Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Random Alt Tabs when playing games - Don't know if it's a viru

Started by Sybax , Jul 12 2012 11:46 PM

  • Please log in to reply

#1
Sybax
Posted 12 July 2012 - 11:46 PM

Sybax

    New Member

  • Member
  • Pip
  • 2 posts
Hi, I don't know if this is a virus, malware, or any of that sort. My computer randomly alt-tabs when I play games. It doesn't really happen when I do anything else. It doesn't alt tab to anything in particular; it just alt tabs to the next window that was open previously. This occurrence is sporadic and doesn't really have a pattern I can notice. I assumed it was a program in the background and I ended certain processes on Task Manager that I thought might be causing this trouble, but nothing stopped the random alt-tabs.I've scoured the internet to find a solution, but it wasn't fruitful. You can imagine the annoyance of this during game play.

Here is what OTL has brought up:

7.98 Gb Total Physical Memory | 4.84 Gb Available Physical Memory | 60.68% Memory free
15.95 Gb Paging File | 12.50 Gb Available in Paging File | 78.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 580.47 Gb Free Space | 62.32% Space Free | Partition Type: NTFS

Computer Name: AJ | User Name: Andy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/13 01:32:55 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Andy\Desktop\Protection\OTL.exe
PRC - [2012/07/10 17:23:28 | 018,846,912 | ---- | M] (Blizzard Entertainment) -- C:\Diablo III #2\Diablo III.exe
PRC - [2012/06/19 17:07:36 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/06/19 16:06:16 | 000,529,232 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/06/18 18:04:09 | 005,845,624 | ---- | M] (Blizzard Entertainment) -- C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
PRC - [2012/04/26 13:30:28 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/01/15 04:58:30 | 004,431,328 | ---- | M] (Thorvald Natvig) -- C:\Program Files (x86)\Mumble\mumble.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/11 18:18:35 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/07/11 17:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011/03/09 00:35:28 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
PRC - [2010/11/16 21:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/11/05 23:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/11/03 05:30:14 | 000,918,144 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
PRC - [2008/11/12 16:10:46 | 000,846,336 | ---- | M] () -- C:\Users\Andy\AppData\Local\Temp\Rar$EX00.892\pbsetup.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/19 17:07:35 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/06/19 16:06:16 | 020,313,384 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/06/19 16:06:16 | 000,214,528 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\mssvoice.asi
MOD - [2012/06/19 16:06:16 | 000,095,744 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\mssmp3.asi
MOD - [2012/06/19 16:06:13 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/06/19 16:06:13 | 000,895,312 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/06/19 16:06:13 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/06/19 16:06:13 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/06/14 07:26:55 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09c8d6d920629b945ab15a699166fe0c\IAStorUtil.ni.dll
MOD - [2012/06/14 07:24:56 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012/06/14 07:24:51 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012/06/14 06:05:01 | 012,079,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\fdb5565e4c807a8cd79de9f40c0cd644\System.Web.ni.dll
MOD - [2012/06/14 03:04:56 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
MOD - [2012/06/14 03:04:47 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012/06/14 03:04:44 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:04:40 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012/06/14 03:04:38 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012/05/31 12:28:12 | 000,021,272 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\wolfet.dll
MOD - [2012/05/16 22:31:48 | 000,023,624 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\lol.dll
MOD - [2012/05/15 16:04:53 | 000,031,304 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\tf2.dll
MOD - [2012/05/15 16:04:51 | 000,032,328 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\l4d2.dll
MOD - [2012/05/14 23:35:20 | 001,072,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bd28f26b18b8ffeee1a0fbaa98f5810e\System.IdentityModel.ni.dll
MOD - [2012/05/14 23:35:19 | 018,058,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll
MOD - [2012/05/14 23:34:22 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\05787d96761cf20b76b927ace10ef1d3\UIAutomationProvider.ni.dll
MOD - [2012/05/14 23:34:21 | 001,925,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\dbe597aa9c12df5d08fb2f3f9872b834\System.Web.Services.ni.dll
MOD - [2012/05/14 23:34:20 | 000,244,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\d8b4dcd719a3805ab0bce3c8cdfe8288\System.Runtime.Caching.ni.dll
MOD - [2012/05/14 23:34:20 | 000,071,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\9b418f37f4594806e1f4b0ed6d083a95\System.Web.ApplicationServices.ni.dll
MOD - [2012/05/14 23:34:14 | 000,787,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll
MOD - [2012/05/14 23:34:14 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.Wrapper.dll
MOD - [2012/05/14 23:34:13 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll
MOD - [2012/05/14 23:34:13 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll
MOD - [2012/05/14 23:34:12 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
MOD - [2012/05/14 23:34:12 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll
MOD - [2012/05/14 23:34:10 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll
MOD - [2012/05/14 23:33:54 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012/05/14 23:33:53 | 000,258,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Fra#\71a3a98ff5fb128d3abf6ecc3224ba6b\Microsoft.Build.Framework.ni.dll
MOD - [2012/05/14 23:33:48 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\62c1a496dff99a6e5f5e4278d31ca4c1\Accessibility.ni.dll
MOD - [2012/05/14 23:32:09 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\1308b3b2c033226ddd613752a37e3272\IAStorCommon.ni.dll
MOD - [2012/05/14 03:24:50 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll
MOD - [2012/05/14 03:24:23 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
MOD - [2012/05/14 03:24:19 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012/05/14 03:24:17 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012/05/14 03:24:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012/05/14 03:24:11 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2012/05/14 03:05:32 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
MOD - [2012/05/14 03:04:05 | 006,815,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
MOD - [2012/05/14 03:03:58 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/05/14 03:03:58 | 002,550,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\fdb98c6d783fe167c1dc0022f27b7cd6\System.Data.SqlXml.ni.dll
MOD - [2012/05/14 03:03:56 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/05/14 03:03:55 | 000,736,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\5a3beae8b211b91bfc620c029cf4c2d4\System.Security.ni.dll
MOD - [2012/05/14 03:03:54 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012/05/14 03:03:53 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/05/14 03:03:50 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/05/14 03:03:50 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
MOD - [2012/05/01 12:07:02 | 000,071,752 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\manual.dll
MOD - [2012/05/01 12:07:02 | 000,037,960 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\insurgency.dll
MOD - [2012/05/01 12:07:02 | 000,037,960 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\hl2dm.dll
MOD - [2012/05/01 12:07:02 | 000,037,960 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\gmod.dll
MOD - [2012/05/01 12:07:02 | 000,037,960 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\dys.dll
MOD - [2012/05/01 12:07:02 | 000,037,960 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\dods.dll
MOD - [2012/05/01 12:07:02 | 000,037,960 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\css.dll
MOD - [2012/05/01 12:07:02 | 000,031,816 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\wow.dll
MOD - [2012/05/01 12:07:02 | 000,023,624 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\sto.dll
MOD - [2012/05/01 12:07:02 | 000,023,624 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\etqw.dll
MOD - [2012/05/01 12:07:02 | 000,023,112 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\l4d.dll
MOD - [2012/05/01 12:07:02 | 000,022,600 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\cs.dll
MOD - [2012/05/01 12:07:02 | 000,021,064 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\ut3.dll
MOD - [2012/05/01 12:07:02 | 000,021,064 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\ut2004.dll
MOD - [2012/05/01 12:07:02 | 000,021,064 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\gtaiv.dll
MOD - [2012/05/01 12:07:02 | 000,021,064 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\codmw2so.dll
MOD - [2012/05/01 12:07:02 | 000,021,064 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\codmw2.dll
MOD - [2012/05/01 12:07:02 | 000,021,064 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\cod5.dll
MOD - [2012/05/01 12:07:02 | 000,019,528 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\link.dll
MOD - [2012/05/01 12:07:01 | 000,038,984 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\bf2.dll
MOD - [2012/05/01 12:07:01 | 000,037,960 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\aoc.dll
MOD - [2012/05/01 12:07:01 | 000,024,136 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\borderlands.dll
MOD - [2012/05/01 12:07:01 | 000,023,624 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\cod4.dll
MOD - [2012/05/01 12:07:01 | 000,022,600 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\bf2142.dll
MOD - [2012/05/01 12:07:01 | 000,021,064 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\cod2.dll
MOD - [2012/05/01 12:07:01 | 000,021,064 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\breach.dll
MOD - [2012/05/01 12:07:01 | 000,021,064 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\bfbc2.dll
MOD - [2012/05/01 12:07:01 | 000,021,064 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\bf1942.dll
MOD - [2012/05/01 12:07:01 | 000,020,552 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\bfheroes.dll
MOD - [2012/05/01 12:07:01 | 000,020,552 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\arma2.dll
MOD - [2012/04/30 21:20:33 | 000,020,552 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\bf3.dll
MOD - [2012/03/21 21:10:19 | 000,022,600 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mumble\Plugins\lotro.dll
MOD - [2011/10/25 21:50:34 | 008,522,400 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/02/19 14:47:20 | 000,168,104 | ---- | M] () -- C:\Program Files (x86)\Mumble\speex.dll
MOD - [2011/02/19 14:47:14 | 000,129,192 | ---- | M] () -- C:\Program Files (x86)\Mumble\mumble_ol.dll
MOD - [2011/02/19 14:47:08 | 000,079,528 | ---- | M] () -- C:\Program Files (x86)\Mumble\celt0.0.7.0.sse2.dll
MOD - [2011/02/19 14:46:56 | 000,094,888 | ---- | M] () -- C:\Program Files (x86)\Mumble\celt0.0.11.0.sse2.dll
MOD - [2011/01/10 20:32:04 | 001,070,760 | ---- | M] () -- C:\Program Files (x86)\Mumble\libprotobuf.dll
MOD - [2011/01/10 20:30:54 | 000,042,152 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\iconengines\qsvgicon4.dll
MOD - [2011/01/10 20:30:40 | 000,308,904 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qtiff4.dll
MOD - [2011/01/10 20:30:28 | 000,027,816 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qsvg4.dll
MOD - [2011/01/10 20:30:18 | 000,246,952 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qmng4.dll
MOD - [2011/01/10 20:30:08 | 000,208,552 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qjpeg4.dll
MOD - [2011/01/10 20:29:58 | 000,034,472 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qico4.dll
MOD - [2011/01/10 20:29:48 | 000,032,424 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtPlugins\imageformats\qgif4.dll
MOD - [2011/01/10 20:21:10 | 008,223,744 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtGui4.dll
MOD - [2010/12/04 16:47:38 | 000,957,952 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtNetwork4.dll
MOD - [2010/11/09 22:46:08 | 000,271,360 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtSvg4.dll
MOD - [2010/11/09 22:39:20 | 000,691,712 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtOpenGL4.dll
MOD - [2010/11/09 22:24:58 | 000,679,936 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtSql4.dll
MOD - [2010/11/09 22:05:58 | 000,342,528 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtXml4.dll
MOD - [2010/11/09 22:05:46 | 002,343,424 | ---- | M] () -- C:\Program Files (x86)\Mumble\QtCore4.dll
MOD - [2010/10/04 02:50:48 | 002,259,968 | ---- | M] () -- C:\Program Files (x86)\Mumble\libsndfile-1.dll
MOD - [2010/07/09 08:41:42 | 002,359,296 | ---- | M] () -- C:\Program Files (x86)\Mumble\libmysql.dll
MOD - [2009/09/09 16:28:56 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Mumble\zlib1.dll
MOD - [2008/11/12 16:10:46 | 000,846,336 | ---- | M] () -- C:\Users\Andy\AppData\Local\Temp\Rar$EX00.892\pbsetup.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/04/05 22:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/03/30 08:07:17 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2010/08/12 15:00:20 | 000,133,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/19 17:07:35 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/19 16:06:16 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/04/26 13:30:28 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/02/28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/11/14 05:16:38 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\Andy\AppData\Local\Temp\7zS606D\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/07 08:40:00 | 003,804,120 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/07/17 14:10:16 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/01/27 17:13:50 | 000,226,624 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/11/03 05:30:14 | 000,918,144 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe -- (asComSvc)
SRV - [2010/10/27 16:18:52 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/06 01:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/04/05 21:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/23 08:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/10/07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/10 01:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 01:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/11/22 03:09:06 | 000,303,408 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2010/11/05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/27 15:50:28 | 000,301,680 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010/10/27 15:50:28 | 000,279,152 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010/10/27 15:50:28 | 000,203,624 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010/10/27 15:50:28 | 000,156,520 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010/10/27 15:50:28 | 000,058,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010/10/27 15:50:28 | 000,055,336 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2010/10/27 15:50:28 | 000,038,248 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010/10/27 15:50:28 | 000,031,080 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010/09/21 02:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel®
DRV:64bit: - [2010/08/10 05:29:16 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007/08/06 20:21:32 | 000,057,776 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmood...m/?f=1&a=ironto
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 68 A7 E1 73 07 41 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0978B7C4-F4F9-4747-917D-849172F18BB8}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0978B7C4-F4F9-4747-917D-849172F18BB8}: "URL" = http://start.funmood...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "www.google.com"


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/02/02 01:35:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/19 17:07:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/14 08:16:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/19 17:07:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/14 08:16:15 | 000,000,000 | ---D | M]

[2011/07/12 23:10:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andy\AppData\Roaming\Mozilla\Extensions
[2012/07/04 17:11:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\9gzzs5rr.default\extensions
[2012/03/29 22:05:58 | 000,001,800 | ---- | M] () -- C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\9gzzs5rr.default\searchplugins\funmoods.xml
[2012/01/08 09:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/04 17:11:59 | 000,743,290 | ---- | M] () (No name found) -- C:\USERS\ANDY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9GZZS5RR.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/06/19 17:07:36 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/07/11 17:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/06/19 17:07:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/19 17:07:35 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2010/04/30 14:56:09 | 000,001,798 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files (x86)\Bodog Poker\BPGame.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{998946F1-4443-4531-8C60-5AFE15841F09}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2431c919-ad75-11e0-bf22-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2431c919-ad75-11e0-bf22-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe
O33 - MountPoints2\{3618ef36-c04d-11e1-b59e-00268316610c}\Shell - "" = AutoRun
O33 - MountPoints2\{3618ef36-c04d-11e1-b59e-00268316610c}\Shell\AutoRun\command - "" = G:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/12 16:12:57 | 000,000,000 | R--D | C] -- C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012/07/10 17:23:07 | 000,000,000 | ---D | C] -- C:\Users\Andy\Desktop\Routines
[2012/07/10 17:23:07 | 000,000,000 | ---D | C] -- C:\Users\Andy\Desktop\Plugins
[2012/07/05 11:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
[2012/07/01 22:58:53 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Local\CPN
[2012/06/28 10:48:37 | 000,000,000 | ---D | C] -- C:\Users\Andy\Desktop\New folder
[2012/06/28 03:00:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/06/27 12:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2012/06/27 12:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Inc
[2012/06/27 12:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola
[2012/06/27 12:12:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola
[2012/06/23 16:13:27 | 000,000,000 | R--D | C] -- C:\Users\Andy\Dropbox
[2012/06/23 16:11:42 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012/06/23 16:10:51 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Dropbox
[2012/06/20 13:23:11 | 000,000,000 | ---D | C] -- C:\Users\Andy\Desktop\Nintendo
[2012/06/18 05:54:10 | 000,000,000 | ---D | C] -- C:\Diablo III #3
[2012/06/16 01:01:52 | 000,000,000 | ---D | C] -- C:\Diablo III #2
[2012/06/13 15:27:02 | 000,000,000 | ---D | C] -- C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012/06/13 15:09:37 | 000,000,000 | ---D | C] -- C:\Users\Andy\Documents\StarCraft II
[2012/06/13 15:09:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2012/06/13 15:09:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2011/07/12 23:27:29 | 078,078,224 | ---- | C] (K2 Network, Inc.) -- C:\Program Files (x86)\APB_Reloaded_Installer.exe

========== Files - Modified Within 30 Days ==========

[2012/07/13 01:11:17 | 000,012,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/13 01:11:17 | 000,012,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/12 18:30:32 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/07/12 18:30:32 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/07/12 18:29:15 | 000,281,288 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/07/12 16:12:56 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2012/07/12 16:11:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/12 16:11:04 | 2129,354,751 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/12 05:18:58 | 101,389,091 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/07/12 03:20:25 | 005,086,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/10 06:08:04 | 000,000,068 | ---- | M] () -- C:\Users\Andy\Desktop\How to Sing Vibrato - YouTube.URL
[2012/07/09 18:55:35 | 000,495,434 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/07/03 09:27:50 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/03 09:27:50 | 000,660,280 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/03 09:27:50 | 000,121,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/28 02:39:12 | 000,000,118 | ---- | M] () -- C:\Users\Andy\Desktop\The Top 5 Trapezius Exercises With Dumbbells.URL
[2012/06/27 12:10:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/06/26 10:14:51 | 000,001,014 | ---- | M] () -- C:\Users\Andy\Desktop\Diablo III #3.lnk
[2012/06/26 10:09:46 | 000,001,474 | ---- | M] () -- C:\Users\Andy\Desktop\Diablo III.lnk
[2012/06/26 10:08:47 | 000,001,014 | ---- | M] () -- C:\Users\Andy\Desktop\Diablo III #2.lnk
[2012/06/13 15:26:16 | 000,001,093 | ---- | M] () -- C:\Users\Andy\Desktop\StarCraft II.lnk

========== Files Created - No Company Name ==========

[2012/07/10 06:08:04 | 000,000,068 | ---- | C] () -- C:\Users\Andy\Desktop\How to Sing Vibrato - YouTube.URL
[2012/06/28 02:39:12 | 000,000,118 | ---- | C] () -- C:\Users\Andy\Desktop\The Top 5 Trapezius Exercises With Dumbbells.URL
[2012/06/27 12:10:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/06/26 10:14:36 | 000,001,014 | ---- | C] () -- C:\Users\Andy\Desktop\Diablo III #3.lnk
[2012/06/26 10:08:30 | 000,001,474 | ---- | C] () -- C:\Users\Andy\Desktop\Diablo III.lnk
[2012/06/26 10:08:30 | 000,001,014 | ---- | C] () -- C:\Users\Andy\Desktop\Diablo III #2.lnk
[2012/06/13 15:09:37 | 000,001,093 | ---- | C] () -- C:\Users\Andy\Desktop\StarCraft II.lnk
[2012/04/05 21:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/04/05 21:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/01/18 02:26:37 | 000,005,884 | ---- | C] () -- C:\Users\Andy\AppData\Local\c4dab390
[2012/01/18 02:26:37 | 000,005,853 | ---- | C] () -- C:\Users\Andy\AppData\Roaming\1e48b018
[2012/01/18 02:26:37 | 000,005,781 | ---- | C] () -- C:\ProgramData\fe027b56
[2011/09/12 18:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/07/22 16:30:32 | 000,008,463 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp DSP Effects.dat
[2011/07/22 16:30:30 | 000,013,287 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2011/07/22 16:08:02 | 002,433,400 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/07/13 16:03:42 | 000,772,990 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/13 01:05:56 | 000,281,288 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/07/13 01:05:53 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/07/13 00:54:29 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/07/13 00:54:28 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/07/13 00:54:28 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/07/13 00:54:28 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/07/13 00:54:28 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/07/12 23:27:29 | 3816,745,337 | ---- | C] () -- C:\Program Files (x86)\Client1.5.1.565640.7z
[2011/07/12 23:24:29 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/07/12 23:19:32 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/07/12 23:08:37 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011/07/12 23:08:27 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011/07/12 22:33:53 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011/07/12 22:33:51 | 000,028,905 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011/04/09 19:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== LOP Check ==========

[2011/09/29 15:09:39 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\AVG2012
[2012/07/05 02:02:53 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Dropbox
[2011/08/31 06:11:55 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\LolClient
[2012/07/13 01:30:17 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\Mumble
[2012/03/21 00:30:18 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\RotMG.Production
[2012/06/24 11:50:36 | 000,000,000 | ---D | M] -- C:\Users\Andy\AppData\Roaming\uTorrent
[2012/05/20 00:51:13 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Edited by Sybax, 12 July 2012 - 11:49 PM.

  • 0

Advertisements

#2
Sybax
Posted 13 July 2012 - 08:17 PM

Sybax

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I'm guessing it cannot be found with OTL? It's not a virus of any sort?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP