Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

System running slowly from time to time [Closed]

Started by vid , Jun 14 2012 11:10 PM

  • This topic is locked This topic is locked

#1
vid
Posted 14 June 2012 - 11:10 PM

vid

    New Member

  • Member
  • Pip
  • 7 posts
Hi, I have face this problem since few days back. My system would become slow suddenly even without running any program. It would takes 2 - 3 minutes to respond and I have to restart my system to get it back normal again, and the problem comes and goes. Having scan with AVG and Ad-Aware, nothing was found. Would be good if any1 could help me see if my system is infected with virus, spyware or malware. Below is my OTL log.


OTL logfile created on: 15/6/2012 1:01:39 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Vid\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004809 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy

7.96 Gb Total Physical Memory | 5.49 Gb Available Physical Memory | 68.90% Memory free
15.92 Gb Paging File | 13.22 Gb Available in Paging File | 83.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195.21 Gb Total Space | 114.31 Gb Free Space | 58.56% Space Free | Partition Type: NTFS
Drive D: | 736.20 Gb Total Space | 670.82 Gb Free Space | 91.12% Space Free | Partition Type: NTFS

Computer Name: VID-PC | User Name: Vid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/15 12:51:40 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Vid\Desktop\OTL.exe
PRC - [2012/06/11 00:29:17 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
PRC - [2012/06/08 12:12:17 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/05/03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2012/05/03 18:37:50 | 020,221,792 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAware.exe
PRC - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/03/30 14:41:46 | 000,151,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2012/03/15 13:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2012/02/28 19:09:14 | 001,678,576 | ---- | M] (Funshion Online Technologies Ltd.) -- C:\Program Files (x86)\Funshion Online\Funshion\FunshionService.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/01/05 19:59:50 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/01/03 21:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
PRC - [2011/12/16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/12/16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/12/16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2011/10/21 17:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/11/20 20:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/11/17 09:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/11/15 19:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
PRC - [2010/11/15 19:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
PRC - [2010/09/07 17:46:56 | 000,072,280 | R--- | M] () -- C:\Windows\SysWOW64\XSrvSetup.exe
PRC - [2010/04/22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
PRC - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
PRC - [2007/11/20 16:53:36 | 000,147,456 | ---- | M] (Razer USA Ltd.) -- C:\Program Files (x86)\Razer\Lycosa\razerhid.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/11 00:29:16 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
MOD - [2012/06/08 12:12:17 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/28 19:06:38 | 000,167,152 | ---- | M] () -- C:\Program Files (x86)\Funshion Online\Funshion\ptv.dll
MOD - [2012/02/28 19:06:36 | 000,231,152 | ---- | M] () -- C:\Program Files (x86)\Funshion Online\Funshion\ttv.dll
MOD - [2012/02/28 19:06:34 | 000,241,904 | ---- | M] () -- C:\Program Files (x86)\Funshion Online\Funshion\fptassrv.dll
MOD - [2012/02/28 19:06:32 | 000,287,472 | ---- | M] () -- C:\Program Files (x86)\Funshion Online\Funshion\lsv.dll
MOD - [2012/02/28 19:06:30 | 000,288,496 | ---- | M] () -- C:\Program Files (x86)\Funshion Online\Funshion\agentd.dll
MOD - [2012/02/28 19:05:28 | 000,135,920 | ---- | M] () -- C:\Program Files (x86)\Funshion Online\Funshion\gma.dll
MOD - [2012/02/28 19:05:24 | 000,305,392 | ---- | M] () -- C:\Program Files (x86)\Funshion Online\Funshion\dump.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/01/10 22:09:50 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2011/12/08 16:38:24 | 000,607,456 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel® Capability Licensing Service Interface) Intel®
SRV:64bit: - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/06/11 00:29:17 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/08 12:12:17 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/03/30 14:41:46 | 000,151,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2012/03/15 13:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/03 21:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2011/12/16 12:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2011/12/16 12:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2011/12/16 11:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) Intel®
SRV - [2011/04/01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/11/15 19:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)
SRV - [2010/09/07 17:46:56 | 000,072,280 | R--- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009/06/17 16:13:06 | 000,068,136 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe -- (DES2 Service)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012/01/10 22:09:44 | 002,184,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012/01/06 16:59:48 | 000,084,608 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2012/01/06 16:59:48 | 000,059,392 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2012/01/05 19:58:48 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) Intel®
DRV:64bit: - [2012/01/05 19:58:48 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) Intel®
DRV:64bit: - [2012/01/05 19:58:48 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) Intel®
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/12/19 12:44:24 | 000,256,632 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)
DRV:64bit: - [2011/12/19 12:44:24 | 000,084,600 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sbwtis.sys -- (sbwtis)
DRV:64bit: - [2011/12/19 12:44:24 | 000,060,536 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)
DRV:64bit: - [2011/11/29 06:59:46 | 000,074,872 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
DRV:64bit: - [2011/11/10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2011/11/10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2011/10/26 14:23:36 | 000,057,976 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbredrv.sys -- (SBRE)
DRV:64bit: - [2011/09/29 12:16:18 | 000,119,416 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV:64bit: - [2011/09/29 12:16:18 | 000,119,416 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV:64bit: - [2011/08/12 06:54:16 | 000,104,560 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 21:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 19:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/19 10:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/11/19 10:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/09/07 10:37:28 | 000,121,432 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010/07/15 20:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/04/27 11:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010/03/04 21:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/01/17 16:51:44 | 000,018,816 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Lycosa.sys -- (Lycosa)
DRV - [2012/06/15 11:55:24 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011/10/26 14:23:40 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\SBREDrv.sys -- (SBRE)
DRV - [2011/10/20 08:06:29 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://xin.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-SG
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 64 BE 26 5C 74 48 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {F9E29111-7277-40de-92B3-6934CB647E93}
IE - HKCU\..\SearchScopes\{8D188141-E255-43ed-9E79-AB3F4C3C86CC}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2}: "URL" = http://www.baidu.com...shion010_oem_dg
IE - HKCU\..\SearchScopes\{DA95C7AA-EBA5-4a69-A90C-3C4C989DA028}: "URL" = http://sg.search.yah...evm&type=IEBDSV
IE - HKCU\..\SearchScopes\{F9E29111-7277-40de-92B3-6934CB647E93}: "URL" = http://www.bing.com/...=SPLBR1&pc=SPLH
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/05/29 14:50:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/16 08:27:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012/05/17 19:11:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012/05/17 19:11:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/08 12:12:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/08 12:12:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/10/20 13:20:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vid\AppData\Roaming\Mozilla\Extensions
[2012/05/02 19:11:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vid\AppData\Roaming\Mozilla\Firefox\Profiles\4o0hy9v1.default\extensions
[2012/02/17 16:07:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/05 19:23:44 | 000,345,491 | ---- | M] () (No name found) -- C:\USERS\VID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4O0HY9V1.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2011/10/20 18:25:26 | 000,039,611 | ---- | M] () (No name found) -- C:\USERS\VID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4O0HY9V1.DEFAULT\EXTENSIONS\{DB9127A2-3381-41EC-82B3-1B6ED4C6F29A}.XPI
[2012/06/08 12:12:18 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/09/29 08:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/11 16:26:54 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/11 05:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (48DD4A06-23CB-D599-A26A-2EB8ADFF89F2 Class) - {48DD4A06-23CB-D599-A26A-2EB8ADFF89F2} - C:\Program Files (x86)\Funshion Online\Funshion\FunshionAddr\funshionAddr.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Vid\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Lycosa] C:\Program Files (x86)\Razer\Lycosa\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Razer Mamba Driver] C:\Program Files (x86)\Razer\Mamba\RazerTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [STCAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKCU..\Run: [Funshion] C:\Program Files (x86)\Funshion Online\Funshion\Funshion.exe (Funshion Online Technologies Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all by FlashGet3 - C:\Users\Vid\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:64bit: - Extra context menu item: Download by FlashGet3 - C:\Users\Vid\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Vid\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Vid\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CBDB900-31FF-4F83-AF8A-F8E3D3471995}: DhcpNameServer = 192.168.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8398D08D-2728-4087-B879-39C7F032FA24}: DhcpNameServer = 192.168.11.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/15 12:51:33 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Vid\Desktop\OTL.exe
[2012/06/15 11:08:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/06/15 09:16:05 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{B664E772-3765-4C18-BC5D-1E31C969CA7A}
[2012/06/14 20:07:46 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{F1EC2A68-48AB-4D6F-8BC8-9D1BBBBE844F}
[2012/06/14 20:07:35 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{812E9275-0CCF-4EE4-8D40-08B2D6B67CF1}
[2012/06/14 08:06:59 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{80AFF2DB-189E-4B8F-BDD3-A799EF615C0F}
[2012/06/14 08:06:47 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{A2E653F9-ADED-4CB0-9AAA-F540DA13260E}
[2012/06/13 20:06:33 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{F5B6B09A-6C6F-4B13-8C89-B28C9DD65E48}
[2012/06/13 20:06:21 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{87FD67DA-EA51-4A24-8CE1-E54A229346DF}
[2012/06/13 08:05:50 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{B4D71398-6C22-41EE-8961-70E4A095FE0C}
[2012/06/13 08:05:38 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{89F6FECD-9195-4F0E-9FB8-3480EB8BE671}
[2012/06/12 20:05:24 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{B49F1805-4008-468D-8629-35875CBC69C1}
[2012/06/12 20:05:12 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{207EAD3C-6908-412B-863D-92C9859AEBFB}
[2012/06/12 08:04:47 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{BAAB1A2A-C587-4ECC-8677-362D82BDEDD0}
[2012/06/12 08:04:35 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{C291A88E-6ACB-4B64-B552-C734F24D9A2C}
[2012/06/11 20:04:21 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{86232E9F-8257-40B5-A441-959F06F7244C}
[2012/06/11 20:04:09 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{B493D653-60E7-4463-81BF-D5F0ED0B8B9D}
[2012/06/11 08:03:31 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{78C1DF47-CC32-40FD-AF27-D2AE8E07F030}
[2012/06/11 08:03:20 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{DE2F2AD1-75B7-4ED0-9DB4-3C308437A49B}
[2012/06/11 00:34:51 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\Macromedia
[2012/06/10 20:02:53 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{4703F07C-26A7-4CA1-9993-102869C969BF}
[2012/06/10 20:02:41 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{640E7C5B-E605-4A26-8722-A38F9E87F48D}
[2012/06/10 08:02:15 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{2D8D6945-2C7B-44CD-B32F-179B890C16AE}
[2012/06/10 08:02:04 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{B3715982-7A08-46C5-A818-EA811D099A91}
[2012/06/09 20:01:50 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{2A33145E-B5D8-4661-8B69-6521B4D4FF3D}
[2012/06/09 20:01:38 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{AF93777A-946E-421C-A094-E4E573F382C2}
[2012/06/09 08:01:10 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{09E476C7-3FB8-4A17-BA59-2DE17CFB0C84}
[2012/06/09 08:00:58 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{1AFCD16D-7D8E-4651-82E3-0EE92F94E6DA}
[2012/06/08 20:00:44 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{C9631746-C5B6-4005-8F09-A37DDD0021FB}
[2012/06/08 20:00:32 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{C1B1052C-FE39-4AA4-888E-FC906FF77C64}
[2012/06/08 08:00:03 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{258F88CB-BD29-4CDD-86DA-04E06DD1FEFB}
[2012/06/08 07:59:51 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{4EAA8B66-FF5F-4E95-8A48-81C5AFEE5D1E}
[2012/06/07 19:59:23 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{C4C06EC6-3D87-475F-BD4C-0D260238CF06}
[2012/06/07 19:59:11 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{562ABCBF-0FD4-4383-8D5F-3E7A67B779E2}
[2012/06/07 07:58:46 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{8524A264-C416-4368-99D4-53BEBBB9AB59}
[2012/06/07 07:58:34 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{33EF2DB3-6656-451C-ADB6-8A7311A69AD0}
[2012/06/06 19:58:19 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{AD3DD8AD-9FFC-4813-8EAC-4FB64A06B377}
[2012/06/06 19:58:08 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{E0C84951-C72A-423F-97A7-D5462DB65381}
[2012/06/06 07:57:41 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{6F5979A4-C16A-4A78-ABA2-BDB2414B4782}
[2012/06/06 07:57:29 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{76CA34BD-EFBB-4314-AEA7-D1006D1A3AD7}
[2012/06/05 19:57:15 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{27FE058D-AC95-445B-B1E0-39189DE28EA1}
[2012/06/05 19:57:03 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{470F11AF-18E2-416C-963E-FB1C41F8F52E}
[2012/06/05 07:56:38 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{10A3FC07-F126-4CA9-90F0-1C75144731AB}
[2012/06/05 07:56:26 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{3346E790-E33A-4051-B342-82955C9D3E81}
[2012/06/04 19:56:12 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{9B327F72-6F0F-4C07-976A-6C47D7883277}
[2012/06/04 19:56:01 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{A45C06E9-D396-48C5-8EEA-87E03F14C9CD}
[2012/06/04 07:55:35 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{2D169340-814C-4D86-9F8C-687BD0CC5E9F}
[2012/06/04 07:55:24 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{0F1FA6D3-FC56-4A39-8401-A59B62ECC177}
[2012/06/03 19:55:09 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{597D3B7E-3E4B-48B2-A39C-072214EE73B9}
[2012/06/03 19:54:58 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{50DEC4DC-D868-4D3B-9677-8695EBB2F630}
[2012/06/03 07:54:30 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{C7BDB2F9-76D3-498A-8190-4CCB2E6A689F}
[2012/06/03 07:54:19 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{C1A40ADE-94D3-405D-91B3-7F5A290500BD}
[2012/06/02 19:54:04 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{232BE4B0-1776-4DCC-9538-4A62C19F2E36}
[2012/06/02 19:53:52 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{3829A531-0688-4408-947D-469C1F6E4C8E}
[2012/06/02 07:53:25 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{37843266-34D0-4C76-A040-2C72AF98B6E7}
[2012/06/02 07:53:14 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{3354A4C2-EB61-4298-B8C0-C93362E646AD}
[2012/06/01 19:52:59 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{D9822D49-2A50-48B9-8BC0-E8D7ADFC7F9B}
[2012/06/01 19:52:47 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{AED426E9-E6FE-494E-A1A7-9A6A8FC5E375}
[2012/06/01 07:52:19 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{C04EB330-CB85-4AD8-8E40-B81D378AA5FF}
[2012/06/01 07:52:08 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{0518BF2B-1D1B-4A0A-828A-E931EF9F8AEB}
[2012/05/31 19:51:53 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{BFB076C9-5CB6-4689-83A6-2276A04ECFAB}
[2012/05/31 19:51:41 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{8C1B2651-F16A-4AFA-BF4C-B1E163FB1131}
[2012/05/31 07:51:16 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{25BCAF09-B315-4CF2-A600-6C363ED885B6}
[2012/05/31 07:51:05 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{A0F2EDC2-B20B-4E44-B071-38C2832EABA7}
[2012/05/30 19:50:50 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{312AF2BF-2929-4F1C-9DF4-88F83F2D5847}
[2012/05/30 19:50:38 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{F6FB93C9-6B07-4ED8-A852-A86D73AEC860}
[2012/05/30 07:50:11 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{5B40E425-24B8-4A04-A513-CA1214B19239}
[2012/05/30 07:50:00 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{8235498C-3254-4E34-873D-137FAFAF3A57}
[2012/05/29 19:49:45 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{4FD7DC18-AD09-466C-89D9-1F1B782B235C}
[2012/05/29 19:49:34 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{A18FC5A5-BF3A-4FF8-B479-B264370126DB}
[2012/05/29 14:50:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/05/29 07:49:09 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{0DB5C9F0-BE8F-445C-8F65-0429B12CAFA9}
[2012/05/29 07:48:57 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{BAE8F72E-9C58-4960-B52C-D3DFBBC940A3}
[2012/05/28 19:48:42 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{17A59C20-4BE8-4643-9433-3F2E219CE382}
[2012/05/28 19:48:31 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{2D9898F1-8955-43B5-AB46-6109ECC4B2A4}
[2012/05/28 07:48:05 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{1F65BA75-8912-427F-8DB0-BAB64D7E083B}
[2012/05/28 07:47:54 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{866371F1-D66A-46BE-804B-DEB9BC364DCC}
[2012/05/27 19:47:39 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{545FFBB5-13E3-456C-9618-4DAD854A5813}
[2012/05/27 19:47:28 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{AEB97FBF-75A0-41FA-8CCD-DB5165713AB9}
[2012/05/27 07:47:02 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{C0134526-8B61-4E56-AFAD-FB1443FCC6A9}
[2012/05/27 07:46:50 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{4CA02999-2EF0-4762-B02C-56FF59ED03E3}
[2012/05/26 19:46:36 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{EC929026-FFB5-4FAB-8841-38C94E828B96}
[2012/05/26 19:46:24 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{53DE3EE4-1AD8-4D2D-A700-AB001291724D}
[2012/05/26 07:45:57 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{B45BB3B4-284A-442F-BD9D-244F6A09D29C}
[2012/05/26 07:45:45 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{B5215A94-7DB1-448E-A3E5-7CFCB8138C22}
[2012/05/25 19:45:30 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{C83B4FBD-BD2B-4FFA-8EA3-E1998F9F7C9C}
[2012/05/25 19:45:19 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{9F881598-9076-41A5-92FE-9AC9B3B9DFA0}
[2012/05/25 07:44:51 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{810193E7-9840-4D1A-A09F-27C0319BB46D}
[2012/05/25 07:44:40 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{537126EE-8397-4992-B189-CEDB076CA86F}
[2012/05/24 19:44:25 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{E8190DA1-F28A-45AE-9A44-B722EDD7B79D}
[2012/05/24 19:44:13 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{EE0DCA3A-6C4D-493A-A970-BA8DFDC78AD9}
[2012/05/24 07:43:46 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{54E05D1B-DC9D-444F-823D-F560CE232A9C}
[2012/05/24 07:43:34 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{435E1791-C0F4-44FE-91BE-35B1AF6E48B3}
[2012/05/23 19:43:19 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{4EBB5637-57A8-4D52-9990-0DCE27CD2FC5}
[2012/05/23 19:43:07 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{9639C2DA-F3D7-416E-B266-AC8471873CCA}
[2012/05/23 07:42:42 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{85580B46-AC9A-49B9-B5F4-B8E8823136E4}
[2012/05/23 07:42:30 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{134EEC68-0800-40F0-835D-CBC193B8B2FD}
[2012/05/22 19:42:15 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{49158F02-A243-4C6C-9116-FD09523D8BBC}
[2012/05/22 19:42:04 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{F5908EEE-630F-40B7-863E-8859ABBD8714}
[2012/05/22 07:41:37 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{FDBD9CB8-B98F-4441-81A0-3CD3EA3476E4}
[2012/05/22 07:41:25 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{4A73F36A-F9F2-4C07-8356-35FC6DD5B356}
[2012/05/21 19:41:10 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{A4A54BA3-6EA7-45FB-9741-2BB23D613346}
[2012/05/21 19:40:58 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{A28669A8-E45B-48A4-948E-BC9947030562}
[2012/05/21 07:40:32 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{D5AC9E14-741F-42CE-BF25-0128D2FFC092}
[2012/05/21 07:40:21 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{C9FEFB8B-5045-478D-9DEB-E165A5C47CA8}
[2012/05/20 19:40:06 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{FF877E38-017B-4C8E-BFF8-141C24AF6523}
[2012/05/20 19:39:55 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{01CBAA1B-24F5-442D-B8E2-6609F036D9F9}
[2012/05/20 07:39:29 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{4A33F210-F305-4E3E-AA9C-2385197E1A55}
[2012/05/20 07:39:18 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{2B60CEE3-E886-4996-B320-C879CE413C61}
[2012/05/19 19:39:03 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{FCEA70E6-F96A-4D1C-9029-0077F47EC2D5}
[2012/05/19 19:38:51 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{44A24E38-B642-47B1-B3A4-D9463232EEB3}
[2012/05/19 07:38:26 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{57915985-19D8-4EA6-A5D4-4579A76D4E85}
[2012/05/19 07:38:14 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{F479C7D5-5B55-47E8-B80A-67F7CEF12E5F}
[2012/05/18 19:37:59 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{2C8A1B5D-D838-4A18-BFCC-81E272B2D25C}
[2012/05/18 19:37:48 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{DB82C520-11C5-4FB8-8C54-FA8A6FCA512D}
[2012/05/18 07:37:20 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{6B900F30-2251-4E29-8630-A472208D7687}
[2012/05/18 07:37:09 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{0284F820-3BDC-443B-ABD9-832C6656CD65}
[2012/05/17 19:36:36 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{723E9041-98E2-4E2C-9C7A-CE8DE8E7CE55}
[2012/05/17 19:36:22 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{C89EC6F5-99C3-4B76-83F1-CAD7D830B0EA}
[2012/05/17 19:21:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology
[2012/05/17 19:19:08 | 000,104,560 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2012/05/17 19:18:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Atheros_L1e
[2012/05/17 19:14:59 | 000,083,968 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2012/05/17 19:14:58 | 000,085,504 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2012/05/17 19:14:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2012/05/17 19:14:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/05/17 19:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/05/17 19:12:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
[2012/05/17 19:11:28 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Roaming\Splashtop
[2012/05/17 19:11:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2012/05/17 19:11:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Splashtop
[2012/05/17 19:05:03 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{B19C093F-7F45-4C3D-B4AF-9128213994AF}
[2012/05/17 17:37:32 | 000,000,000 | ---D | C] -- C:\Users\Vid\AppData\Local\{88F2E1B2-C352-40DD-A730-D9E81F62E9F4}

========== Files - Modified Within 30 Days ==========

[2012/06/15 12:56:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/15 12:51:40 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Vid\Desktop\OTL.exe
[2012/06/15 12:44:09 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2012/06/15 12:02:36 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 12:02:36 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 11:57:05 | 000,006,302 | ---- | M] () -- C:\Users\Vid\funshion.ini
[2012/06/15 11:56:59 | 000,000,911 | ---- | M] () -- C:\Users\Vid\AppData\Roaming\coreavc.ini
[2012/06/15 11:55:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/15 11:55:19 | 2117,644,287 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/15 11:18:55 | 100,404,965 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/06/15 09:15:16 | 000,413,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/15 08:07:17 | 000,735,438 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/15 08:07:17 | 000,618,132 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/15 08:07:17 | 000,107,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/11 17:01:25 | 000,487,575 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/06/07 20:34:33 | 000,001,738 | ---- | M] () -- C:\Windows\SysWow64\EmailAVConfig.xml
[2012/05/29 14:50:20 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/05/17 19:19:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012/05/17 19:07:31 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini

========== Files Created - No Company Name ==========

[2012/06/07 20:34:33 | 000,001,738 | ---- | C] () -- C:\Windows\SysWow64\EmailAVConfig.xml
[2012/05/17 19:19:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012/05/17 19:17:22 | 000,001,214 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2012/05/17 19:14:41 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/04/20 14:52:27 | 000,007,597 | ---- | C] () -- C:\Users\Vid\AppData\Local\Resmon.ResmonCfg
[2011/12/08 16:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011/10/23 15:16:36 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/10/23 15:16:36 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/10/20 22:01:22 | 000,000,911 | ---- | C] () -- C:\Users\Vid\AppData\Roaming\coreavc.ini
[2011/10/20 17:54:56 | 000,000,424 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2011/10/20 17:51:09 | 000,001,477 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2011/10/20 17:50:40 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011/10/20 08:31:32 | 000,734,810 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/19 20:52:51 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2011/10/19 20:52:04 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/10/19 20:25:43 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\CommCmd.dll
[2011/10/19 20:21:45 | 000,072,280 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
[2011/10/19 20:18:22 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011/08/10 16:22:12 | 000,001,244 | ---- | C] () -- C:\Windows\SysWow64\funshion.ini
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== LOP Check ==========

[2012/06/15 09:45:36 | 000,000,000 | ---D | M] -- C:\Users\Vid\AppData\Roaming\Ad-Aware Antivirus
[2011/10/20 21:02:06 | 000,000,000 | ---D | M] -- C:\Users\Vid\AppData\Roaming\AVG2012
[2012/05/06 23:43:04 | 000,000,000 | ---D | M] -- C:\Users\Vid\AppData\Roaming\BITS
[2011/10/20 21:58:13 | 000,000,000 | ---D | M] -- C:\Users\Vid\AppData\Roaming\FlashGet
[2011/10/20 21:57:37 | 000,000,000 | ---D | M] -- C:\Users\Vid\AppData\Roaming\FlashGetBHO
[2011/10/21 10:46:09 | 000,000,000 | ---D | M] -- C:\Users\Vid\AppData\Roaming\FlashgetSetup
[2012/04/14 11:49:41 | 000,000,000 | ---D | M] -- C:\Users\Vid\AppData\Roaming\KlLauncherTS
[2012/05/17 19:12:14 | 000,000,000 | ---D | M] -- C:\Users\Vid\AppData\Roaming\Splashtop
[2012/04/19 20:25:48 | 000,032,542 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

Any helps would be much appreciated. Thnx!!
  • 0

Advertisements

#2
Satchfan
Posted 15 June 2012 - 02:32 AM

Satchfan

    Trusted Helper

  • Malware Removal
  • 624 posts
Hello vid and welcome to the G2G forum.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

  • please follow all instructions in the order posted
  • please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
  • all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
  • if you don't understand something, please don't hesitate to ask for clarification before proceeding
  • the fixes are specific to your problem and should only be used for this issue on this machine.
  • please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

I am looking at your log now and will reply with instructions shortly

Satchfan
  • 0

#3
Satchfan
Posted 15 June 2012 - 02:40 AM

Satchfan

    Trusted Helper

  • Malware Removal
  • 624 posts
Hello again Vid

Run Security Check

Download Security Check by screen317 from here or here.

  • save it to your Desktop.
  • double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • a Notepad document should open automatically called checkup.txt; please post the contents of that document.

Please could you also post the Attach.txt log that was also generated when you ran OTL. You’ll find it on your desktop.

Thanks

Satchfan
  • 0

#4
vid
Posted 15 June 2012 - 08:47 PM

vid

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Hi thnx for the quick reply. I've download security check and below is the log of checkup.txt. :

Results of screen317's Security Check version 0.99.41
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Lavasoft Ad-Aware
AVG Anti-Virus Free Edition 2012
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
SpywareBlaster 4.6
Java™ 6 Update 31
Java version out of date!
Adobe Reader X (10.1.3)
Mozilla Firefox (for.)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
AVG avgwdsvc.exe
AVG avgtray.exe
Ad-Aware Antivirus AdAwareService.exe
Funshion Online Funshion FunshionService.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````


As for the Attach.txt log, OTL did not generate. Could not find it on my desktop.
  • 0

#5
Satchfan
Posted 16 June 2012 - 02:26 AM

Satchfan

    Trusted Helper

  • Malware Removal
  • 624 posts
Hi again Vid

First off, you can not run more than one real-time antivirus at the same time. Although many have different methods of searching for and recognising threats, they will all be 'fighting' in memory to kick each other out, rendering them all ineffective. This could be what is making your computer slow and unstable.

You have Microdoft Security Essentials, AVG and Ad-Aware which, although disabled at the time of the scan, has an antivirus component.

Which two you uninstall is your choice but my recommendation would be to keep Microsoft Security Essentials and uninstall the other two.

Uninstall programs

  • click on Start, Control Panel
  • click Uninstall Programs (it may take time for the list to appear, so be patient)
  • scroll down the list and look for any the programs you are uninstalling
  • click on it/them one at a time and then on Remove.

Run AVG removal tool

If you choose to uninstall AVG, there will still be some remnants of it on your computer even after the uninstall so please download and run AVG Removal Tool from here

===================================================

Run DDS

Please download DDS by sUBs from one of the following links and save it to your desktop.

  • Disable any script blocking protection (How to Disable your Security Programs)
  • double click DDS icon to run the tool (may take up to 3 minutes to run)
  • when done, DDS.txt will open.
  • after a few moments, attach.txt will open in a second window.
  • save both reports to your desktop.
  • Post the contents of the DDS.txt and Attach.txt reports in your next reply

===================================================

Run aswMBR

  • download aswMBR.exe to your desktop.
  • double click aswMBR.exe to run it
  • if asked, accept the AVAST virus definition download
  • click the "Scan" button to start scan
  • on completion of the scan click Save log, save it to your desktop and post in your next reply

Please include the following in your next post :

DDS.txt
Attach.txt
aswMBR log

Thanks

Satchfan
  • 0

#6
Satchfan
Posted 20 June 2012 - 09:16 AM

Satchfan

    Trusted Helper

  • Malware Removal
  • 624 posts
Hello Vid

It has been several days since I sent instructions to help with your computer problems.

Please let me know if you still need help

Satchfan
  • 0

#7
Satchfan
Posted 21 June 2012 - 04:24 PM

Satchfan

    Trusted Helper

  • Malware Removal
  • 624 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP