunkBuster Services
"Steam App 24200" = DC Universe Online
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR archiver

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/5/2011 6:22:26 AM | Computer Name = Jaime-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "D:\OCT 25 BACKUP\My Documents\Downloads\Programs\SoftonicDownloader_for_hjsplit.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 11/5/2011 6:25:05 AM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/5/2011 6:30:38 AM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/5/2011 7:03:49 AM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/5/2011 6:38:35 PM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/5/2011 7:57:48 PM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/5/2011 9:39:49 PM | Computer Name = Jaime-PC | Source = Application Error | ID = 1000
Description = Faulting application name: hl2.exe, version: 0.0.0.0, time stamp:
0x4ea78f27 Faulting module name: filesystem_steam.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4ea790c9 Exception code: 0xc0000005 Fault offset: 0x6c9cf1e9 Faulting
process id: 0x1494 Faulting application start time: 0x01cc9c218ffc6eea Faulting application
path: c:\program files (x86)\steam\steamapps\jadariin2\team fortress 2\hl2.exe Faulting
module path: filesystem_steam.dll Report Id: 36b45df7-0818-11e1-9fe7-002522183aa8

Error - 11/5/2011 10:04:49 PM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/5/2011 10:22:36 PM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/5/2011 11:21:57 PM | Computer Name = Jaime-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Origin.exe, version: 8.3.1.9, time stamp:
0x4ea09629 Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp:
0x4ce7ba58 Exception code: 0xc0000374 Fault offset: 0x000ce653 Faulting process id:
0xb90 Faulting application start time: 0x01cc9c2af3a82306 Faulting application path:
C:\Program Files (x86)\Origin\Origin.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report
Id: 7b4eb06b-0826-11e1-9767-002522183aa8

[ System Events ]
Error - 11/5/2011 10:22:52 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001
Description =

Error - 11/5/2011 10:23:30 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 31004
Description =

Error - 11/5/2011 10:23:35 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 30013
Description =

Error - 11/5/2011 10:23:47 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 30013
Description =

Error - 11/5/2011 10:26:46 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001
Description =

Error - 11/5/2011 11:20:40 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 31004
Description =

Error - 11/5/2011 11:21:11 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001
Description =

Error - 11/5/2011 11:21:41 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 31004
Description =

Error - 11/5/2011 11:23:34 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001
Description =

Error - 11/5/2011 11:25:48 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001
Description =


< End of report >
 
OTL logfile created on: 11/6/2011 11:55:56 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jaime\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Republic of the Philippines | Language: ENP | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 58.42% Memory free
8.00 Gb Paging File | 5.77 Gb Available in Paging File | 72.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.04 Gb Total Space | 19.08 Gb Free Space | 12.80% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 8.45 Gb Free Space | 5.67% Space Free | Partition Type: NTFS
Drive E: | 3.78 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JAIME-PC | User Name: Jaime | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/06 11:29:39 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jaime\Downloads\OTL.exe
PRC - [2011/11/05 15:44:32 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/11/03 22:08:56 | 001,149,288 | ---- | M] (ESN Social Software AB) -- C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
PRC - [2011/10/26 16:10:47 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011/10/26 09:37:26 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/10/25 21:58:44 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/10/25 21:28:10 | 003,171,760 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2011/09/07 04:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/07 04:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/01/13 18:26:26 | 001,196,032 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\REALTEK\Wireless LAN Utility\RtWLan.exe
PRC - [2010/10/07 04:28:12 | 003,768,176 | ---- | M] (Stardock) -- C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
PRC - [2010/09/06 19:42:10 | 000,221,184 | ---- | M] (Realtek) -- C:\Program Files (x86)\REALTEK\Wireless LAN Utility\RTLDHCP.exe
PRC - [2010/04/16 16:10:58 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files (x86)\REALTEK\Wireless LAN Utility\RtlService.exe
PRC - [2009/10/15 17:51:51 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2009/09/29 01:37:54 | 001,581,280 | ---- | M] (AnVir Software) -- C:\Program Files (x86)\AnVir Task Manager Free\AnVir.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2006/12/19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/05 15:44:31 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011/11/05 15:44:26 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011/11/05 15:44:26 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011/11/05 15:44:26 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011/11/05 15:44:26 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011/10/26 16:10:46 | 000,420,920 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\ppgooglenaclpluginchrome.dll
MOD - [2011/10/26 16:10:45 | 003,702,840 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\pdf.dll
MOD - [2011/10/26 16:09:09 | 000,122,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\avutil-51.dll
MOD - [2011/10/26 16:09:07 | 000,222,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\avformat-53.dll
MOD - [2011/10/26 16:09:06 | 001,745,992 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\avcodec-53.dll
MOD - [2011/10/26 13:14:43 | 008,587,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\gcswf32.dll
MOD - [2011/02/19 13:47:14 | 000,129,192 | ---- | M] () -- C:\Program Files (x86)\Mumble\mumble_ol.dll
MOD - [2010/10/05 01:54:31 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockFree\zlib.dll
MOD - [2010/10/05 01:54:29 | 000,807,936 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockFree\CrashRpt.dll
MOD - [2010/10/05 01:54:29 | 000,675,840 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockFree\DockShellHook.dll
MOD - [2010/10/05 01:54:22 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockFree\Docklets\Clock\Clock.dll
MOD - [2009/03/17 11:09:56 | 007,331,840 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2009/03/17 11:09:56 | 002,023,424 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2009/03/17 11:09:42 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/10/07 11:28:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/10/06 23:27:18 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/09/07 04:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 09:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/04/19 08:34:48 | 000,625,184 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM))
SRV:64bit: - [2009/04/19 08:34:48 | 000,207,904 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2011/11/05 15:44:32 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/10/26 09:37:26 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/04/16 16:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files (x86)\REALTEK\Wireless LAN Utility\RtlService.exe -- (Realtek11nSU)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2006/12/19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/10/07 13:21:40 | 010,207,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/07 10:46:02 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/07 04:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/09/07 04:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/09/07 04:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/09/07 04:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/09/07 04:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/09/07 04:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/06/24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011/06/07 06:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/11/21 11:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/21 11:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 11:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 11:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 11:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 11:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010/11/21 11:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 11:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/21 11:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/01/07 11:20:22 | 000,448,512 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8187.sys -- (RTL8187)
DRV:64bit: - [2009/09/17 19:04:18 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 08:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/11 04:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/30 13:06:58 | 000,339,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-605152205-987019497-2644730799-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ph
IE - HKU\S-1-5-21-605152205-987019497-2644730799-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 25 4B 14 89 19 93 CC 01 [binary data]
IE - HKU\S-1-5-21-605152205-987019497-2644730799-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1289
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.7

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/10/26 06:20:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/25 21:27:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/25 21:27:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Jaime\AppData\Roaming\IDM\idmmzcc3 [2011/11/06 10:22:47 | 000,000,000 | ---D | M]

[2011/10/25 21:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jaime\AppData\Roaming\Mozilla\Extensions
[2011/10/25 21:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jaime\AppData\Roaming\Mozilla\Firefox\Profiles\g4am3xke.default\extensions
[2011/10/25 21:27:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/10/26 06:20:54 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/11/06 10:22:47 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\JAIME\APPDATA\ROAMING\IDM\IDMMZCC3

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Users\Jaime\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\
CHR - Extension: Coderah Battlelog Mods = C:\Users\Jaime\AppData\Local\Google\Chrome\User Data\Default\Extensions\joebeijolffnafcbmphbeoingofelicj\2.2_0\

O1 HOSTS File: ([2011/11/06 10:05:01 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-605152205-987019497-2644730799-1000..\Run: [AntiFreeze] C:\Program Files\AntiFreeze\AntiFreeze.exe (Resplendence Software Projects Sp.)
O4 - HKU\S-1-5-21-605152205-987019497-2644730799-1000..\Run: [AnVir Task Manager Free] C:\Program Files (x86)\AnVir Task Manager Free\AnVir.exe (AnVir Software)
O4 - HKU\S-1-5-21-605152205-987019497-2644730799-1000..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-605152205-987019497-2644730799-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-605152205-987019497-2644730799-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-605152205-987019497-2644730799-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-605152205-987019497-2644730799-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-605152205-987019497-2644730799-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A25C20DD-909D-442E-8477-39459A156D11}: NameServer = 210.4.2.61 202.78.97.41
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/21 10:17:02 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/06 10:46:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011/11/06 10:09:56 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/11/06 10:05:11 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/11/06 09:56:24 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/06 09:56:24 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/06 09:56:24 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/06 09:56:20 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/11/06 09:55:44 | 004,284,686 | R--- | C] (Swearware) -- C:\Users\Jaime\Desktop\ComboFix.exe
[2011/11/06 09:54:56 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/06 09:45:13 | 000,000,000 | ---D | C] -- C:\Users\Jaime\Documents\Steps anti virus_files
[2011/11/06 07:31:57 | 000,000,000 | ---D | C] -- C:\Users\Jaime\Documents\SHOW THESE
[2011/11/05 20:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/11/05 20:08:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/11/05 20:08:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/11/05 19:07:51 | 000,000,000 | ---D | C] -- C:\Users\Jaime\Documents\topic58138_files
[2011/11/05 18:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/11/05 18:29:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/11/05 18:29:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011/11/05 18:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2011/11/05 18:28:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011/11/05 18:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/11/05 17:09:43 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Malwarebytes
[2011/11/05 17:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/05 17:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/05 17:07:11 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/05 17:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/05 16:29:39 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/11/05 16:09:11 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Virus Remover
[2011/11/05 16:09:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Virus Remover
[2011/11/05 08:50:57 | 000,055,384 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/11/05 08:26:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/11/05 08:26:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011/11/04 23:24:37 | 000,000,000 | ---D | C] -- C:\Program Files\Ragnarok Online
[2011/11/04 07:49:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011/11/03 00:11:51 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011/10/31 14:55:51 | 000,000,000 | ---D | C] -- C:\Users\Jaime\Documents\PCSX2
[2011/10/31 14:55:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2011/10/31 14:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
[2011/10/31 14:54:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 0.9.8
[2011/10/30 07:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2011/10/30 07:18:17 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\uTorrent
[2011/10/30 07:18:17 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\uTorrent
[2011/10/28 18:32:29 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\ESN Sonar
[2011/10/28 06:17:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiFreeze
[2011/10/28 06:17:49 | 000,000,000 | ---D | C] -- C:\Program Files\AntiFreeze
[2011/10/28 05:53:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Free
[2011/10/28 05:53:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnVir Task Manager Free
[2011/10/28 05:52:52 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\AnVir
[2011/10/27 21:53:26 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\ODUI
[2011/10/27 21:53:16 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Stardock
[2011/10/27 21:53:13 | 000,000,000 | ---D | C] -- C:\Users\Jaime\Documents\Stardock
[2011/10/27 21:53:11 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\Stardock
[2011/10/27 21:53:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
[2011/10/27 21:53:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
[2011/10/27 21:53:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock
[2011/10/27 21:52:55 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\PackageAware
[2011/10/27 12:48:54 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Mumble
[2011/10/27 12:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
[2011/10/27 12:42:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mumble
[2011/10/27 11:23:23 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2011/10/27 11:23:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2011/10/27 11:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2011/10/26 21:26:10 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\SKIDROW
[2011/10/26 21:21:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2011/10/26 20:59:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Black_Box
[2011/10/26 19:01:51 | 000,000,000 | ---D | C] -- C:\Users\Jaime\Documents\Wizards of the Coast
[2011/10/26 12:38:10 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\vlc
[2011/10/26 12:31:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
[2011/10/26 12:31:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ActiveSync
[2011/10/26 12:31:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Designer
[2011/10/26 12:29:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/10/26 12:26:52 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2011/10/26 12:26:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LightScribe
[2011/10/26 12:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
[2011/10/26 12:23:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011/10/26 12:23:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2011/10/26 12:23:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2011/10/26 12:19:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/10/26 12:18:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011/10/26 11:51:07 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/10/26 11:06:44 | 000,000,000 | ---D | C] -- C:\Windows.old
[2011/10/26 10:57:04 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/10/26 10:54:15 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/10/26 08:08:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2011/10/26 08:02:22 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\PunkBuster
[2011/10/26 08:02:17 | 000,000,000 | ---D | C] -- C:\Users\Jaime\Documents\Battlefield 3
[2011/10/26 08:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011/10/26 08:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK Wireless LAN Utility
[2011/10/26 08:00:10 | 000,380,928 | ---- | C] (Realtek) -- C:\Windows\RtlUI2.exe
[2011/10/26 08:00:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REALTEK
[2011/10/26 07:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
[2011/10/26 07:10:58 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2011/10/26 06:26:11 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Origin
[2011/10/26 06:26:10 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\Origin
[2011/10/26 06:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2011/10/26 06:26:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2011/10/26 06:26:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2011/10/26 06:26:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011/10/26 06:25:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2011/10/26 06:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/10/26 06:21:01 | 000,301,912 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/10/26 06:21:01 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/10/26 06:20:59 | 000,601,944 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/10/26 06:20:59 | 000,065,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/10/26 06:20:59 | 000,058,200 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/10/26 06:20:59 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/10/26 06:20:54 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/10/26 06:20:54 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/10/25 22:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/10/25 22:35:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011/10/25 22:20:32 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\WinRAR
[2011/10/25 22:00:23 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\Google
[2011/10/25 22:00:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011/10/25 22:00:07 | 000,254,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/10/25 21:58:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/10/25 21:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/10/25 21:56:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011/10/25 21:56:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/10/25 21:56:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011/10/25 21:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/10/25 21:46:21 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/10/25 21:46:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2011/10/25 21:45:56 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Macromedia
[2011/10/25 21:45:56 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Adobe
[2011/10/25 21:29:39 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACD Systems
[2011/10/25 21:29:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
[2011/10/25 21:29:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ACD Systems
[2011/10/25 21:27:42 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\IDM
[2011/10/25 21:27:42 | 000,000,000 | ---D | C] -- C:\Users\Jaime\Documents\Downloads
[2011/10/25 21:27:42 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\DMCache
[2011/10/25 21:27:40 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2011/10/25 21:27:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2011/10/25 21:27:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2011/10/25 21:27:07 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Mozilla
[2011/10/25 21:27:07 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\Mozilla
[2011/10/25 21:27:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011/10/25 21:27:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/10/25 21:22:25 | 000,242,176 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll
[2011/10/25 21:22:25 | 000,193,024 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\ViaMicArrayAPO.dll
[2011/10/25 21:22:25 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2011/10/25 21:22:25 | 000,082,432 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2011/10/25 21:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2011/10/25 21:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011/10/25 21:21:04 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\AMD
[2011/10/25 21:20:24 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\ATI
[2011/10/25 21:20:24 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\ATI
[2011/10/25 21:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2011/10/25 20:58:56 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/10/25 20:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/10/25 20:52:29 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/10/25 20:51:58 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/10/25 20:51:18 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/10/25 20:48:04 | 000,000,000 | R--D | C] -- C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/10/25 20:48:04 | 000,000,000 | R--D | C] -- C:\Users\Jaime\Searches
[2011/10/25 20:48:04 | 000,000,000 | R--D | C] -- C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/10/25 20:48:03 | 000,000,000 | -H-D | C] -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/10/25 20:47:47 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Identities
[2011/10/25 20:47:31 | 000,000,000 | R--D | C] -- C:\Users\Jaime\Contacts
[2011/10/25 20:47:23 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\VirtualStore
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\AppData\Local\Temporary Internet Files
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\Templates
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\Start Menu
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\SendTo
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\Recent
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\PrintHood
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\NetHood
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\Documents\My Videos
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\Documents\My Pictures
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\Documents\My Music
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\My Documents
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\Local Settings
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\AppData\Local\History
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\Cookies
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\Application Data
[2011/10/25 20:44:23 | 000,000,000 | -HSD | C] -- C:\Users\Jaime\AppData\Local\Application Data
[2011/10/25 20:44:22 | 000,000,000 | --SD | C] -- C:\Users\Jaime\AppData\Roaming\Microsoft
[2011/10/25 20:44:22 | 000,000,000 | R--D | C] -- C:\Users\Jaime\Videos
[2011/10/25 20:44:22 | 000,000,000 | R--D | C] -- C:\Users\Jaime\Saved Games
[2011/10/25 20:44:22 | 000,000,000 | R--D | C] -- C:\Users\Jaime\Pictures
[2011/10/25 20:44:22 | 000,000,000 | R--D | C] -- C:\Users\Jaime\Music
[2011/10/25 20:44:22 | 000,000,000 | R--D | C] -- C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/10/25 20:44:22 | 000,000,000 | R--D | C] -- C:\Users\Jaime\Links
[2011/10/25 20:44:22 | 000,000,000 | R--D | C] -- C:\Users\Jaime\Favorites
[2011/10/25 20:44:22 | 000,000,000 | R--D | C] -- C:\Users\Jaime\Downloads
[2011/10/25 20:44:22 | 000,000,000 | R--D | C] -- C:\Users\Jaime\Documents
[2011/10/25 20:44:22 | 000,000,000 | R--D | C] -- C:\Users\Jaime\Desktop
[2011/10/25 20:44:22 | 000,000,000 | R--D | C] -- C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/10/25 20:44:22 | 000,000,000 | -H-D | C] -- C:\Users\Jaime\AppData
[2011/10/25 20:44:22 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\Temp
[2011/10/25 20:44:22 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Local\Microsoft
[2011/10/25 20:44:22 | 000,000,000 | ---D | C] -- C:\Users\Jaime\AppData\Roaming\Media Center Programs
[2011/10/25 20:43:13 | 000,000,000 | ---D | C] -- C:\Recovery
[2011/10/25 19:04:23 | 000,000,000 | ---D | C] -- C:\Boot
[2011/10/25 18:09:49 | 000,000,000 | ---D | C] -- C:\Users\Jaime\Documents\Ding
[2011/10/22 08:18:52 | 000,000,000 | ---D | C] -- C:\AMD
[2011/10/19 10:33:15 | 000,000,000 | ---D | C] -- C:\ATI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========

[2011/11/06 11:52:05 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/06 11:16:13 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/11/06 11:16:13 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/11/06 11:14:18 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/11/06 10:29:52 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/06 10:29:52 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/06 10:28:35 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/06 10:28:35 | 000,619,206 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/06 10:28:35 | 000,107,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/06 10:23:47 | 000,000,435 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2011/11/06 10:22:34 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/06 10:22:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/06 10:22:23 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/06 10:05:01 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/06 09:55:45 | 004,284,686 | R--- | M] (Swearware) -- C:\Users\Jaime\Desktop\ComboFix.exe
[2011/11/06 09:45:15 | 000,094,660 | ---- | M] () -- C:\Users\Jaime\Documents\Steps anti virus.htm
[2011/11/05 20:08:17 | 000,001,282 | ---- | M] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/11/05 20:08:17 | 000,001,258 | ---- | M] () -- C:\Users\Jaime\Desktop\Spybot - Search & Destroy.lnk
[2011/11/05 19:38:56 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/11/05 19:38:56 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/11/05 19:08:16 | 000,092,338 | ---- | M] () -- C:\Users\Jaime\Documents\topic58138.html
[2011/11/05 17:07:14 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/05 08:50:56 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011/11/03 08:58:03 | 000,000,221 | ---- | M] () -- C:\Users\Jaime\Desktop\DC Universe Online.url
[2011/11/03 01:29:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/10/30 07:18:41 | 000,000,967 | ---- | M] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/10/28 05:53:00 | 000,001,023 | ---- | M] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\AnVir Task Manager Free.lnk
[2011/10/27 21:53:13 | 000,002,084 | ---- | M] () -- C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2011/10/27 12:51:54 | 000,002,377 | ---- | M] () -- C:\Users\Jaime\Documents\MumbleAutomaticCertificateBackup.p12
[2011/10/26 12:46:31 | 000,284,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/26 12:31:49 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2011/10/26 12:31:26 | 000,001,999 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2011/10/26 11:50:53 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011/10/26 11:50:46 | 000,000,368 | RHS- | M] () -- C:\Boot.ini.saved
[2011/10/26 11:02:03 | 000,116,385 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/10/26 11:02:03 | 000,116,385 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/10/26 09:37:26 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/10/26 06:20:59 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/10/25 22:40:22 | 000,002,239 | ---- | M] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/25 22:22:48 | 000,001,202 | ---- | M] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2011/10/25 21:27:04 | 000,001,963 | ---- | M] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/25 21:25:12 | 000,001,437 | ---- | M] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/25 21:18:39 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011/10/25 20:44:07 | 000,000,020 | RHS- | M] () -- C:\win7.ld
[2011/10/25 20:44:06 | 000,412,497 | RHS- | M] () -- C:\OQZCY
[2011/10/19 22:14:52 | 000,059,904 | ---- | M] () -- C:\Windows\SysWow64\OVDecode.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/06 09:56:24 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/06 09:56:24 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/06 09:56:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/06 09:56:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/06 09:56:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/06 09:45:13 | 000,094,660 | ---- | C] () -- C:\Users\Jaime\Documents\Steps anti virus.htm
[2011/11/06 07:56:42 | 000,002,084 | ---- | C] () -- C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
[2011/11/06 07:56:42 | 000,001,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2011/11/05 20:08:17 | 000,001,282 | ---- | C] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/11/05 20:08:17 | 000,001,258 | ---- | C] () -- C:\Users\Jaime\Desktop\Spybot - Search & Destroy.lnk
[2011/11/05 19:27:23 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011/11/05 19:27:23 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011/11/05 19:08:16 | 000,092,338 | ---- | C] () -- C:\Users\Jaime\Documents\topic58138.html
[2011/11/05 17:07:14 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/03 08:58:03 | 000,000,221 | ---- | C] () -- C:\Users\Jaime\Desktop\DC Universe Online.url
[2011/11/03 01:29:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/10/30 07:18:41 | 000,000,967 | ---- | C] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/10/28 05:53:00 | 000,001,023 | ---- | C] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\AnVir Task Manager Free.lnk
[2011/10/27 12:51:54 | 000,002,377 | ---- | C] () -- C:\Users\Jaime\Documents\MumbleAutomaticCertificateBackup.p12
[2011/10/26 12:31:49 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/10/26 12:31:26 | 000,002,673 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk
[2011/10/26 12:31:26 | 000,002,657 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
[2011/10/26 12:31:26 | 000,002,655 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
[2011/10/26 12:31:26 | 000,002,625 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
[2011/10/26 12:31:26 | 000,002,623 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
[2011/10/26 12:31:26 | 000,002,611 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft FrontPage.lnk
[2011/10/26 11:00:54 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/10/26 10:59:58 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/10/26 10:52:14 | 3220,676,608 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/26 08:02:26 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/10/26 08:00:09 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011/10/26 07:10:34 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/10/26 07:10:34 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/10/26 07:10:30 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/10/25 22:40:22 | 000,002,239 | ---- | C] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/25 22:32:31 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/25 22:32:27 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/25 22:00:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011/10/25 21:27:04 | 000,001,963 | ---- | C] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/25 21:25:12 | 000,001,437 | ---- | C] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/25 21:22:55 | 000,001,214 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2011/10/25 21:22:55 | 000,001,202 | ---- | C] () -- C:\Users\Public\Desktop\HD VDeck.lnk
[2011/10/25 21:18:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/10/25 20:50:32 | 000,702,976 | R--- | C] () -- C:\Windows\SysNative\cohelper.dll
[2011/10/25 20:50:32 | 000,005,940 | R--- | C] () -- C:\Windows\SysNative\drivers\nvphy.bin
[2011/10/25 20:48:24 | 000,001,409 | ---- | C] () -- C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/10/25 20:48:12 | 000,001,443 | ---- | C] () -- C:\Users\Jaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/10/25 20:44:23 | 000,000,290 | ---- | C] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/10/25 20:44:23 | 000,000,272 | ---- | C] () -- C:\Users\Jaime\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/10/25 20:44:07 | 000,000,020 | RHS- | C] () -- C:\win7.ld
[2011/10/25 20:44:06 | 000,412,497 | RHS- | C] () -- C:\OQZCY
[2011/10/25 19:04:28 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2011/10/25 19:04:23 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2011/10/19 22:14:52 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/10/06 22:30:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/03/18 01:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/07/14 13:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 10:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 10:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 08:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 05:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/11/06 10:22:38 | 000,000,000 | ---D | M] -- C:\Users\Jaime\AppData\Roaming\DMCache
[2011/11/06 10:22:47 | 000,000,000 | ---D | M] -- C:\Users\Jaime\AppData\Roaming\IDM
[2011/11/06 11:32:04 | 000,000,000 | ---D | M] -- C:\Users\Jaime\AppData\Roaming\Mumble
[2011/10/26 06:40:54 | 000,000,000 | ---D | M] -- C:\Users\Jaime\AppData\Roaming\Origin
[2011/10/27 21:53:16 | 000,000,000 | ---D | M] -- C:\Users\Jaime\AppData\Roaming\Stardock
[2011/11/06 11:32:17 | 000,000,000 | ---D | M] -- C:\Users\Jaime\AppData\Roaming\uTorrent
[2009/07/14 13:08:49 | 000,013,432 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< OTL Extras logfile created on: 11/6/2011 11:32:37 AM - Run 1 >
Invalid Switch: 2011 11:32:37 AM - Run 1


< OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jaime\Downloads >

< 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation >

< Internet Explorer (Version = 8.0.7601.17514) >

< Locale: 00000409 | Country: Republic of the Philippines | Language: ENP | Date Format: M/d/yyyy >
Invalid Switch: yyyy


< >

< 4.00 Gb Total Physical Memory | 2.65 Gb Available Physical Memory | 66.27% Memory free >

< 8.00 Gb Paging File | 6.03 Gb Available in Paging File | 75.44% Paging File free >

< Paging file location(s): ?:\pagefile.sys [binary data] >

< >

< %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) >

< Drive C: | 149.04 Gb Total Space | 19.98 Gb Free Space | 13.40% Space Free | Partition Type: NTFS >

< Drive D: | 149.04 Gb Total Space | 8.45 Gb Free Space | 5.67% Space Free | Partition Type: NTFS >

< Drive E: | 3.78 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF >

< >

< Computer Name: JAIME-PC | User Name: Jaime | Logged in as Administrator. >

< Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans >

< Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days >

< >

< ========== Extra Registry (SafeList) ========== >
Invalid Switch: color]


< >

< >

< ========== File Associations ========== >
Invalid Switch: color]


< >

< 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] >
Invalid Switch: b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]


< .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) >

< >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] >

< .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) >

< >

< [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] >

< .html [@ = ChromeHTML] -- Reg Error: Key error. File not found >

< >

< ========== Shell Spawning ========== >
Invalid Switch: color]


< >

< 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] >
Invalid Switch: b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]


< batfile [open] -- "%1" %* >

< cmdfile [open] -- "%1" %* >

< comfile [open] -- "%1" %* >

< exefile [open] -- "%1" %* >

< helpfile [open] -- Reg Error: Key error. >

< htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) >

< inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) >

< InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) >

< InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) >

< piffile [open] -- "%1" %* >

< regfile [merge] -- Reg Error: Key error. >

< scrfile [config] -- "%1" >

< scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l >

< scrfile [open] -- "%1" /S >

< txtfile [edit] -- Reg Error: Key error. >

< Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 >

< Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () >

< Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) >

< Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) >

< Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () >

< Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) >

< Folder [explore] -- Reg Error: Value error. >

< Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) >

< >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] >

< batfile [open] -- "%1" %* >

< cmdfile [open] -- "%1" %* >

< comfile [open] -- "%1" %* >

< cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) >

< exefile [open] -- "%1" %* >

< helpfile [open] -- Reg Error: Key error. >

< piffile [open] -- "%1" %* >

< regfile [merge] -- Reg Error: Key error. >

< scrfile [config] -- "%1" >

< scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l >

< scrfile [open] -- "%1" /S >

< txtfile [edit] -- Reg Error: Key error. >

< Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 >

< Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () >

< Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) >

< Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) >

< Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () >

< Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) >

< Folder [explore] -- Reg Error: Value error. >

< Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) >

< >

< ========== Security Center Settings ========== >
Invalid Switch: color]


< >

< 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] >
Invalid Switch: b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]


< "cval" = 1 >

< "FirewallDisableNotify" = 0 >

< "AntiVirusDisableNotify" = 0 >

< "UpdatesDisableNotify" = 0 >

< >

< 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] >
Invalid Switch: b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]


< >

< 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] >
Invalid Switch: b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]


< "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] >

< "AntiVirusOverride" = 0 >

< "AntiSpywareOverride" = 0 >

< "FirewallOverride" = 0 >

< >

< 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] >
Invalid Switch: b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]


< >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] >

< "FirewallDisableNotify" = 0 >

< "AntiVirusDisableNotify" = 0 >

< "UpdatesDisableNotify" = 0 >

< >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] >

< >

< ========== System Restore Settings ========== >
Invalid Switch: color]


< >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] >

< "DisableSR" = 0 >

< >

< ========== Firewall Settings ========== >
Invalid Switch: color]


< >

< 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] >
Invalid Switch: b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
< >

< 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] >
Invalid Switch: b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]


< >

< 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] >
Invalid Switch: b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]


< >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] >

< >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] >

< >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] >

< >

< [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] >

< "EnableFirewall" = 1 >

< "DisableNotifications" = 0 >

< >

< [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] >

< "EnableFirewall" = 1 >

< "DisableNotifications" = 0 >

< >

< [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] >

< >

< [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] >

< "EnableFirewall" = 1 >

< "DisableNotifications" = 0 >

< >

< ========== Authorized Applications List ========== >
Invalid Switch: color]


< >

< [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] >

< >

< [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] >

< >

< >

< ========== HKEY_LOCAL_MACHINE Uninstall List ========== >
Invalid Switch: color]


< >

< 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] >

< "{36EAEAF0-CDC5-F32F-01D2-C7D01EF96472}" = AMD AVIVO64 Codecs >

< "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime >

< "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager >

< "{7FA24ACE-BF20-5570-F94A-3AE540223771}" = AMD Catalyst Install Manager >

< "{B305CEFC-93A1-EF99-BFEF-CF7985E88D03}" = ccc-utility64 >

< "{D0D59644-6282-D7C8-0EE3-4DDD7245C84C}" = AMD Media Foundation Decoders >

< "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 >

< "{DDB6F0B2-7EF7-8FD3-0B37-9C42DC9E1C74}" = AMD Drag and Drop Transcoding >

< "{F5C71398-0779-7AF2-4C7A-B7E1E0A622A2}" = AMD Fuel >

< "AntiFreeze_is1" = AntiFreeze 1.01 >

< "CPUID HWMonitor_is1" = CPUID HWMonitor 1.18 >

< "NVIDIA Drivers" = NVIDIA Drivers >

< >

< [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] >

< "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam >

< "{0DF70CB6-553A-4C57-8E6D-876322ECFB78}" = REALTEK Wireless LAN Driver and Utility >

< "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 >

< "{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding >

< "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 >

< "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform >

< "{22764EFF-300F-8F3D-564D-7A4C4662D120}" = CCC Help Polish >

< "{2894AAC3-9A08-FF3A-6737-41A6178D0A09}" = CCC Help Chinese Standard >

< "{2C13F8C1-570B-42A9-87B4-8C7903ECD602}" = ObjectDock Free >

< "{3536AD21-940C-D198-DD10-078011A5C13B}" = CCC Help Thai >

< "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup >

< "{49D87A8F-D04F-7749-DD32-BDBF9B24B232}" = CCC Help Finnish >

< "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml >

< "{660C748F-A503-B771-7BD6-2D7C5AA1DBB4}" = CCC Help Dutch >

< "{6E03FAB5-6253-58B8-B939-AA83F64C3278}" = CCC Help Swedish >

< "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ >

< "{7A75AFE3-A0C3-951D-4804-54721360FF90}" = CCC Help Hungarian >

< "{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software >

< "{7FD7FB8C-2C75-4A8E-A236-EB23C5CD1033}" = Nero 8 Essentials >

< "{8BD626B2-7EFA-73E5-D50F-5BEDD5D99F3D}" = HydraVision >

< "{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage >

< "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 >

< "{9F218882-4CF1-F411-111A-B9B68770C0CE}" = CCC Help Czech >

< "{A1EF8DA8-E0CB-C805-4ACA-B7C028CF36F2}" = CCC Help Italian >

< "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper >

< "{A9F27D99-8478-C124-8978-09595FA9D805}" = CCC Help Portuguese >

< "{AAB0D88E-85D7-22CC-6935-0D2247152700}" = CCC Help French >

< "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy >

< "{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3 >

< "{C104E9E6-F21E-2762-FBF0-6FE820B2D739}" = CCC Help Korean >

< "{C5632631-95E3-4DAF-2EB1-487EBE04DE19}" = AMD VISION Engine Control Center >

< "{C95E964C-FCF4-13DB-1445-4FA8062271F8}" = CCC Help Spanish >

< "{D7A8C334-7974-54A4-6533-EB84D19D7133}" = CCC Help English >

< "{D89F00EB-7868-A817-D618-AA446C0D56B3}" = CCC Help Chinese Traditional >

< "{D9AB20FE-5267-7A1A-2064-8F18969DF88D}" = CCC Help German >

< "{DA45F8EC-4226-EA6A-4DA9-F1148F801BDA}" = CCC Help Russian >

< "{DA7747E1-1F8D-BBC5-BE66-00B21BE5B81B}" = CCC Help Turkish >

< "{DADEC9BB-66FC-A3E4-8BC9-83E73BA1B5B2}" = CCC Help Greek >

< "{DD0FDF02-6AA4-8C7D-AAB0-4C8C7207C0C1}" = CCC Help Japanese >

< "{E0D5CB1C-7D35-709E-7F58-6CF6FFC3D6B7}" = Catalyst Control Center Graphics Previews Common >

< "{EB20F561-2AF5-0368-E353-AF093FBBADC2}" = CCC Help Norwegian >

< "{ECDE16E7-E3FC-F094-F14D-0326D03B9D96}" = Catalyst Control Center InstallProxy >

< "{F38AF6F6-059C-C683-826F-00539526D86D}" = CCC Help Danish >

< "{FCD58710-F023-E26C-6373-79C72FED0B90}" = Catalyst Control Center Localization All >

< "ACDSee Trial Version" = ACDSee Trial Version >

< "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin >

< "AnVir Task Manager Free" = AnVir Task Manager Free >

< "avast" = avast! Free Antivirus >

< "Battlelog Web Plugins" = Battlelog Web Plugins >

< "ESN Sonar-0.70.4" = ESN Sonar >

< "Google Chrome" = Google Chrome >

< "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager >

< "InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager >

< "Internet Download Manager" = Internet Download Manager >

< "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300 >

< "Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6) >

< "ObjectDock Free" = ObjectDock Free >

< "Origin" = Origin >

< "pcsx2-r4600" = PCSX2 - Playstation 2 Emulator >

< "PunkBusterSvc" = PunkBuster Services >

< "Steam App 24200" = DC Universe Online >

< "uTorrent" = µTorrent >

< "VLC media player" = VLC media player 1.1.11 >

< "WinRAR archiver" = WinRAR archiver >

< >

< ========== Last 10 Event Log Errors ========== >
Invalid Switch: color]


< >

< [ Application Events ] >

< Error - 11/5/2011 6:22:26 AM | Computer Name = Jaime-PC | Source = SideBySide | ID = 16842832 >
Invalid Switch: 2011 6:22:26 AM | Computer Name = Jaime-PC | Source = SideBySide | ID = 16842832


< Description = Activation context generation failed for "D:\OCT 25 BACKUP\My Documents\Downloads\Programs\SoftonicDownloader_for_hjsplit.exe".Error >

< in manifest or policy file "" on line . A component version required by the application >

< conflicts with another component version already active. Conflicting components >

< are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. >

< Component >

< 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. >

< >

< Error - 11/5/2011 6:25:05 AM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10 >
Invalid Switch: 2011 6:25:05 AM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10


< Description = >

< >

< Error - 11/5/2011 6:30:38 AM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10 >
Invalid Switch: 2011 6:30:38 AM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10


< Description = >

< >

< Error - 11/5/2011 7:03:49 AM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10 >
Invalid Switch: 2011 7:03:49 AM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10


< Description = >

< >

< Error - 11/5/2011 6:38:35 PM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10 >
Invalid Switch: 2011 6:38:35 PM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10


< Description = >

< >

< Error - 11/5/2011 7:57:48 PM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10 >
Invalid Switch: 2011 7:57:48 PM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10


< Description = >

< >

< Error - 11/5/2011 9:39:49 PM | Computer Name = Jaime-PC | Source = Application Error | ID = 1000 >
Invalid Switch: 2011 9:39:49 PM | Computer Name = Jaime-PC | Source = Application Error | ID = 1000


< Description = Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: >

< 0x4ea78f27 Faulting module name: filesystem_steam.dll_unloaded, version: 0.0.0.0, >

< time stamp: 0x4ea790c9 Exception code: 0xc0000005 Fault offset: 0x6c9cf1e9 Faulting >

< process id: 0x1494 Faulting application start time: 0x01cc9c218ffc6eea Faulting application >

< path: c:\program files (x86)\steam\steamapps\jadariin2\team fortress 2\hl2.exe Faulting >

< module path: filesystem_steam.dll Report Id: 36b45df7-0818-11e1-9fe7-002522183aa8 >

< >

< Error - 11/5/2011 10:04:49 PM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10 >
Invalid Switch: 2011 10:04:49 PM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10


< Description = >

< >

< Error - 11/5/2011 10:22:36 PM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10 >
Invalid Switch: 2011 10:22:36 PM | Computer Name = Jaime-PC | Source = WinMgmt | ID = 10


< Description = >

< >

< Error - 11/5/2011 11:21:57 PM | Computer Name = Jaime-PC | Source = Application Error | ID = 1000 >
Invalid Switch: 2011 11:21:57 PM | Computer Name = Jaime-PC | Source = Application Error | ID = 1000


< Description = Faulting application name: Origin.exe, version: 8.3.1.9, time stamp: >

< 0x4ea09629 Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp: >

< 0x4ce7ba58 Exception code: 0xc0000374 Fault offset: 0x000ce653 Faulting process id: >

< 0xb90 Faulting application start time: 0x01cc9c2af3a82306 Faulting application path: >

< C:\Program Files (x86)\Origin\Origin.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll >

< Report >

< Id: 7b4eb06b-0826-11e1-9767-002522183aa8 >

< >

< [ System Events ] >

< Error - 11/5/2011 10:22:52 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001 >
Invalid Switch: 2011 10:22:52 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001


< Description = >

< >

< Error - 11/5/2011 10:23:30 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 31004 >
Invalid Switch: 2011 10:23:30 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 31004


< Description = >

< >

< Error - 11/5/2011 10:23:35 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 30013 >
Invalid Switch: 2011 10:23:35 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 30013


< Description = >

< >

< Error - 11/5/2011 10:23:47 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 30013 >
Invalid Switch: 2011 10:23:47 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 30013


< Description = >

< >

< Error - 11/5/2011 10:26:46 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001 >
Invalid Switch: 2011 10:26:46 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001


< Description = >

< >

< Error - 11/5/2011 11:20:40 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 31004 >
Invalid Switch: 2011 11:20:40 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 31004


< Description = >

< >

< Error - 11/5/2011 11:21:11 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001 >
Invalid Switch: 2011 11:21:11 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001


< Description = >

< >

< Error - 11/5/2011 11:21:41 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 31004 >
Invalid Switch: 2011 11:21:41 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 31004


< Description = >

< >

< Error - 11/5/2011 11:23:34 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001 >
Invalid Switch: 2011 11:23:34 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001


< Description = >

< >

< Error - 11/5/2011 11:25:48 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001 >
Invalid Switch: 2011 11:25:48 PM | Computer Name = Jaime-PC | Source = ipnathlp | ID = 34001


< Description = >

< >

< >

< < End of report > >

< End of report >
 
Looks clean.

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Free Antivirus
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Adobe Flash Player ( 10.3.183.10) Flash Player Out of Date!
Mozilla Firefox (3.5.6) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Spybot Teatimer.exe is disabled!
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
``````````End of Log````````````


I havent run ESET yet since the site wont load for me. Anyway Ive managed to take a screenie which shows my pc automatically copying some files. Its been like that since the problem started but it wasnt like that before maybe it can offer some clues?

suspicious.jpg
 
I havent run ESET yet since the site wont load for me.
Click to expand...
Try different browser.

Also...

Download Bootkit Remover to your Desktop.

  • Unzip downloaded file to your Desktop.
  • Double-click on remover.exe to run the program (Vista/7 users,right click on remover.exe and click Run As Administrator).
  • It will show a Black screen with some data on it.
  • Right click on the screen and click Select All.
  • Press CTRL+C
  • Open a Notepad and press CTRL+V
  • Post the output back here.
 
Here they are. Its still there.

Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Ultimate Edition Service Pack 1 (build 7601), 64
-bit

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
ATA_Read(): DeviceIoControl() ERROR 1
Boot sector MD5 is: bb4f1627d8b9beda49ac0d010229f3ff

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)


Done;
Press any key to quit...


C:\Windows.old\Documents and Settings\Jaime\Local Settings\Temp\ICReinstall\cnet_powerpoint_to_pdf_converter_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Windows.old\Documents and Settings\Jaime\Local Settings\Temp\ICReinstall\Facemoods.exe probably a variant of Win32/InstallCore.A application cleaned by deleting - quarantined
C:\Windows.old\Documents and Settings\Jaime\My Documents\Downloads\Programs\cnet_powerpoint_to_pdf_converter_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Windows.old\Documents and Settings\Jaime\My Documents\Downloads\Programs\SoftonicDownloader_for_hjsplit.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
D:\OCT 25 BACKUP\My Documents\Downloads\Programs\cnet_powerpoint_to_pdf_converter_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
D:\OCT 25 BACKUP\My Documents\Downloads\Programs\SoftonicDownloader_for_hjsplit.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
 
At this point your computer is perfectly clean, so your issue can't be malware related.

Go Start>Run (Start Search in Vista), type in:
msconfig
Click OK (hit Enter in Vista).

Click on Startup tab.
Click Disable all
IMPORTANT! In case of laptop, make sure, you do NOT disable any keyboard, or touchpad entries.

Click Services tab.
Put checkmark in Hide all Microsoft services
Click Disable all.

Click OK.
Restart computer in Normal Mode.

NOTE. If you use different firewall, than Windows firewall, turn Windows firewall on, just for this test, since your regular firewall won't be running.
If you use Windows firewall, you're fine.

Same problem?
 
Im using win7. I did what you said but enabled some of the basic processes I need to use for this pc. Since the sound is random. going to update you if I hear it again. At least I know my PC is clean *phew* :) I cant seem to enable avast now though. All shields are down.
 
I think you misunderstood me.
What I posted in my previous reply is for testing purposes only.
Obviously some programs (for the period of testing time) will be disabled.

All I want you to do is to strictly follow my previous reply and let me know if the issue is present.
We'll go from there.
 
OK, surely not an infection but one of your legit startups.

For now.....

Go back to "msconfig" and reverse all changes you just made.
As I said it was for testing purposes only.

Then complete final cleaning steps and when you're done we'll go back to your issue.

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code: 
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. (Windows XP only) Run defrag at your convenience.

11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

13. Please, let me know, how your computer is doing.
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
793
uber_beetle
uber_beetle
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back